Open Source Intelligence For Executive Protection

Open Source Intelligence For Executive Protection

Open-source intelligence (OSINT) is the collection and analysis of data gathered from open sources to produce actionable intelligence. It encompasses the use of publicly available information from sources such as social media, websites, and news articles to gather information about an individual, organization or event. This information can then be used to identify vulnerabilities, plan attacks, and mitigate risk.  One of the biggest problems of OSINT is one of potential information overload; in addition to vetting the information to ensure that it is reliable intelligence. An example of this would be the collection of intelligence through social media.  Twitter and its dashboard application Tweetdeck, are excellent sources to find information in real time while an event is happening.  But because the information is often being pulled from the public, an extensive vetting process must be conducted to verify that the information is factual. In fact, without valuable OSINT tools, finding and searching the right information can be a time-consuming activity.

As Executive Protection agents we are tasked with the security and risk mitigation measures necessary to guarantee the safety of individuals, particularly those exposed to elevated risk due to their employment, status, or net worth. Executive protection previously involved hiring close protection specialists to provide physical security measures. However, in the modern landscape, online threats require digital activity to protect executives. Executive protection teams now involve digital specialists who spend time online assessing and minimizing threats to VIPs.  Often public figures and CEOs become targets of hate groups that look to harm or disrupt their lives, brands and business.  These hate groups are very active online and will advertise their agenda in public forums.  Techniques used to gather information on these groups online include creating “sock puppet” accounts on social media to gain access to their online post or simply follow prevalent leaders of these groups on social media to see planned activities.

Emerging Event and Travel Risk

Executives are at increased risk when they are traveling and in locations that they do not usually frequent. High-profile individuals who travel frequently are at heightened risk of interacting with dangerous situations that could jeopardize their safety or make their destination unsafe; this includes civil unrest, extreme weather, natural disasters, terrorist attacks, and criminal activity. OSINT solutions like Liveuamap, Snap Map, Twitter and Tweetdeck provide executive protection teams with the ability to scan social media posts and news articles from within a geographic region for early warning signals of emerging event and travel risks. Real-time awareness of emerging threats to executives enables security teams to avoid areas, people, and scenarios.

Likewise, unplanned disruptive events at familiar company premises like protests also present a safety risk for executives. Protests at or near logistics sites and headquarters can result in logistics problems and physical threats to executives. Collecting and analyzing intelligence in advance of company events enables security teams to identify planned activity and evade it by selecting alternative locations and travel plans. 

Physical Threats

The digital environment provides a space for anonymous individuals to make violent threats towards people and businesses. VIPs, particularly celebrities and CEOs of large companies, may receive thousands of threats over social media and messaging services every year, usually after making controversial decisions or statements. We saw this with Facebook’s CEO Mark Zuckerberg following the aftermath of the 2016 presidential election.  The GOP had hired Cambridge Analytica to pull data from Facebook users and construct election strategies for the Trump Campaign.  The election was extremely polarizing which left part of one side looking to place blame somewhere.  Facebook and their CEO became the target of threats and vocal protest both online and in public.  Facebook, now Meta, was forced to rapidly expand their list of protected executives from a handful of C Suite executives to nearly 200 employees.  Most of this expansion came in the form of digital protection teams.  Today we are seeing similar polarization with Elon Musk’s purchase of the social media company Twitter.  Elon Musk’s travel movement was being shared publicly by individuals online and social media.  This is a type of passive attack where the attacker spreads information that is for the most part kept secret.  Although these attacks aren’t direct, others who wish to do him hard can capitalize on this information and use it plan and coordinate attacks or disrupt his daily life.

 Most threats made online are false, made by online trolls who intend to intimidate their victims rather than carry out any physical violence. However, a minority of individuals making threats online do intend to carry out their plans. Groups may plan violence on social media, forums, and the dark web, meaning that executive protection teams must have access to relevant information from each of these channels to help minimize threats.

