More Open Minds Are Needed for Open-Source Intelligence To Advance
While it is not yet a formal domain, open-source intelligence, or OSINT, is finding footing at a complex time when both data sources and disinformation abound. And while the Intelligence community (IC) is making inroads, experts, speaking today at the Intelligence and National Security Summit, say advancements are needed to make OSINT an even more robust discipline. Industry, the IC and academia will need to come together in novel ways, with an open mind, for the tradecraft environment to excel further.
Beth Sanner, senior fellow at the Belfer Center for Science and International Affairs at Harvard University, noted that there have been several recent developments from the Office of the Director of Intelligence (ODNI) and other organizations that are enhancing the governance of OSINT, with more work to be done. Sanner and other IC experts spoke at the annual conference hosted by AFCEA International and INSA, held July 13-14.
With guidance from the ODNI, the Defense Intelligence Agency (DIA) and the CIA are working closely together to improve the governance of open-source information and the intelligence discipline, reported Brad Ahlskog, chief of DIA’s Open Source Intelligence Integration Center.
“We're working closely together in the three key areas that I would characterize as how we are moving the open-source intelligence discipline forward,” he said. “The first area is transparency: who is doing what, who has what open-source data, and who is acquiring it?”
I think one of the keys [with OSINT] is the investment stream. This is really one of the main issues that needs to be address. We need to spend money on it.
Next, the organizations are working to better integrate OSINT across the IC. “As the DNI expressed in her congressional testimony earlier this year, she talked about the standing up of a small OSINT IC-focus shop, led by senior executives, to help with that integration piece, which is a very important,” Ahlskog noted. “And I'm not talking about just integration with us in the IC. I'm talking about how do we integrate and leverage our allies, other partners, academia. And we're closer than ever with industry.”
The third area in which the DIA and CIA are working to improve OSINT is in enterprise solutions, where they are embarking on a multi-agency effort to grow organized tradecraft capabilities.
Ellen McCarthy, chairwoman and CEO of the Truth in Media Cooperative welcomes this effort, but would like to see all fronts quickly expanded to all of the IC.
We decided to start with this concept of a common lexicon. And when we talk about that it's not looking at misinformation and disinformation. It is more of looking at information like you would any other critical infrastructure.
The Honorable Ellen McCarthy, chairwoman and CEO, Truth in Media Cooperative, @engmchannah #IntelSummit @AFCEA @INSAlliance: it’s great that @DefenseIntel and @ODNIgov are working closely on #OSINT but let’s bring in the other 16 #IC members especially the little guys pic.twitter.com/apqW8xSX7X
— Kimberly Underwood (@Kunderwood_SGNL) July 14, 2023
And naturally with open-source information, data quality is crucial, McCarthy said. Unfortunately, disinformation—and the management and protection from—is now a billion-dollar market, and she expects OSINT and AI market to quadruple in size over the next five years. The cooperative is working to provide quality information, beginning by identifying and implementing common terminology. Providing uniting definitions, based on IC-related OSINT terms, will help set a foundation for the open-source data field.
“We're a cooperative of diverse but like-minded organizations, with a goal of providing people with access to quality information and information that they want,” she explained. “We decided to start with this concept of a common lexicon. And when we talk about that it's not looking at misinformation and disinformation. It is more of looking at information like you would any other critical infrastructure. What is the information environment look like? How do we create a safe information environment, let's look at words like information quality, sourcing of data, provenance of data, all words we use to the IC. And let's see if we can harmonize that language and gain consensus across media, technology, academia.”
The cooperative is working with other organizations to develop an OSINT-related lexicon, with the goal, McCarthy said, of setting standards, especially with AI-related companies. “If you can then provide standards, such that not all information is going to meet these standards, but even if you could just get 10% of the data moving across any platform right now that it meets certain standards, it is transparent, we understand the sourcing, we understand the timeframe of it, that’s a start.”
For Janet Rathod, now the global head, Cyber Threat Intelligence, at Citi Group who spent almost two decades at the FBI, OSINT is also important to the private sector.
“The thing about the private sector is that we've got things that are publicly available, which also have this subset of proprietary data, data that you pay for,” she explained. “It could be financial transactions, it could be healthcare information, it could be satellite imagery.”
Industries rely greatly on open-source data to help inform their business activities, she continued. “How does the private sector use OSINT?” Rathod said. “We're using it in terms of safety and security. We're using it to add value to the business. We're using OSINT for brand management. There could be 100 different use cases.”
And the data integrity that is vital in the IC for life and death missions is also important to the private sector. “There are so many lessons learned,” Rathod stated. “The one that comes top of mind is ensuring accuracy, especially in this environment of disinformation and this environment of information overload.”
The catch, Banner emphasized, is that organizations actually need to invest in OSINT-related capabilities and solutions. “I think one of the keys is the investment stream,” she said. “This is really one of the main issues that needs to be address. We need to spend money on it.”
“We provide decision advantage for leaders and policy makers but who is doing that for everyone else,” McCarthy added.
We're using it in terms of safety and security. We're using it to add value to the business. We're using OSINT for brand management. There could be 100 different use cases.