OSINT can be used by anyone, both for good and bad ends – here’s how defenders can use it to keep ahead of attackers
The cybersecurity industry often gets obsessed with technology: the latest exploits, hacking tools and threat hunting software. In reality, a lot comes down to people. It’s people who develop malware, people that hit the red button to launch attacks and, on the other side, people who are tasked with defending against them. To this end, OSINT, or open source intelligence, is an important but often overlooked “human” element of cybersecurity.
The bottom line is that whatever you can find out online about your organization, so can the bad actors. That thought alone should drive ongoing OSINT efforts to mitigate cyber-risk.
How is OSINT used?
The term OSINT was first used outside the cybersecurity industry, referencing military and intelligence efforts to gather strategically important but publicly available information in matters of national security. While post-war spy efforts focused on different ways to obtain information (e.g. HUMINT, SIGINT), by the 1980s OSINT was back. With the advent of the web, social media and digital services, there is now a huge resource for OSINT actors to gather intelligence on every part of an organization’s IT infrastructure, as well as its employees.
For CISOs, the primary goal is to find any of this information that may pose a risk to the organization, so they can mitigate that risk before it’s exploited by threat actors. One of the most obvious ways to do this is by running regular penetration tests and Red Team exercises, which tap OSINT to find weaknesses.
Here’s how O ..
Support the originator by clicking the read the rest link below.
