Recently, ShadowDragon COO, Jonathan Couch, contributed an article to InfoSecurity Magazine on the
potential for open-source intelligence (OSINT) to bolster security efforts within the private sector. In this
piece, Couch reflects on the current landscape of the OSINT community and the trajectory it’s poised to
take in the coming years, specifically within commercial settings. He asserts that as OSINT becomes
more broadly accepted in federal spaces, it opens the door for commercial use cases as well.
OSINT has a proven track record of robust applications in the public sector, such as addressing
challenging criminal cases ranging from human trafficking networks to national security concerns. But,
as data privacy concerns loom and employees continue creating more publicly available information
(PAI) online than ever before, it will become increasingly difficult to keep confidential company
information safe from threat actors. As these concerns have risen, so has the need for OSINT capabilities
to better mitigate risks.
One example of OSINT’s transformative power in the private sector can be observed through the CISO
shift towards proactively adopting technologies traditionally associated with risk and privacy to respond
effectively to breaches, understand the implications of data exposure and promptly meet regulatory
requirements. By leveraging OSINT as another source of information that’s different from commercially
available cyber threat intelligence, organizations can know what these criminals are saying online in the
form of PAI and better respond to potential or active threats.
Beyond traditional security use cases, OSINT has the power to be a valuable tool to address corporate
risk, fraud, human resources needs, insider threats and much more.
Over his 30-year career in network security, including nearly 20 years in commercial security operations,
Couch has witnessed the unprecedented growth of threat intelligence as a security tool for both offense
and defense, and now, OSINT. The bottom line? When organizations utilize OSINT, they must take care
to leverage it the right way. The ethical use of OSINT will be critical as more organizations adopt this
technology.
Read the full article: https://www.infosecurity-magazine.com/opinions/open-source-intel-commercial/
