What is Open Source Intelligence?
Open Source Intelligence (OSINT) is not particular to IT Security and instead is a much broader concept – it is about the free flow and analysis of information from a wide variety of sources. Many intelligence communities including British Intelligence are increasingly using OSINT to expand their capabilities.
The open-source element can be software or community, for example it can be the toolset an IT Security vendor uses to support businesses of all sizes, or simply a local group or community such as a Neighbourhood Watch sharing information gathered by members.
The Talos Blog has a list of Open Source projects and communities which are very helpful but these do of course require expertise to deliver effectively. For those who don’t have the expertise to benefit from existing OSINT projects our partner Opswat are experts at it: blending open and enterprise solutions in a truly vendor-neural way to your benefit.
Open Source Intelligence enhanced through specialised services
Open Source Intelligence is often a technical field which requires experts to interpret the information and judgements made, much in the same way that a Court judgement is often both publicly accessible and very difficult for layman to make practical use of.
In the same fashion it is often the case that security experts at a range of providers will freely disclose and share information between them, in order to better IT Security within and without their organisations.
Such free-flow of information is seen with Red Hat Enterprise Linux who, on account of having open-source code, offer award-winning services in order to bolter the enterprise element of their portfolio. This is where Enterprise Open-Source comes into play, and is seen across all computer systems on account of how valuable open-source code is.
In the same vein when it comes to OSINT being able to interpret and implement findings is difficult but do-able, and can be made accessible for smaller organisations through seeking expert advise, interpretation and implementation. Our Security Operations Centre service is another excellent example of how OSINT can be provided in a cost-efficient and accessible way, without compromising on service-delivery.
Open Source Intelligence and Community
For a community to function it can be either inclusive, or exclusive. There may be communities with elements of both but these are not truly open-source, and Cyber Security is a field which reflects society’s failure to be inclusive.
Implementing Open Source Intelligence within your organisation but doing so by using projects which are exclusive is a major security risk. The National Cyber Security Centre has been very clear on the negative impact which a lack of diversity brings into the field.
As a result of a pressing need to expand the scope and reach of these OSINT communities, and the profession more broadly, the NCSC has also begun to create Cyber-First apprenticeships.
Degree-apprenticeships are available school-leavers and are actively utilised by the UK Government, we have seen first-hand how much this opens the field to people who would otherwise be excluded from it.
A Cyber-First Apprenticeship is an accessible way for people with little to no knowledge of computing to develop the skills needed to benefit from knowledge of Cyber Security and use existing and new OSINT projects.