Skillset for OSINT Analysts to Get Started - Part 2
As promised, today my beloved colleague Costanza and me are back with the second and last part of the OSINT skillset article that we recommend you to develop if you wish to start a career as an OSINT analyst.
Changing the eyeglass
One of the skills that we consider more important to develop in the context of online research is related to the way we can give meaning to the different information that we find; sometimes one detail, one picture, or address, can signify more than one thing: to see them all it could be needed to change the eyeglass, process that allows us to focus on specific required details and not on others.
Let’s explain this eyeglass-changing process better: imagine you are both short-sighted and astigmatic; you would need two eyeglass pairs, one to see things far away and one to focus on close things.
By making the right choice, you will be able to see what you need at the right moment, but if you mistake in picking up the eyeglass pair, probably you will be stopped by seeing what is around you and you can get lost.
The same happens with online research: you have a question, and gather data, but the data that you have does not answer the starting question; probably in this context, you need to pick up the other pair of eyeglasses and look at things from another prospective.
Let’s do a practical example -one of my favourites!-: Facebook Marketplace. On Facebook Marketplace people sell goods and can look for things they would like to buy, so the main reason why people look into the Facebook Marketplace of other users is to find information related to selling goods, but this functionality can be helpful also in answering other types of questions. For example, most of the time, people take pictures of the goods that they want to sell at home. So those pictures can be crucial to localize where a person lives, by looking at specific details of the home or trying to find a window in the background of the photo representing the item.
So, the just-explained process is nothing more than a change of eyeglasses: you have a piece of information, and you decide not to focus on the information itself, but on the details that may be surrounding it, like the just mentioned window, for example.
This procedure can be -or must be!- applied to every information collected and the desider answer; but no worries! It becomes automatic very soon, in the same way that a person which is both short-sighted and astigmatic knows that by using different eyeglasses holder, it would be easier to pick up the right one from the backpack and dont get confused about which pair to wear, on from which point of view see a certain amount of data
Proof of hypothesis
One of the most critical skills in online research is collecting proof of the hypothesis. This involves systematically gathering evidence to support or refute your initial educated guess. Just like a detective, an OSINT analyst needs to gather solid proof to validate or invalidate their hypothesis, ensuring conclusions are based on facts rather than assumptions.
Think of it as building a case for a courtroom trial: you collect multiple pieces of evidence—witness testimonies, physical evidence, expert analyses—to strengthen your argument and see the full picture. In OSINT investigations, this means gathering data from various sources to test your hypothesis, such as social media posts, public records, and news articles.
For instance, if you hypothesize that a company is involved in illegal dumping, you would collect data like satellite images, public records of violations, social media complaints, and related news articles. Each piece of evidence strengthens or weakens your hypothesis.
Let's take another example: tracking disinformation campaigns. If you hypothesize that a foreign actor is behind a campaign, you would gather proof like the timing of posts, origins of accounts, content patterns, and financial ties to disinformation networks.
This process is all about systematically collecting evidence to support or refute your hypothesis, ensuring your conclusions are well-founded and robust. Over time, it becomes second nature, just like a seasoned detective instinctively knows where to find the right evidence. Mastering this skill ensures your findings are reliable and actionable.
Formulating the conclusion
Formulating the conclusion involves synthesizing all the gathered evidence and insights to provide a clear and actionable outcome. Think of it as the final step in a detective's investigation, where all the clues and proofs are pieced together to present the solved mystery. This skill requires critical thinking and the ability to distill complex information into a concise, coherent statement that addresses the original hypothesis.
Imagine writing the final chapter of a book. You need to tie up all loose ends and make sure every piece of evidence leads to a logical, well-supported conclusion. In OSINT investigations, formulating the conclusion involves reviewing all collected data, identifying patterns, and ensuring that your final statement is backed by solid evidence.
For example, if you’re investigating a rise in cyberattacks on a particular industry, you might have gathered data on attack methods, timelines, and the origins of the attacks. Your conclusion would synthesize these elements to determine whether a specific group is behind the attacks and highlight key findings that support this conclusion.
Let's consider another scenario: concluding an investigation into human trafficking networks. After gathering evidence like social media communications, financial transactions, and travel records, you’d formulate a conclusion that not only confirms or refutes your hypothesis but also provides insights into the network's structure and operations.
This process ensures that your investigation has a clear, definitive outcome based on thorough analysis. By mastering the skill of formulating conclusions, you can present your findings in a way that is both convincing and easy to understand, providing valuable insights that can drive decision-making and action.
As we have seen, most of the skills that can be considered necessary to become an OSINT analyst, cannot be studied in books, but they consist of the ability to develop a certain mindset and approach to data and analysis.
If on one side this can look like a challenge, the good news is that all the mentioned abilities can be developed and enhanced with a good amount of effort, and especially of exercises.
We all have topics of interest, hobbies, or just questions that interest us and which answers can be found online, just by understanding how to look for them.
A good start can be to develop the habit of using the Internet to get answers to any type of question that comes to your mind.
Would you like to find books about a specific topic? Which university course can better fit your career? Would you like to understand which specific skillset is needed for a particular job position and where to master it? Or just to find more information about that Tinder guy that you would like to date?
You can start by exploring those and more questions and trying to use Open Sources to find the information that you need.
Every time that you feel stuck, you can always go back to our tips, and understand in which step your mindset is blocked, and unblock it by understanding how to face a specific challenge.
If you arrived until here, we appreciate your trust and now we would like to know from you which skills would you add to this list.
And in which way do you usually train to boost your OSINT skills?
We are looking forward to your answer and already preparing the next article on a very juicy topic!