Why Executive Protection Should Include Open-Source Intelligence (OSINT)

Deb Kirby

Over the past 10 years, open-source intelligence (OSINT) has advanced considerably. OSINT is the analysis of information about people or organizations from publicly available sources.

Share this post

Over the past 10 years, open-source intelligence (OSINT) has advanced considerably. OSINT is the analysis of information about people or organizations from publicly available sources. While this type of analysis is widely recognized as a corporate security operations best practice, we still encounter executive protection (EP) teams that have not yet hardwired this capability into their protective operations.

OSINT is a crucial element of an integrated approach to threat monitoring for protective operations. OSINT can provide precious and timely insights into the habits, lifestyle, and mindset of a particular subject, including information that can range from their address, vehicle, and identities of friends and associates to interests, plans, and posts related to weapons, extremist causes, and troubling sources of inspiration. Combined with threat monitoring, OSINT helps to identify actors within groups that may pose a direct risk of violence.

The following are some reasons why OSINT should be a key part of an executive protection client’s prevention-oriented security approach:

Threat Actors are Rarely Obvious

Individuals who target a company or its executives aren’t always known ahead of time. Individuals may privately exhibit risk factors but often do not publicly display this behavior. They operate online “in the dark” by using anonymous profiles, not engaging with branded content and remaining as private as possible.

The conscious decision to physically harm or even kill an individual is often referred to as targeted violence. Targeted violence is usually planned, emotionless and predatory, whereas impulsive violence is reactionary with minimal advance planning. A grievance that goes unrecognized or resolved can escalate to an ideation that is researched and planned, prepared for, tested and finally acted upon with tragic results.

The 2018 real-crime series, The Assassination of Gianni Versace: American Crime Story, recaps the actual murder of the fashion powerhouse by Andrew Cunanan. In addition to depicting Cunanan’s childhood influences and history of violent behavior, it also notes his escalation from obsession and irrational thoughts about Versace to eventual stalking and pre-attack preparation. While Versace’s murder occurred before the advent of social media, this same behavior is exhibited by some attackers today who are technology-savvy and is evidence of the “pathway to violence.”

How our OSINT Team Uncovers Intelligence

Our OSINT team knows how threat actors evolve. We look at the same openly available, public information about our clients but do so through an investigative lens. We search websites to identify phone numbers and addresses, which can lead to information via public records. We search profiles on social media that provide additional information to search or verify information found elsewhere. We examine cached data and run multiple searches through an extensive portfolio of sophisticated technology tools and open- source databases, including the dark web.

We seek to capture information before bad actors do. Like cybersecurity defenders, we roam, sweep and linger in the same places frequented by individuals with malicious intent, using investigative processes to uncover compromising data. For example, an aggrieved individual with a grudge against a CEO or other executive could easily glean enough information from social media postings to show up at the school of the executive’s children or their sporting match during an away game. They could break into the family’s home and steal valuables, tail family vehicles on shopping trips or stalk the executive when the family is on vacation.

Six OSINT-Related Actions to Reduce the Risk of Targeted Violence

  1. Enable privacy settings on social media accounts. These are getting harder and more confusing to find and activate. It’s worth having your in-house team or experts periodically assess whether any changes have been made to social media accounts or user data-sharing policies that expose your protectee to risk.
  2. Avoid posting content that might increase risk if posted in the public domain. It’s safe to assume that whatever is on a social media profile can be viewed or shared by individuals with harmful intent. Effective protective operations include educating the protectee and their family and staff on the risks associated with allowing posts and other online content to include personal information, such as birthdates, cities of residence, schools, and planned dates for travel or social events.
  3. Use a password management program. With software such as NordPass, RoboForm and Keeper – supported by two-factor authentication – the protectee only needs to remember one password, which helps avoid the reuse of passwords across websites. Ensure that passwords do not contain any personal information, such as middle name, birthdate, child’s name, pet’s name, part of a phone number or home address.
  4. Close unused accounts. This is particularly important with financial accounts.
  5. Conduct or authorize a baseline, open-source intelligence assessment. Use the results of OSINT analysis to educate the protectee on the risks and proactive steps they can take to limit their risk by closing, shutting down, removing or changing any sensitive information in the public domain.
  6. Review OSINT reports regularly and be prepared to escalate to formal behavioral threat assessments at any time. Maintain regular, periodic OSINT sweeps. Change or update keyword search terms to broaden or narrow the scope of review based on the risk, threat and vulnerability environment confronting the protectee as the OSINT program evolves.

OSINT’s Strategic Benefits for EP programs

In short, OSINT’s three most powerful features for any protective mission include: (1) the ability to detect, remove or neutralize a wide range of hostile penetration technologies; (2) flexibility in sweeping facilities in advance of key meetings or conducting “live monitoring”; and (3) greater assurance among senior leaders and attorneys that critical discussions and information are confidential and protected.

Jensen Hughes specializes in behavioral case management services and threat assessments for companies across all industries as well as U.S. federal agencies, other government employers and non-profit organizations. Learn more about how we leverage our open-source monitoring specialists, intelligence analysts and researchers to help you discover information on threats to your executives, employees, or organization and track issues of concern that require intervention.

Headshot of Debra K. Kirby

About the author

Debra K. Kirby
Debra Kirby serves as the Operations Leader, Midwest for Jensen Hughes.

Get in Touch

By completing the above form and checking this box you confirm that you have read, understood and accept our Privacy terms as well as our Cookie terms. Read our Privacy Policy.

Jensen Hughes ensures non-discrimination in all programs and activities in accordance with Title VI of the Civil Rights Act of 1964. If you need more information or special assistance for persons with disabilities or limited English proficiency, contact the Jensen Hughes Compliance Team at 410-737-8677 or compliance@jensenhughes.com. 

More blog posts from Jensen Hughes


Preventing Surgical Fires in Operating Rooms

Dec 1, 2022

Imagine waking up in a post-anesthesia care unit (PACU) after you just went under for a normal, routine surgery only to be told that a fire occurred while you were under anesthesia.

Read more
Cybersecurity Tips for the Holiday Season

Nov 30, 2022

The time of year is quickly approaching when our thoughts shift to family, friends and enjoying all that the holiday season brings. Unfortunately, cyber-criminals know this as well.

Read more
Police Staffing Analysis: A Strategic Window into Resource Allocation

Nov 29, 2022

City government leaders and police executives across the country are regularly challenged by the seemingly simple question: “How many officers does your police department need to fulfill its mission?”

Read more