01832nas a2200181 4500000000100000008004100001653002200042653002900064653001000093653002000103100001900123700002200142700001800164245008200182300001000264490000700274520136900281 2024 d10acyberattack risks10aopen-source intelligence10aOSINT10aRisk Assessment1 aJyri Rajamäki1 aStephen McMenamin1 aKrista Tiitta00aThe Importance of Open-Source Intelligence in Assessing Risks of Cyberattacks a15-310 v553 a

Open-Source Intelligence (OSINT) is becoming increasingly vital in cybersecurity as digital platforms evolve. Advanced OSINT tools, incorporating artificial intelligence and machine learning, enhance organizations’ ability to process and analyze large amounts of open-source data. This paper highlights OSINT’s role in risk assessment to prevent cyberattacks. The research focused on OSINT tools and techniques, emphasizing the need for expertise in identifying relevant information and respecting privacy. An OSINT operational process was developed for a critical sector company and then used to conduct a vulnerability assessment. The organization is kept anonymous due to its national security role. The goal was to integrate OSINT into the organization’s cybersecurity framework. Permission was obtained before conducting a thorough OSINT test, using tools such as Maltego, SpiderFoot, Google, and Google Maps. Data collection was swift, and relevant information was easily found. The collected data was analyzed, cross-verified, and compiled into a report, which was then reviewed with the subject to provide protection advice online. The paper demonstrates OSINT’s effectiveness in enhancing organizational security and provides recommendations for using OSINT to identify vulnerabilities, reduce risks, and strengthen cybersecurity practices.