The Rise of Non-Traditional Players in Intelligence

The commercial sector’s role in intelligence continues to change rapidly. Of note, public/private partnerships are coming to center stage with a realization that collaboration is needed to address and respond to the evolving threats facing both national security and enterprise security. Private and public sector clients have typically excelled in different sources of intelligence. With sophisticated intelligence players on both sides of the public/private dividing line, it is clear that public/private partnerships will be important to be able to access and leverage the best capabilities in OSINT, HUMINT, SIGINT and GEOINT – areas where historically, government-only had a strong hold, but private companies are now proving to be invaluable. In certain cases, the private sector can collect this intelligence much faster and cheaper than government – this is particularly true with OSINT.  

OSINT has become a very important part of the intel landscape. It is a massive force multiplier, helping decision makers and policymakers quickly find answers, while enriching and contextualizing other sources of exquisite intel. OSINT is most valuable when you have subject matter experts with deep domain and technical expertise working alongside data experts who are collecting data, whether structured or unstructured, at scale. Finding the balance between human and machine in OSINT collections will be crucial going forward. 

As private-public partnerships move into the spotlight, shared trust will be crucial. To maximize industry’s capabilities, government players need to move quickly and establish trust with their private sector partners. This will allow agencies to prioritize and spend their resources and bandwidth on gathering actionable intelligence. Both private and public sector actors need assurance that in sharing their intelligence, their methodologies, proprietary information and sensitive sources are protected. Most importantly, government must be confident that the intelligence is credible and reliable and has been obtained legally and ethically. Strong vendors have clear rules of engagement that are codified in operations and transparently shared with government and commercial partners. An active feedback loop is essential – despite the sensitivity of many operations, open feedback channels make the intel collection process more efficient and better serve the mission.

Private sector intel vendors are becoming much more sophisticated than they were even a few years ago, which in part has been driven by the movement of former government intel professionals to the private sector. A clear understanding of intelligence requirements, mission sets and operations allows these private sector employees to effectively communicate with their government peers. We are also seeing significant overlap in the intel that is valuable to public and private parties: the interplay between nation state actors, such as Russia, China, Iran, North Korea and the cyber-criminal underground.  

The threat intelligence landscape continues to change. Mastercard’s acquisition of Recorded Future shows that threat intelligence has applications in fraud, the payments ecosystem and beyond. This acquisition by a large, publicly traded Fortune 500 company with a leading brand validates the space and collection techniques that are used. Acquisitions and growth of pure play threat intelligence providers support the notion that threat intelligence is evolving from a ‘nice to have’ to a ‘need to have’ as senior managers, including the CISO, and the board look to protect their companies from financial fraud, ransomware and other emerging threats.  

The potential impact of AI is huge for government, enterprise and threat actors alike. The U.S. is in an arms race for AI superiority with other nation states, particularly China. Most threat actors and enterprises are in the pilot phase of using AI, though this will become supercharged in the next 2-3 years. At the same time, many large enterprises are still risk-averse when it comes to AI and slow to put AI tools in the hands of employees who seek them out. 

Looking ahead to 2025, other key themes in the intelligence space will include: 

• Supply chain resiliency will be key as geopolitical risks increase. Building this resilience takes time and discipline. Understanding risk in the supply chain and suppliers/vendors will be important. 
• Changes in the bad actors. There is a convergence of state-affiliated actors and the cybercriminal underground. While this isn’t new, it’s happening at a more rapid pace. AI and other trends will lower barriers to entry and increase velocity with which attacks can be engineered. 
• Siloed approach to intelligence no longer works. Anachronistic approaches to the threat environment will come under pressure. Collaboration and technology advancements are driving more impactful outcomes.