Why We Need Open Source Intelligence

From IC Insider Siren

By John Randles, CEO of Siren

Traditional vs Open Source

Traditional intelligence sources include Human Intelligence (HUMINT) and Signals Intelligence (SIGINT). HUMINT and SIGINT have dominated the intelligence community for decades because of their reliability, and availability. Leaders rely on these traditional approaches, yet they recognize the value of Open Source Intelligence (OSINT). When major events unfold, intelligence analysts must understand the social context of the event and its impact on their national security. OSINT provides the social context missing from traditional sources, such as motivations, cultural reflections, and atmospherics.

Four Key Advantages of OSINT

OSINT is commonly defined as information gathered from publicly or openly available sources to be used in the intelligence domain. OSINT’s four distinct advantages make it a favourite among all-source analysts. What are the four key advantages?

Firstly, intelligence analysis supports national security and is always shifting. Analysts move from one topic to another. They need to understand a country’s culture, social and economic status. OSINT provides rapid insight which is often missing in other intelligence disciplines.

Secondly, OSINT gives a historical account of events as they unfold. Few technical disciplines offer this type of insight. Historical events help analysts understand what motivated a leader to act in a certain way. Leaders reference open source intelligence sources without the need to declassify any material.

Thirdly, open source intelligence protects the sources or methods encountered during the reporting process. A leader can reference events to defend their position on a given policy. OSINT allows them to do this without needing to disclose sensitive sources.

Finally, open source Intelligence gives context to classified sources used to create an assessment. Various intelligence sources lack the broader context needed to understand the situation. Single-sourced assessments may result in a misunderstanding that can cripple an operation. OSINT fills in the gaps from fragmented sources used in the intelligence community.

Analytics – Empowering Open Source

Analytics platforms, like Siren, support the spectrum of data used in open-source intelligence. OSINT’s volume and complexity of unstructured and structured data demands a robust platform. Siren offers end-to-end capabilities that address these types of challenges. Its intuitive user interface supports analysts as they search for key bad actors.

As events unfold, Siren fuses data with other sources in real time. OSINT produces tremendous real-time and batch datasets that can cripple an organization. It is critical to fuse the new data with existing data in a seamless environment and Siren’s unique ability to onboard data using its fluid schema makes it ideal for OSINT.

What Types of Problems can OSINT Solve?

An analyst must first understand the problem their leadership is trying to solve. These problems then shape the technology needed and how the analysts actually use it. Siren, for example, contains capabilities that make it ideal for a wide spectrum of use cases. It supports OSINT missions while complementing users’ workflow.

For instance, analysts can explore and discover subjects of interest hidden in streaming social media. They can then fuse this data with existing case details in a single pane of glass. As new subjects of interest emerge, analysts explore their content, sentiment, and authors. Analysts are also able to reduce the timeframe of the investigation. Alerts help analysts and free them to explore other investigations. The alerts automate the discovery of new facts, reducing the analyst’s workload.

Siren helps analysts discover the who, what, when and where of their investigation. Its integrated maps, intuitive visualizations, and link analysis give effective insights.  New or emerging data sources merge with existing resources without IT support. In addition, Siren leverages the Elastic ecosystem embraced by most information technology departments. This helps reduce the cost of ownership and increases organization-wide adoption.  Siren also includes the latest machine learning and federated search capabilities.

Five Real-World OSINT Use Cases

Five distinct use cases stand out. These include:

  • Executive protection of key personnel from possible threats
  • Topics of interest mentioned on social media feeds
  • Area of interest mentioned on social media feeds
  • Identify social media accounts of interest proliferating derogatory information
  • Overnight queued updates from regions of interest

Let’s look at these in more detail, specifically in relation to how Siren can help…

Executive protection of key personnel from possible threats

Executives and leaders throughout the world value their security. Threat actors often use social media to announce their intent long before acting out. When these activities emerge, Siren can alert analysts in real time. Analysts can then understand the threat and their network. They can determine if they have the means to follow through based on their proximity. Siren fuses these events with historical activities and gives leadership time to act.

Topics of interest mentioned on social media feeds

Organizations struggle to track topics of interest hidden in OSINT data. Posted topics remain hidden without solutions like Siren. Analysts can sift through millions of posts and understand the sentiment with Siren. As topics of interest change, Siren can move from one set of key phrases to another.

Area of interest mentioned on social media feeds

Analysts often need to focus on a geographic area of interest in support of their mission. These areas of interest appear across OSINT sources and their content and implications must be studied. Siren’s geospatial and mapping capabilities are embedded in an intuitive graph/link analysis toolset.  Siren’s intuitive user interface ensures rapid adoption across today’s organizations.

Identify social media accounts of interest proliferating derogatory information

Derogatory information can come from any direction, anywhere and anytime. The key is understanding the intent behind it and containing it.  Siren can move across identified social media accounts in seconds. Analysts are then able to analyze who mentioned what and how they share the derogatory data. Analysts can determine the short-term and long-term effects of these actors.

Overnight queued updates from regions of interest

Organizations segment the world into regions to better handle the amount of data. These regions don’t sleep and events can emerge overnight with little notice. Siren ensures analysts remain aware of events through alerts. Automatic reports compile overnight and queue up for analysts based on their region. Siren enhances leadership’s ability to have constant visibility on the world’s key actors. As events unfold, Siren maintains a historical picture for analysts and leadership alike.

Closing Thought

Siren allows analysts to blend traditional and new intelligence disciplines, like OSINT, into a single view. Siren’s real-time processing of news and media sources are a must for any OSINT mission. Siren gives analysts the edge that they need.

About Siren

Siren provides the leading Investigative Intelligence platform to some of the world’s largest and most complex organizations for Investigative Intelligence on their data. Rooted in academic R&D in information retrieval, distributed computing and knowledge representation, the Siren platform provides integrated investigative intelligence combining previously disconnected capability of search, business intelligence, link analysis and big data operational logging and alerting.

Among Siren awards are Technology Innovation of the Year and the Irish Startup of the Year (Ireland’s National Tech Excellence awards). In 2020, Siren was named as a Gartner Cool Vendor in an Analytics and Data Science Report. For more information, visit www.siren.io.

About IC Insiders

IC Insiders is a special sponsored feature that provides deep-dive analysis, interviews with IC leaders, perspective from industry experts, and more. Learn how your company can become an IC Insider.