Identifying credible threats that warrant further attention and action is difficult. Searching social media platforms with tools like Tweetdeck, searching for advanced operators like ‘stab’, ‘shoot’, or ‘kill’ and the name of an executive, enables protection teams to identify threats. Pivoting from these threats to manually assess the potential threat actor becomes a time and labor-intensive activity.  Dataminr can assist in gathering intelligence by aggregating data and geofencing regions for teams to plan risk mitigation. Similarly,  Skopenow enables executive protection teams to automatically investigate potential threat actors, collating and analyzing their digital activity and backgrounds for further information that can substantiate a threat.

Threat actors may also identify property information that leaves them extremely vulnerable to physical attacks, such as vehicle details or home floor plans. Executive protection teams should scan the digital space for specific information that poses extreme risks to executives to identify any records for removal.

Doxxing

Doxing involves threat actors publicly exposing confidential information about people or businesses from the internet, often collected from social media and data breaches. Doxxing presents a very serious risk to executives as information released via doxxing can facilitate threats, violence, and harassment aimed at them and their families. Doxxed information can include addresses, bank records, medical information, passwords, SSNs and like mentioned earlier flight plans. Leaked information can impact stock value, intimidate executives, or support plans to commit violence against an executive. 

Executive protection teams must conduct proactive threat assessments to identify information on the internet that poses a risk to executives, enabling them to target it for removal. These threat assessments should include scanning the social media profiles of the executives and their families, as well as scanning the dark web for relevant breached data. .

Misinformation

Threats to executives are not always physical. Threat actors can cause large-scale damage to an executive’s reputation through digital means, using social media accounts that mirror the executives to use their reputation to spread rumors or misinformation. Spreading false or misleading information digitally through mirrored social media accounts could be to influence politics or to scam members of the public, however, the impact on the executive is damaging to their reputation and usually results in a negative impact on society. 

Misinformation campaigns are a relatively cheap but effective way to inflict damage on a person or business. Individuals, groups, and state governments can all undermine executives through misinformation to cause financial and reputational damage. Misinformation spreads rapidly across the internet through social media and news sites, with unsubstantiated rumors quickly reaching across the globe. When left unchecked, misinformation proliferates, therefore, it must be swiftly detected and actioned before the damage to an executive’s reputation is unsalvageable. 

Executive protection teams can scan social media and news sites for any mentions of an executive’s name and their brand names to monitor the internet for misinformation. I firm understanding on how to conduct counter surveillance online and the collection of OSINT can assist executive protection teams better protection for their principal. PWA Certified Executive Security Specialist (CESS) covers cyber security and OSNIT fundamentals   

At Pacific West Academy, our executive protection training program approaches CQB not as a set of pre-rehearsed actions, but as a cognitive skill set. It’s a thinking game, and the ultimate goal is not just to win a gunfight, but to dominate the battlespace through superior information processing. This article breaks down our unique philosophy, moving beyond the myths to show you what truly effective CQB looks like in a professional bodyguard training context.

The Foundation: Separating Marksmanship from Tactics

Before we can even discuss tactics, we must address the fundamental skill of shooting. CQB is a theory and a tactic, but shooting is simply shooting. We believe these two skills must be trained separately before they can be effectively integrated.

Why this separation? An elite competition shooter with no tactical experience can learn CQB relatively quickly because their weapon handling and accuracy are already second nature. Conversely, an operator who knows all the tactics but struggles with marksmanship will find it much harder to get up to speed, but will have better tools to handle any emergency. Our executive protection school builds its curriculum on this principle: master the firearm first, so you can dedicate your mental bandwidth to tactics when it matters most.

The Core Concept: CQB as Information Dominance

The central pillar of our CQB philosophy is this: Controlling the amount of information you gain, maintain, or lose within an enclosed space. Forget complex choreography; success in CQB is about managing what your senses are processing. “Information” is anything and everything you can perceive in the environment.

What constitutes information in a tactical environment?

• What you see: Threats, exits, light, darkness, obstacles, shell casings, blood, and shadows.
• What you feel: The temperature of a room, something underfoot like blood, or the distinct tactile feedback of your slide locking to the rear—a stimulus that tells you to reload.
• What you hear: Talking, walking, screaming, or bangs.

