Security teams today are inundated with data but lack actionable insights. The rise of public data sources—ranging from social media and blogs to leaked databases and dark web forums—offers new opportunities for real-time threat detection and risk management. But with this wealth of information come significant challenges: noisy data, false positives, and the need for rapid context.
This article captures key challenges and opportunities covered in a recent SC Media webcast featuring Adrian Sanabria, Host of Enterprise Security Weekly, Jack Carraway, Field CISO at Dataminr, and Michael Farnum, Advisory CISO at Trace3.
Understanding Public Data and Its Potential
Public data encompasses a wide range of sources, including traditional and social media, government advisories, code repositories, and even the deep and dark web. Carraway explained that while many associate OSINT with intelligence agencies or dark web forums, much of this information is benign and readily accessible. Examples include regional blogs, public databases, and even niche sources like the New York City Taxi and Limousine Commission’s trip data.
The challenge lies not in finding data but in filtering it. Carraway highlighted Dataminr's approach, which involves sifting through over a million data sources across 150 languages and 220 territories. Advanced AI models enable the extraction of actionable insights without overwhelming teams with noise.
The Value of Early Detection
Farnum emphasized the importance of early detection, particularly in responding to emerging threats like zero-day vulnerabilities. “If you know something is trending on the dark web or within hacker forums, you can assess your exposure and take action before an attack materializes,” he noted.
One key challenge is operationalizing public data effectively. Farnum pointed out that many organizations rely on manual processes or limited datasets, which slow down their response times. Today's advanced AI models can help security teams overcome that challenge.
Proactive Risk Management
A major theme of the discussion was proactive risk management. Carraway explained how Dataminr’s tools help organizations identify vulnerabilities in their own environments and those of third-party vendors. “We’re seeing more companies use public data to monitor their supply chains and alert their partners to risks they might not even be aware of,” he said.
This capability is crucial in mitigating risks tied to supply chain attacks. As Farnum highlighted, third parties often disclose vulnerabilities publicly before notifying their partners. Accessing this information in real time allows organizations to safeguard their systems proactively.
AI as a Force Multiplier
The webcast delved into how AI is transforming the use of public data. Carraway introduced Dataminr’s ReGenAI, a blend of predictive and generative AI that creates continuously updated summaries of unfolding events. For example, in a high-profile breach scenario, ReGenAI compiles and updates relevant information from multiple sources, reducing the time teams spend gathering and synthesizing data.
This efficiency is particularly valuable in time-sensitive situations. Carraway shared an example where Dataminr reduced the time to process and act on critical information from 30 minutes to just 90 seconds, freeing up teams to focus on strategic decision-making.
Addressing Challenges and Building Trust
While AI offers immense potential, its application must be carefully managed. Carraway and Farnum discussed the importance of reliability, accuracy, and contextual relevance. Ensuring that AI systems are trained on domain-specific data helps minimize errors and build trust among users.
Carraway also cautioned against prematurely adopting agentic AI—systems that execute decisions autonomously—without robust safeguards. “We need to approach these innovations with good risk management principles and ensure they’re applied where the impact of errors is minimized,” he said.
Conclusion
Publicly available data, when harnessed effectively, can be a game-changer for security teams. By leveraging advanced AI tools like Dataminr, organizations can transform raw data into actionable insights, enabling faster responses and more proactive risk management. As threats grow more complex, the ability to filter, contextualize, and act on public data will become an indispensable part of cybersecurity strategies.
As Farnum aptly put it, “Speed and efficiency are everything. The more we can automate and streamline, the better equipped we are to defend against evolving threats.”
