Open-source intelligence (OSINT) is critical for identifying and mitigating operational disruption. Multiple security functions – executive protection, supply chain, workplace violence, and others – rely on OSINT to identify risks and investigate threat actors.
But the sheer volume of potential alerts and web activity can be overwhelming, especially to small or nascent security teams.
2020 was a banner year for all-hazard threats. Organizations relied heavily on security teams to keep their colleagues and offices safe from weather disasters, civil unrest, a worldwide health crisis, and degrading economic conditions.
On Jan. 27, 2021 we hosted 45-minute broadcast where panelists from Chubb, LifeRaft, and Topo.ai shared their proven methods for assessing operational disruption to keep their colleagues and offices safe.
Manage data to manage the crisis
One key takeaway: the crucial role of data in mitigating operational disruption. When facing any complex or long-term crisis, identify the risk metrics that matter most to your organization. These should be based on your business, profitability drivers, culture, and tolerance for risk. If these are coming from many sources and need to be correlated, you will either need a lot of time to conduct the analysis or the right technology to analyze the data for you.
Work with HR, legal, communications, and other stakeholders to understand what data is best for mitigating risk and how to share relevant information between teams. From there, keep employees as informed as possible on how protocols are being developed and rolled out. Take into account which information should be as immediate alerts vs. rollup summaries.
When you’ve determined the metrics that matter the most, use that data to establish risk thresholds and make decisions based on that data. ‘Database decision making’ helps reduce the role of personal opinions and instead focuses on a particular set of benchmarks that can be adjusted if needed. Should there be negative impacts from a given crisis, a set of benchmarks approved by leadership also provides a more defensible rationale than personal opinions.
Our friends at LifeRaft have shared the full list of top takeaways from that broadcast.
Free open-source intelligence tools you can use
As discussed during the broadcast, the right technology tools can provide powerful capabilities and save valuable time. But maybe you don’t yet have budget or need to better understand the world of open-source intel to help you build your case.
Here are some free tools you can use to monitor persons of interest, aid investigations, and gather information to protect your organization.
TweetDeck is a Twitter-owned application that provides a dashboard for managing Twitter accounts. It is also a powerful research tool when used correctly. Here is a helpful guide on using those features.
Social Searcher is a search engine that allows you to monitor all public social mentions. It provides a good way to quickly measure and track what people are saying about your company, brand, product, or service.
DeHashed provides free deep-web scans and lets you search for IP addresses, emails, usernames, phone numbers, addresses, and more.
Foller.me is a Twitter analytics application that gives you insights about any public Twitter profile, including topics, mentions, hashtags, followers, locations, and more.