Open Source Intelligence For Executive Protection
Open-source intelligence (OSINT) is the collection and analysis of data gathered from open sources to produce actionable intelligence. It encompasses the use of publicly available information from sources such as social media, websites, and news articles to gather information about an individual, organization or event. This information can then be used to identify vulnerabilities, plan attacks, and mitigate risk. One of the biggest problems of OSINT is one of potential information overload; in addition to vetting the information to ensure that it is reliable intelligence. An example of this would be the collection of intelligence through social media. Twitter and its dashboard application Tweetdeck, are excellent sources to find information in real time while an event is happening. But because the information is often being pulled from the public, an extensive vetting process must be conducted to verify that the information is factual. In fact, without valuable OSINT tools, finding and searching the right information can be a time-consuming activity.
As Executive Protection agents we are tasked with the security and risk mitigation measures necessary to guarantee the safety of individuals, particularly those exposed to elevated risk due to their employment, status, or net worth. Executive protection previously involved hiring close protection specialists to provide physical security measures. However, in the modern landscape, online threats require digital activity to protect executives. Executive protection teams now involve digital specialists who spend time online assessing and minimizing threats to VIPs. Often public figures and CEOs become targets of hate groups that look to harm or disrupt their lives, brands and business. These hate groups are very active online and will advertise their agenda in public forums. Techniques used to gather information on these groups online include creating “sock puppet” accounts on social media to gain access to their online post or simply follow prevalent leaders of these groups on social media to see planned activities.
Emerging Event and Travel Risk
Executives are at increased risk when they are traveling and in locations that they do not usually frequent. High-profile individuals who travel frequently are at heightened risk of interacting with dangerous situations that could jeopardize their safety or make their destination unsafe; this includes civil unrest, extreme weather, natural disasters, terrorist attacks, and criminal activity. OSINT solutions like Liveuamap, Snap Map, Twitter and Tweetdeck provide executive protection teams with the ability to scan social media posts and news articles from within a geographic region for early warning signals of emerging event and travel risks. Real-time awareness of emerging threats to executives enables security teams to avoid areas, people, and scenarios.
Likewise, unplanned disruptive events at familiar company premises like protests also present a safety risk for executives. Protests at or near logistics sites and headquarters can result in logistics problems and physical threats to executives. Collecting and analyzing intelligence in advance of company events enables security teams to identify planned activity and evade it by selecting alternative locations and travel plans.
The digital environment provides a space for anonymous individuals to make violent threats towards people and businesses. VIPs, particularly celebrities and CEOs of large companies, may receive thousands of threats over social media and messaging services every year, usually after making controversial decisions or statements. We saw this with Facebook’s CEO Mark Zuckerberg following the aftermath of the 2016 presidential election. The GOP had hired Cambridge Analytica to pull data from Facebook users and construct election strategies for the Trump Campaign. The election was extremely polarizing which left part of one side looking to place blame somewhere. Facebook and their CEO became the target of threats and vocal protest both online and in public. Facebook, now Meta, was forced to rapidly expand their list of protected executives from a handful of C Suite executives to nearly 200 employees. Most of this expansion came in the form of digital protection teams. Today we are seeing similar polarization with Elon Musk’s purchase of the social media company Twitter. Elon Musk’s travel movement was being shared publicly by individuals online and social media. This is a type of passive attack where the attacker spreads information that is for the most part kept secret. Although these attacks aren’t direct, others who wish to do him hard can capitalize on this information and use it plan and coordinate attacks or disrupt his daily life.
Most threats made online are false, made by online trolls who intend to intimidate their victims rather than carry out any physical violence. However, a minority of individuals making threats online do intend to carry out their plans. Groups may plan violence on social media, forums, and the dark web, meaning that executive protection teams must have access to relevant information from each of these channels to help minimize threats.
Identifying credible threats that warrant further attention and action is difficult. Searching social media platforms with tools like Tweetdeck, searching for advanced operators like ‘stab’, ‘shoot’, or ‘kill’ and the name of an executive, enables protection teams to identify threats. Pivoting from these threats to manually assess the potential threat actor becomes a time and labor-intensive activity. Dataminr can assist in gathering intelligence by aggregating data and geofencing regions for teams to plan risk mitigation. Similarly, Skopenow enables executive protection teams to automatically investigate potential threat actors, collating and analyzing their digital activity and backgrounds for further information that can substantiate a threat.