Your goal is to intake all this data and make an educated decision based on it. To manage this flow, we teach three primary solutions:

1. To Gain Information: You must start “pying” or methodically clearing angles.
2. To Maintain Information: If you see a certain amount of a room and don’t want to gain or lose anything, you either hold your position or move in a straight line to adjust your distance without changing your angle.
3. To Lose Information: This is a deliberate trade-off. You only give up information on one area to gain more valuable information on another. An example is clearing a center-fed room; you must lose sight of one side to fully clear the other.

The Geometry of Survival: Correcting a Fatal CQB Flaw

One of the most common and dangerous mistakes we see is using the center of a doorway as a pivot point. When an operator does this, their line of sight arcs through the room, but their body becomes exposed to un-cleared areas long before they can see them. We’ve seen this lead to operators being late to the gunfight—turning to engage a threat they’ve been exposed to for critical seconds.

This method is a no-go in our training.

The solution is to change your axis of rotation. Instead of pivoting on the threshold, you use the nearest wall of the entryway as your axis. By “pying” off this near wall, you remain concealed from every part of the room you haven’t yet cleared. You slice the room into small, manageable pieces, processing information all the way until you reach the point of entry. This isn’t some esoteric tactic; it’s the fundamental principle of shooting from a barricade.

Context is Key: Adapting CQB for Close Protection Training

Military CQB tactics are often designed for a team. The goal of “flowing” into a room is to get as many guns in the fight as possible, with each operator responsible for only a small 15% slice of the room. This method is built for speed and overwhelming force, but it comes at a cost. The first person through the door faces a notoriously high mortality rate—as high as 87%, according to instructor cadres.

In executive protection, you are often the only one. There are no six dudes behind you to take up the slack. Rushing to your death isn’t an option.

Furthermore, your objective is different. In the military, the mission was to take over the building, clearing every single room. In EP, if you have your client, your primary duty may be to barricade yourselves and wait for law enforcement. If an active shooter is present, your goal might be to simply draw their attention to yourself to keep them from shooting anyone else, a psychological tactic to protect others. The context of your close protection certification dictates a more deliberate and thoughtful approach.

Pace and Precision: The Hasty vs. Deliberate Method

Because context is everything, operators must be able to control their tempo. We teach two modes: hasty and deliberate.

• Deliberate: This is a slower, safer method that allows you to take the time to process small bits of information. The closer you get to a known threat or “indication,” the more deliberate you become.
• Hasty: A faster technique, you gain information quickly, but take on more risk. This is used when dealing with “maybes” on the way to a known threat. If you hear shooting down a long hallway, you’re not going to deliberately pie every open door along the way; you’re going to move hastily toward the indication to engage.

The Gateway to Danger: A Smarter Approach to Doors

Doors are one of the most dangerous thresholds. Our bodyguard school teaches a specific, methodical process for handling them.

1. Classification: First, understand what you’re dealing with. We simplify it to four types: push, pull, lift, and slide. For most structures, you’ll face push or pull doors. You can tell the difference by looking for the hinges; if you can’t see them, it’s a push door.
2. Easy Side vs. Hard Side: The “easy side” is the side with the doorknob; the “hard side” is the hinge side. You always want to work from the easy side if possible. Opening a door from the hard side exposes you in the fatal funnel of the doorway for a dangerously long time.
3. Let the Room Breathe: Before you commit to opening a door, check if it’s unlocked. A quiet turn of the handle tells you if the door is free-floating. After confirming it’s unlocked, back off the door. This prevents you from being right in front of it if someone decides to shoot through it. This small step avoids the loud mistake of trying to kick or ram a door that was simply locked with a deadbolt.
4. Weapon Position: When manipulating a doorknob, your weapon should be positioned to deliver effective shots to a high-thoracic region on an average-sized male. It should be in a structured, single-handed position that allows for immediate, accurate fire if necessary.

Conclusion: Earn Your Bodyguard Certification with Real-World Skills

Effective CQB isn’t about looking cool or replicating military tactics without understanding their context. It’s about managing information, controlling your exposure, and making smart decisions under pressure. It’s a skill set that must be adapted for the unique challenges of the executive protection field, where you are often a solo operator whose primary duty is defense and client safety.

Ready to move beyond the Hollywood version of close protection? Explore our executive protection training courses and earn your certification with instructors who prioritize what actually works.