Understanding OSint

Author: Andrew Booth
Date: July 2020

In 2006, Steele forecast that OSINT would facilitate a shift towards the internet being the common operating environment for intelligence and investigation professionals. No longer would the stomping ground be on the street, watching and listening in clandestine operations.

Steele cited the ‘24/7’ nature of the internet, in which information can be seen in a real-time and geospatial context, as a key reason for his conclusion.

As always there are plenty of academic definitions of OSint, but they all include the basic facets of finding, gathering, exploiting, validating, analysing and sharing intelligence from publicly available print and electronic data from unclassified, non-secret sources, with end users, clients, colleagues or other stakeholders.

OSINT is the most frequently used form of intelligence gathering, desirable because of its abundance of raw material, ripe for further processing. The gathering of data and information from open sources has been an active focus of both nation states and business organisations for decades.

Not all organisations with an intelligence function can harvest the data efficiently. Indeed, there is little value in this publicly available information if it cannot be carefully found, selected, analysed, filtered, validated, reported and disseminated as a tailored product in a timely basis.  The searching, sifting and exploitation of the gems of information amongst the ocean of noise remains the concept that provides critical competitive advantage.

For the abundance of data to be distilled into valuable intelligence, an analyst must possess a vast set of competencies, from research and investigation skills, to current affairs knowledge and a deep understanding of the data sets that can support each investigation and its individual circumstance. These skills are hard to find.

Clearly, the abundance of data provides a real opportunity for organisations to make evidenced based decision to propel their operations forward, but the challenge is not the availability of the data. Three of the key challenges are:

  • Form
  • Internet volatility
  • Volume

The issues around form, internet volatility, volume and lack of tradecraft no longer need to paralyse an investigation or decision makers; Synalogik have developed Scout, an innovative intelligence tool providing real-time support for investigators, researchers and analysts alike.

Synalogik are working across multiple market sectors to support our clients with innovative software and professional services to support regulatory compliance, mitigate insider threat, combat criminality, automate open and closed data source searching and add velocity to laborious investigation related workflows; preventing and detecting criminality and undesirable behaviour.

Andrew Booth
Andrew is a security and risk specialist with experience in intelligence, investigations and transformational IT projects in security critical environments.