Threat actors may also identify property information that leaves them extremely vulnerable to physical attacks, such as vehicle details or home floor plans. Executive protection teams should scan the digital space for specific information that poses extreme risks to executives to identify any records for removal.
Doxing involves threat actors publicly exposing confidential information about people or businesses from the internet, often collected from social media and data breaches. Doxxing presents a very serious risk to executives as information released via doxxing can facilitate threats, violence, and harassment aimed at them and their families. Doxxed information can include addresses, bank records, medical information, passwords, SSNs and like mentioned earlier flight plans. Leaked information can impact stock value, intimidate executives, or support plans to commit violence against an executive.
Executive protection teams must conduct proactive threat assessments to identify information on the internet that poses a risk to executives, enabling them to target it for removal. These threat assessments should include scanning the social media profiles of the executives and their families, as well as scanning the dark web for relevant breached data. .
Threats to executives are not always physical. Threat actors can cause large-scale damage to an executive’s reputation through digital means, using social media accounts that mirror the executives to use their reputation to spread rumors or misinformation. Spreading false or misleading information digitally through mirrored social media accounts could be to influence politics or to scam members of the public, however, the impact on the executive is damaging to their reputation and usually results in a negative impact on society.
Misinformation campaigns are a relatively cheap but effective way to inflict damage on a person or business. Individuals, groups, and state governments can all undermine executives through misinformation to cause financial and reputational damage. Misinformation spreads rapidly across the internet through social media and news sites, with unsubstantiated rumors quickly reaching across the globe. When left unchecked, misinformation proliferates, therefore, it must be swiftly detected and actioned before the damage to an executive’s reputation is unsalvageable.
Executive protection teams can scan social media and news sites for any mentions of an executive’s name and their brand names to monitor the internet for misinformation. I firm understanding on how to conduct counter surveillance online and the collection of OSINT can assist executive protection teams better protection for their principal. PWA Certified Executive Security Specialist (CESS) covers cyber security and OSNIT fundamentals
Our Students Say
I just want to say thank you to ASC for everything. After I graduated I got a call from ****** Security about my interview that I had with them on the last day of school. They said that the skill set and training I received from ASC (along with my military background) place me far beyond the average person who applied for a job with their company. And because of that they want to hire me not as a security guard, but as a shift supervisor. I couldn't believe it. One of my fears about starting my career and security was that I would graduate from training and not receive any job offers. However since graduating ASC I've been offered two jobs (one as a supervisor and one as a guard) and the pay for both are great. The money I'm going to start making is way more than what I was before so for that I want to say thank you. It was because of you guys that my life changed course and now the possibilities are ever-changing. Be sure to pass my thanks to Connor, Omer, Ryan, Jake, Ian, Steve and the rest of the guys.Jovidean Sun Valley, CA
I just wanted to thank you for giving me the opportunity to attend your CPR course. I know your focus is primarily training bodyguards but as a mother of two I wanted to learn CPR 'just in case.' I never realized there was such a difference between CPR for adults and CPR for infants. I now feel comfortable that if something bad were to happen I have the ability to do CPR. Thank you again.Larissa Courpus Christi, TX
I've been in Executive Protection here in LA since returning from a tour in Iraq in 2005. I think a lot of people who are interested in this field are under the misconception that being a cop, soldier or bouncer will give them all the tools they need to be effective in the EP field. Far from it. These jobs may provide a foundation but they don't provide a true understanding of the dynamics of Executive Protection. Your course was a good introduction to the ins and outs (and potential pitfalls) of EP work. Whether or not someone is new to the field or, like me, just trying to maintain perishable skills, I highly recommend this course.Don Los Angeles, CA
As a former law enforcement officer I thought I had a pretty good understanding of what it would take to be a good Executive Protection Specialist but it's a whole different ball game when you don't have the weight of a badge behind you. Although this course was basically fundamentals, I felt it helped bridge the gap between my experience as a law enforcement officer and the EP field. Although I had done a lot of similar range work before I found the firearms portion of the course work to be very professional and well executed and could see how this would be a great course for someone new to the field. Thanks for a great course.Josh Huntington Beach, CA