BEN CONKLIN
The explosion of publicly available and commercially available information that is geotagged, time-boxed and capable of being rapidly aggregated has brought attributes to open-source intelligence (OSINT) long associated with more traditional intelligence disciplines.
Conventionally used as a gap filler and to provide valuable context, OSINT’s power as a mainstream tool for analysts and decision-makers has been enhanced and expanded. The most notable instance of this recently is the OSINT insight into the Russian invasion of Ukraine. Examples abound of “adtech” data accurately tracking troop movements and even providing targeting-level intelligence. This OSINT revolution is causing people to question how the intelligence community should organize itself to harness this evolving capability.
However, in a recent podcast interview, “Optimizing OSINT for the Intelligence Community,” Randy Nixon, director of the Open Source Enterprise at the CIA, challenged the assertion that there is an ongoing OSINT revolution. Instead, Nixon described it as an OSINT renaissance. In fact, the public is increasingly aware of the value of OSINT and is learning for the first time about a capability that has existed for decades. Whether it is a revolution or a renaissance, many recognize and applaud OSINT’s elevated role and its growing impact. Many important trends in OSINT are expected to profoundly impact the discipline for decades.
As we look at the future of OSINT, we see a rapidly evolving discipline largely driven by a revolution in data. The data revolution is both in volume and variety, along with the application of advanced technology. This growth also involves a more sophisticated tradecraft in which OSINT moves from being a discipline focused on exploiting media to exploiting multiple sources and modes of collection. This explosion of data, therefore, expands the aperture for OSINT to become not just an add-on but a primary intelligence source. For example, it can be used to cover those geographical and thematic problem sets for which the community is not optimized to collect or report. OSINT is also well-equipped to address nontraditional topics such as the security implications of climate change, the impact of economic statecraft, energy security, environmental security and organized crime. In addition, many broad-spectrum geopolitical issues such as arctic security, popular unrest in third-party countries and indicators and warnings of hostile action are appropriate themes for OSINT. Similarly, OSINT has increasing value in facilitating intelligence sharing, particularly with nontraditional partners without well-defined sharing protocols and policies. These include nation-to-nation, within coalitions, nongovernmental organizations and even the general populace. Ensuring partners have a shared understanding of a given situation and the information and insight they need to make sympathetic and coordinated decisions and actions can be extremely challenging when that information is derived from sensitive sources with potential for compromise.
Comparable open-source information can mitigate that risk, ensure a common perspective and support counter-disinformation operations. The ability to share open-source information that exposes or counters an adversary’s disinformation campaign—within diplomatic channels, in political discourse or even broad dissemination to the general media—without concern about exposing sources and methods is extremely powerful. It is not just external partners that will benefit from an increased use of OSINT because it can provide governmental institutions and decision-makers at all levels with readily accessible and digestible analyses without having to be in a suitably sterile environment or have access to high-side systems. Three key principles can help organizations effectively harness OSINT:
- Integrate OSINT using a consistent information model: The disparateness of OSINT information makes it difficult to effectively integrate into a common intelligence picture. Without a consistent system, the OSINT must be collected and integrated manually for every intelligence question. A consistent information model allows the creation and curation of foundational intelligence. This foundational information can be used to enrich and connect current intelligence to provide context and confidence. This allows organizations to take data, such as structured observations from imagery, and connect it to foundational intelligence, such as orders of battle or inventory data, to create a common intelligence picture.
- Use a single intelligence environment for effective human-machine teaming: The technology infrastructure for OSINT is still relatively immature. Many OSINT platforms are simply tools for scraping the internet. We have found it to be essential to provide analysts with a single environment for leveraging machine-curated information sources as part of their research and analytic workflows. The human-machine team where the effectiveness of the analyst is the primary metric is the most effective for producing useful intelligence, which is timely, relevant, assured complete and shareable with customers.
- Apply consistent tradecraft: One of the specific challenges with OSINT is that anyone with a web browser can call themselves an OSINT analyst. However, that claim is rarely true. In fact, these amateur sleuths are often more susceptible to misinformation or disinformation. We recommend hiring experts from various disciplines and diverse backgrounds, teaching them OSINT tradecraft, and using their expertise to research and develop intelligence, assuring—through the application of tradecraft and training—that OSINT is timely, relevant, accurate and complete.
These three principles allow organizations to address one of the biggest challenges in OSINT: Trust. The nature of OSINT as a collection discipline makes it susceptible to misinformation and disinformation. Using a consistent model for information and tradecraft can reliably deliver trusted content.
As the intelligence community (IC) increasingly embraces OSINT, it also maintains the need for trust. The government needs to push industry to ensure that assurance and accuracy remain at the forefront of their contributions. This can be best achieved through transparent, auditable tradecraft—“glass box” intelligence—rather than uncertain outcomes from “black box” or opaque analytical tools and processes. Industry can provide a more diverse perspective in a way that cannot always be provided by the highly structured IC. Nongovernmental analysts bring valuable perspectives through their different experiences and ethnic and cultural backgrounds, unlike their government counterparts who are heavily vetted and operate within their own institutional culture.
Additionally, if properly trusted, the commercial sector can be a source of surge capability for the IC. This is particularly true when an unexpected security threat emerges that has not previously been a government priority. Therefore, the IC does not have the required expertise and has not optimized its collection posture. To an extent, this is not new, with examples including the Arab Spring, Operation “Odyssey Dawn” in Libya and the Ebola pandemic in the early 2000s. In each of these cases, OSINT offered an initial gap filler until the IC was able to refocus, but these events were at a time when OSINT capabilities were nowhere near as mature or sophisticated as they are now and could arguably take a much more prominent role.
In short, what was an occasional relevance is now a regular occurrence—high-profile examples include the collapse of the Afghan government and the associated evacuations, the war in Ukraine and the 2023 Sudan Conflict. OSINT today can and should be prepared to take on more than the gap-filler role. If the commercial sector is to adequately cover “lower priority” topics, however, there would need to be a compelling business model. Using the commercial world as a de facto reserve or contingency capability would only work if sufficient resources are applied to maintain it against well-defined and agreed criteria. This would ensure that the IC has high confidence in what industry provides, and at a cost that doesn’t then make it more efficient to develop an IC in-house solution. Facilitating this sort of public-private partnership will require a convergence of terminology, analytical standards, and tradecraft to ensure assurance, completeness and trust in analytical outputs and source data, along with a common understanding of terminology and confidence levels.
As we consider this idea of an OSINT renaissance, we see ahead of us a period of real cultural and intellectual growth that will advance the capabilities of the intelligence community and aid decision-makers. This future will be as much about culture as it is about capabilities. Whether the current time is considered a bloody revolution or an enlightened renaissance, the future of OSINT will be driven by brilliant practitioners and organizations that create a culture to harness innovations and deliver results.
No comments:
Post a Comment