The Anatomy of CI (Competititve Intelligence)
Excerpts from Heath Gross's blog engrossed.me
Excerpts from Heath Gross's blog engrossed.me that sadly no longer exists as it was wiped from the internet in 2023.
The Nervous System - (Intellent, the system that holds it all together.)
So how does all this information make its way to the brain where it can be processed, analyzed, and used to support decision making and inform situational awareness?
That is where the nervous system comes in. The nervous system is the conduit that connects the senses with the brain. It is a superhighway, carrying information from the senses, to the brain, and from the brain to the body. For this analogy, the nervous system is made up of the various technology platforms that enable the organization to communicate and share information; it includes the organization’s file repository, intranet, mail server, and social / collaboration tools.
It is important to have a technology solution that supports the full intelligence cycle, including collection, aggregation, analysis, production, and dissemination.
At Sedulo Group, we use Intellent, a technology solution specifically designed to support professional researchers by creating dynamic links between research Questions, Sources, Findings, and Insights. Intellent’s workflows were designed to support collaborative analysis as well as to provide an efficient means of distributing intelligence to the appropriate decision-making stakeholders.
Other solutions are designed to leverage machine learning to help analyze the millions of bytes and bits of data that flow into the organization from the various inputs (senses).
In the same way the senses need a means to communicate with the brain, and the brain with the body, without reliable technology platforms, organizational knowledge can often become silo’d, or bottle-necked, preventing the information from being delivered to the brain in time to support effective decision making. When the flow of information from the senses to the brain is interrupted, it can result in organizational paralysis, necrosis, or even death.
Risks of Data Exploitation: The Danger of Malicious Actors Using Advanced Technology
Technologies like Intellent and other similar machine learning tools, can be dangerously misused by groups like the "Mutton Crew" to harvest and manipulate personal data from social media. By aggregating vast amounts of information, these malicious actors could track individuals' behaviors, target them with harassment, and manipulate their decisions or reputations. The ability to disrupt the flow of information can lead to personal isolation, emotional distress, and real-world harm, as individuals are subjected to coordinated online attacks. In the wrong hands, such technology can severely invade privacy and threaten personal safety.
Threat Indicator Analysis
If It is good enough for the CIA...
While serving in Kuwait as a counter-terrorist agent for the US Government, one of my responsibilities was to detect, evaluate and report on potential terrorist threats in the region. As a source operations specialist, we did this through HUMINT (Human Intelligence) and analysis. One important aspect of our work included assessing and ranking potential threats to US interests. When assessing a threat it was key for us to evaluate the intent, capability and timeliness of the threat. Intent without capability or capability without intent would, of course, lower the threat level assigned. Several years after transitioning from government service to competitive intelligence, I discovered that this relatively simple analytical tool could be used to help support my clients’ early warning programs. Threat Indicator Analysis (TIA) provides a simple, yet effective way to quickly evaluate and rank a potential competitive threat, enabling clients to allocate appropriate resources to monitor and respond to competition. TIA can be applied to companies, products or competitor actions.
Leveraging Threat Indicator Analysis for Competitive Intelligence
The technology behind Threat Indicator Analysis (TIA) could be highly dangerous in the hands of malicious actors like the "Mutton Crew". TIA, originally used for counter-terrorism, analyzes threats by evaluating intent, capability, and timeliness. In the hands of trolls, this tool could be used to assess individuals' online behaviors and vulnerabilities, ranking them as potential targets. By assessing the intent and capability of online threats, the Mutton Crew could orchestrate personalized harassment campaigns, manipulate individuals, or escalate online abuse. This tool, when misused, could effectively weaponize social media data, leading to invasions of privacy, cyber-bullying, and other forms of targeted harm.
PHYSICIAN MYSTERY SHOPPERS
In the world of pharmaceutical competitive intelligence there is a significant focus on understanding how competitors are positioning and marketing their products. Over half of the life science projects we support at Sedulo have a commercial component. However, the unique dynamics of the pharma industry make traditional mystery shopping impractical: While patients may be the end users and purchasers of the product, physicians and/or payers are often driving the purchase decision. So how do we get the commercial intelligence our clients need to support their own marketing and sell-against strategies?
