Protective Intelligence in Estate Security Pt. 2

Continuing the series on estate security in executive protection...

Preface: In this series I’m going to blur lines between protective intelligence, risk assessment, and open source intelligence (OSINT). And if I use any nomenclature or make any statements that you disagree with, then start a discourse on LinkedIn so that we can get to the Truth.

OSINT feeds protective intelligence programs a steady diet of information, 24 hours per day. Most of this is empty calories, some of it is red meat, but we don’t know until it’s collected and evaluated.

Real-time social media monitoring (by geographic location) is the single most practical and effective practice that any estate security program can implement. Anything news worthy (shooting, bomb threat, road closure, earthquake, etc.) is reported on Twitter, Facebook, and Instagram before EMS or the local news have time to put out a bulletin.

You could spend $1,000’s for a yearly subscription to one of the many companies that provide platforms which make this a simple process, or you could use tools that are free.

Why to Consider a Paid Platform

The only feature that matters is key-word alerts based on geographic location (and there’s no free service that does this). If I can get an alert when people are mentioning the police or EMS within several miles of the principal’s location, then I’m in a prime position to get a head start on mitigating potential threats that may impact the principal. Here is a list of all of the social media monitoring platform companies that were represented at the ASIS annual trade show this year: Thred, LifeRaft, SamDesk, Dataminr, Echosec, Babel Street, and a few others that aren’t worth your time.

I am not an advocate for any particular platform because I think there are better platforms in the works as we speak. That said, any of the above platforms should meet the standards of any residential security program.

I’m Cheap and I Don’t Want to Pay

Well, you can actually collect a lot of information from geography based social media posts, without using a paid service–you’re just going to have to work a little harder. Below are several links that allow you to view social media posts by geographic area:

  1. Twitter Advanced Search (plug in coordinates/city for geographic search)
  2. Tweet Map
  3. YouTube Map
  4. Periscope Map

*To some degree, users are more conscious about location settings, privacy, and geotagging of their activities, which may be why Instagram no longer has a map view feature. However, a large number of users remain either ignorant or otherwise happy to share personal information with the public.

 

OSINT, Risk, and Protective Intelligence

Again, the line is blurred between where each of these starts and ends: our risk assessment, OSINT investigations, and protective intelligence.

Here, I am going to outline 3 key areas that executive protection managers and estate security professionals should lend attention to as it relates to protective intelligence.

  • Maps & satellite imagery
  • OSINT information linked to the estate
  • Digital privacy (countermeasures)

Since you’re the refined executive protection specialist that you are, you have already viewed images of the estate you’re protecting via every online medium. You did that because you needed that information in your initial risk assessment and any subsequent reassessments. But in case you wanted to review once more, what the adversary can see, then I suggest you consider the following.

Side note: Why does this matter? It matters because any creep can remotely survey the estate, outline likely security vulnerabilities, and identify vehicles associated with the estate, all without leaving their parents’ basement. Also, the information located via these open sources is constantly changing and should be reviewed periodically as part of your risk assessment. You need to know the principal’s attack surface don’t you?

Second side note: if you’re bored out of your mind in a command center, what do you have to lose? Try the following.

 

Homework Assignment #1

  1. Go to https://inteltechniques.com/
  2. Click the “Tools” category near the top of the page - Click “Satellite Views” in the left side bar
  3. Bam! There’s access to 29 different views, perspectives, and insights about your estate.

* If you’re going to use the “submit all” function on this page (which is most efficient), you need to be using Firefox.

 

Our next area of concern is OSINT information connected to the estate. This would revolve around information connected to the estate address and the residents’ names. This is a massive research project and it would require 10,000 words to explain. But you would ideally start with the address, and the residents’ names, then go from there. Read on…


Homework Assignment #2

  1. Go to https://inteltechniques.com/book1.html Purchase OSINT Techniques, 5th Edition
  2. Once you have the book in your possession, use every relevant tool in this book (starting from page 1) to search your two pieces of information (address and names).
  3. Then expand as necessary, as you uncover more information connected to the address & residents. Reminder: follow Bazzell’s advice, don’t forget to use alias accounts and a VPN!

*Disclaimer: I don’t have any partnership with Intel Techniques or Michael Bazzell, it just happens that he has one of the best products/books/podcasts out there for learning & practicing OSINT.

This will take you 2 weeks to do, but once you’re complete, you’ll have a (relatively) advanced understanding of OSINT. Plus, your risk assessment will be more in-line with reality once you understand the principal’s online presence. You will have some work to do in addressing the issues that you uncover during your research, but this is the most rewarding part!

We’re almost there.

 

Homework Assignment #3

Your next assignment is to take proactive measures to minimize the online presence relating to those two pieces of information that you’ve been searching (address/names).

Let it suffice to say that it is ideal for there to be no information online (or in public documents) connected to the address or residents.  But since that’s a fantasy, it would be acceptable for there to be information about the address/names online, provided that it is disinformation. It would take some work, but it’s doable. Even Wikipedia can be fed disinfo!

 

Thanks for reading!
Travis

PS: Never miss an article by signing up for the EP Nexus email list—Click Here.