Cybersecurity Blog: The Cyber Scene is evolving, are you?

Return to blog

As a manager of a Security Intelligence Center (SIC), I can say first hand that few things are more frustrating than investing in a cybersecurity product that fails to deliver what your security team truly needs to be successful when it comes to true situational awareness.

Within a security setting, situational awareness is often defined as knowledge and understanding of the current environment that supports timely, relevant, and accurate assessment of friendly and enemy operations.

Situational awareness is pivotal in operationalizing data to improve an organization’s cybersecurity posture. Situational awareness tools should ideally provide context around the data alerts of an attack or potential attack. This context is what informs strategic countermeasures that ultimately protect data, critical infrastructure, and key resources.

Social Media Poses a New Threat to Cybersecurity

Today, employees, and sometimes organizations, unwittingly post information to social media sites that provide enough detail to an adversary to quickly and efficiently breech a company’s network. For example, an online job posting for a technical position may list specific network hardware, software, or cybersecurity infrastructure details. The aggregation of this information exposes companies’ vulnerability landscape and enables adversaries to effectively plan and even test their attacks in a simulated environment before they carry it out. By the time the adversary conducts the actual attack, they have an extremely high level of confidence that it will be a success.

Wouldn’t it be useful to know if your own organization was leaking secure information through social media?

Organizations have used services that retrofit social media aggregating tools, originally designed to determine user sentiment, to gain situational awareness. While these marketing tools are effective for hearing what customers think about a product, their inability to pair the data with threat intelligence (i.e. adversary tactics, techniques and procedures (TTPs)), provides organizations with little to no added situational awareness, and zero return on their investment.

How to Bring Context to Your Cyber Threat Environment

To be truly effective, security operations centers (SOCs) need top-drawer, anticipatory intelligence pertinent to their organizations that delivers context surrounding threats. By using a best-in-class cybersecurity tool, such as Leidos Open-Soure Intelligence (OSINT) technology, that incorporates intelligence from sources like social media sites provides a wider span of context into an organization’s actionable intelligence model. This capability becomes a game-changer when paired with the ability to incorporate sector and cross-sector knowledge concerning cyber-threat trends, and filter that intelligence down to the TTP level to prevent or avoid attacks in the first place.

Our Cyber Threat Analysis service is the only strategic service that produces anticipatory intelligence and relevance. By incorporating open source information feeds, like social media, that are often outside of an organization’s line of sight, OSINT technology provides organizations with the situational awareness they need to effectively defend themselves for today’s cyber threats.


To learn more about how Open-Source Intelligence can provide your SOC with critical situational awareness, request a meeting with one of our experts.


Chris Coryea is the Head of International Cyber Intelligence Services for Leidos. In this role, he oversees the EMEA and Asia-Pac Security Intelligence Centers for Leidos and is responsible for leading a global team of Cyber Intelligence Analysts, Pen Testing Engineers, Incident Responders and Open-Source Intelligence (OSINT) Analysts. In 2003, Chris joined Lockheed Martin in the United States where he helped to establish the Corporate Information Security Office. He held various cybersecurity leadership roles across US and moved to London in 2010 to assist global organizations in the application of a proven cybersecurity tradecraft against the ever-evolving threat landscape. Applying the knowledge gained from his 14 year journey with Lockheed Martin and Leidos, Chris is a prominent speaker who has delivered numerous presentations across the globe including a recent keynote speech at RSA Singapore and Black Hat Europe. Chris enjoys providing thought leadership on cybersecurity and has authored numerous white papers and blogs for Lockheed Martin, Leidos and industry. Chris holds a BS in Management Information Systems from Kansas State University and a MS in Information Technology Management from Rensselaer Polytechnic Institute.