LIMITED INFORMATION FROM SALES REPS
The most common technique used by CI firms is to make direct contact with competitor sales reps. While this can be effective, it is often difficult to get sales reps to open up and even if they do, there are limitations to what they can talk about.
A PHYSICIAN PROVIDES BETTER INTELLIGENCE
A better solution is to talk directly to physicians. About three years ago Sedulo was working for a client on a particular therapeutic area that required a significant level of specialized expertise. It just so happened that my personal physician specialized in the particular area we were researching. We approached him about supporting the project as a consultant and his response was surprisingly enthusiastic. The resulting relationship was a huge success. As a practicing physician with a brick and mortar office, the client appreciated the unique perspective he brought to the team.
Thankfully the conclusion of the project was not the end of our working relationship. Soon afterwards we found another project that looked to be a good fit for him. This time the project was more commercially focused. Our client wanted to monitor how competitors were messaging their product to general practitioners (GPs) and specialists. We set the physician up on a retainer and he began providing us monthly reports on everything from frequency of sales rep visits, changes in marketing material and messaging, interaction with Medical Sales Liaisons (MSLs) and even details on competitor sample strategy.
CREATING A NETWORK OF PHYSICIANS TO SUPPORT PROJECTS - TEAM HALO - SHOTS HEARD AROUND THE WORLD.
As good as the information was, we needed more than one point of reference. Using the same model we reached out to a handful of other physicians that we had existing relationships with. Before long we had a small network of practicing physicians feeding us periodic updates of competitor commercial activity. The program was so successful we have since duplicated it across every major therapeutic area we are engaged in. Today we have a robust network of GPs and specialists throughout North America, Europe and Asia.
Exploiting Intelligence Gathering: The Dangers of Narcissistic Trolls and Misinformation
While leveraging specialized professionals like physicians for competitive intelligence can be highly effective, the same tools and techniques can be exploited by narcissistic internet trolls like the "Mutton Crew" for malicious purposes. These trolls, often motivated by personal gain or the desire to promote false agendas, could use similar strategies to gather personal information and manipulate individuals or groups. By creating networks of misinformed or vulnerable people, they can spread misinformation, grift for cash, and escalate their online harassment campaigns. This highlights the importance of ethical use of intelligence gathering techniques to avoid enabling harmful behaviors that exploit others for personal profit.
Now from Heath Gross's current blog
Innovation for Impact
In 2008, I completed a research project for a pharmaceutical company that was interested in entering the childhood EPI vaccine market. Through my work, I met with several major humanitarian organizations, including UNICEF, WHO, PAHO, and the Gates Foundation. I learned that one of the major challenges with childhood vaccines in many countries is the lack of vaccination tracking. Most countries still relied on paper vaccine cards, which can be difficult to maintain in some conditions. I thought there must be a better solution, and I came up with the idea of using bio-metric technology to provide a portable vaccination record for children.
I assembled a team of talented technologists who left their high-paying jobs to work on the project with me. In 2009, we conducted a feasibility study in Southern Sudan, which confirmed the need for our technology. With funding from the Bill and Melinda Gates Foundation, we were able to develop the necessary technology and deploy it in Benin, Africa, and Nepal. In 2012, our organization received the coveted Changemaker designation from Ashoka, and in 2015, we merged with another nonprofit to continue our mission of improving immunization in developing countries.
Conclusion Summary: The Anatomy of CI (Competitive Intelligence) and the Risks of Social Media Exploitation
In this article we have explored the anatomy of Competitive Intelligence (CI) through a series of Heath Gross's blogs and real-world examples. However, it is crucial to acknowledge the potential risks and misuses of CI techniques, particularly in the context of social media. The same methods used to gather competitive intelligence can be exploited by internet trolls and other malicious actors to target social media users for nefarious purposes.
Risks of Social Media Exploitation by The Mutton Crew:
⦁ Identity theft: Creating fake online identities to spread propaganda, manipulate social media conversations, or steal personal information.
