Michele Stuart, who has 30 years of experience in areas such as counterintelligence, insurance fraud investigations and financial investigations, as well as being a well-respected individual when it comes to open-source intelligence (OSINT), now trains federal, state and local law enforcement agencies.
Our podcast partner Dr. Rebecca Wynn discusses with Michele Stuart, as part of The Soulful CXO Podcast, the impact of working from home and smart devices listening in, permissible purposes, social engineering, and all things OSINT.
The episode covers:
- The evolution of intelligence
- Safeguards for companies and individuals
- Smart/intelligence devices and associated risks
Stuart has approximately 30 years of investigative and training experience. President and Owner of JAG Investigations, her area of expertise includes OSINT, counterintelligence, insurance fraud investigations, financial investigations, threat assessments, due diligence, organized retail crime, and corporate and competitive intelligence. Stuart consults and trains federal, state, and local law enforcement agencies, the military intelligence communities, ORC, financial and insurance industries, numerous, numerous Fortune 500 companies, and professional sports organizations in open-source, social media, and cellular security. She has also been an Instructor at Quantico (FBI Academy) for international training programs and has been an Adjunct Professor with the University of Virginia.
Evolution of Intelligence
To say Stuart’s background is interesting would be an understatement. Her knowledge in intelligence comes from a career spanning, which over 30 years, with the last 20 focused on open-source intelligence (OSINT). In her early days, she was involved with investigating OSINT, and economic fraud, back when it would take days or weeks to find things that today can be found in mere seconds. Eventually, though, she became bored, and the internet became a tool. So, what is OSINT? Stuart summarizes, “Utilizing information on sources off the Internet to help us now in the identification of the individual, the movement, the associations, their social media platforms, all of it….”
Safeguards for Companies
In many cases, people’s personal and business profiles overlap, Dr. Wynn asked about how companies can safeguard themselves from executives and employees posting something on social media as an example. Stuart clearly advocates having separate phone numbers and email addresses for business vs. personal and never using business numbers for personal use. She provides multiple examples, including when you are signing up for a discount and providing your number. Also, when ordering food, your data is marketable and will be sold; keeping the two numbers separate is critical.
In the same vein, having deep knowledge of privacy terms and conditions on applications to see how much data is being leaked may be very aggressive. She provides an example of a flashlight app that was very popular a few years back on the Android operating system The permissible purpose was so aggressive, and yet people were still putting it on their phones! Most likely, they were unaware that they were giving the application permission to look at all of their photos, videos, files, communications - SMS and MMS, and email communications. It would automatically upload their address book immediately upon downloading the app. Stuart recommends that people look at the developer’s privacy terms and conditions of that application to see how much of that information is being leaked, not just what they advertise.
Another example she provides is TikTok. In June 2021, they changed their privacy terms and conditions, stating that they could now collect biometric impressions of your face and your voice. That’s a tremendous amount of data when they have the biometric impression of your face, voice and device information. (Note: The TikTok policy still states that as of this writing – “We may collect biometric identifiers and biometric information as defined under U.S. laws, such as faceprints and voiceprints, from your User Content. Where required by law, we will seek any required permissions from you prior to any such collection.” Privacy Policy | TikTok)
Who Is Listening – Working from Home
As Dr. Wynn points out, with the influx of people working from home and smart/intelligent devices continuing to rise, the risks are greater for companies than in prior years for information leakage and increased risk. Ms. Stuart states that anything with a microphone, including toys, can be compromised. Therefore, unless companies have specific policies related to the employee’s at home work area including the accessible devices that surround them, there will always be an increased risk to the business.
You can listen to the full podcast below and learn additional insights on not only how to safeguard your company but also your personal information as well.