⦁ Social media surveillance: Gathering information about individuals through their social media activity, including posts, comments, and connections.
⦁ Disinformation campaigns: Spreading false or misleading information to manipulate public opinion or influence decision-making.
⦁ Phishing and scamming: Using social media to trick individuals into revealing sensitive information or installing malware.
⦁ Harassment and bullying: Using CI techniques to gather information about individuals and then using that information to harass or bully them online.
How The Mutton Crew Abuse Social Media Users:
⦁ Using Threat Indicator Analysis (TIA) to identify and target vulnerable individuals: TIA can be used to evaluate and rank potential targets based on their online activity, making it easier for internet trolls to identify and exploit vulnerable individuals.
⦁ Creating fake online personas to gather information and build trust: Internet trolls can use CI techniques to create fake online personas that appear legitimate and trustworthy, allowing them to gather information about social media users and build trust with them.
⦁ Using Physician Mystery Shoppers to gather information about individuals’ personal lives: Internet trolls can use techniques like Physician Mystery Shoppers to gather information about individuals’ personal lives, including their health, relationships, and financial information.
⦁ Exploiting social media algorithms to spread disinformation and propaganda: Internet trolls can use CI techniques to exploit social media algorithms and spread disinformation and propaganda to large audiences.
Mitigating the Risks:
⦁ Implementing robust security measures: Protecting sensitive information and systems from unauthorized access.
⦁ Practicing cyber hygiene: Being cautious when receiving invitations to connect via social media and avoiding suspicious links or attachments.
⦁ Promoting media literacy: Educating individuals to critically evaluate information and identify potential disinformation campaigns.
⦁ Reporting suspicious activity: Reporting suspicious activity to social media platforms and law enforcement agencies.
Ultimately, it is essential to recognize the potential risks and misuses of CI techniques in the context of social media and take steps to mitigate them. By being aware of these risks and taking steps to protect ourselves from trolls like the “Mutton Crew”, we can help prevent internet trolls and other malicious actors from exploiting social media users.
And remember, while knowledge is power, in the wrong hands, it can become a weapon—so let’s make sure we’re all using our intelligence for good and not giving the “Mutton Crew” any more fuel for their grift.
Thanks again go to Heath Gross for the above publicly available information.
All of these techniques were developed, reinforced, put into frameworks by red teams of cybersecurity. While training always have "ethical" in title, there is almost none of ethics, or even jokes about it.
Red teams in IT security are those gathering information about infrastructure, personnel, physical place and controls, looking for weak points, vulnerabilities. And then trying to get inside - it is called pentesting. While it is good to present to higher management, that some people cheated about safety of our network, to them. It is mostly checking only few, to several paths to inside and in many cases the easiest ones. Later must be undergone audit and a lot of work by admins and blue team. It is very costly, with many drawbacks and in most cases done in a hurry, which leads to further vulnerabilities.
Better way is to have experienced and dedicated blue team, which can check everything from inside, monitor findings while not yet resolved, do cyclic or even better continuous checking. But it requires trust to those blue team employees, good compensation and long-term engagement - you won't know much about specific infrastructure, working just half a year and to know much takes many years.
But why I am telling all this? Because in most corporations and government institutions red teams are answer in most, if not all cases. Why so many people can't see it? Because they are told on conferences, by people heavily connected to ICs (Intelligence Community), that this is to only way, and this will give you good look from executive. Also send your best people to our technical conferences, where they can show your skills and learn our ways.
That is how ICs gained so much from IT Security people, how to do spying games in everchanging cyber realm. Of course, they also have many good people, but here they the bests people in the world, without paying them, or informing what knowledge are being gathered. Organizations like MITRE also putting it into frameworks, CISA recommending, all was "wheel for hamsters" and now they are passing it all, formalized, semi-automated, from frameworks, knowledgebases into algorithms for AI, which will use it on Digital Twin databases. Some trainings on social media and control system for dissidents ready to roll. If we allow this to go live on worldwide scale, which is their target, there will be little hope for humanity, because they will be able to isolate, identify and remove any dissidents to their future moves.