In this blog, a member of the Fivecast team draws on over two decades of law enforcement expertise to explore how AI-enabled OSINT is transforming corporate security – from executive protection to proactive and post-incident investigations.
Executive Risk in the Spotlight
In December 2024, a high-profile incident involving the death of UnitedHealthCare CEO Brian Thompson reignited concerns around executive security and corporate risk exposure. As the head of the largest health insurer in the United States, Thompson had faced public criticism over claim rejections, and had reportedly received death threats. Just days after the incident, police arrested and charged the suspect Luigi Mangione with the murder.
While Mangione had no known medical claims with UnitedHealthCare, investigators discovered a notebook, described by some media outlets as a manifesto, expressing his disdain for corporate America and referring to UnitedHealthCare as a ‘parasitic’ company. Despite having no criminal history and a limited online footprint, Mangione’s motivations highlight the complex and often hidden nature of threats facing corporate leaders today.
moving corporate security from reactive to proactive
In today’s digital-first threat landscape, waiting for something to happen is no longer a viable strategy. Organizations need to have proactive threat detection processes in place – leveraging AI-enabled open-source intelligence (OSINT) to detect risks before they escalate.
This shift is particularly crucial for organizations operating across multiple geographies and risk environments. Manual processes and traditional monitoring methods often limit the ability to respond quickly and effectively. By embedding AI-enabled OSINT into security workflows, organizations can rapidly gain real-time insights that improve situational awareness.
Executive Threats: A Wake-Up Call for Corporate Security
The murder of Thompson has sparked renewed conversations about how threats to executives can escalate, and whether early online indicators could help prevent such incidents. While this particular suspect had a limited online presence, many other cases show a clear pattern – individuals express intent or grievances online, sometimes across several platforms, both mainstream and niche, well before taking action in a physical sense.
Request our Protective Security Case Study
This is where AI-enabled OSINT has proven its value – empowering corporate security teams to detect threats against executives, detect online narratives, monitor violent protest narratives, and identify insider threats before they escalate. These capabilities are not just part of a growing trend, they represent a strategic imperative. As threats become more complex online, prioritizing OSINT as a core component of executive protection, threat assessment and organizational resilience is essential for forward-thinking organizations.
Just as OSINT enables proactive threat detection, it also plays a vital role after an incident occurs. In post-incident investigations, it enables law enforcement and security teams to uncover patterns of behavior, analyze digital footprints, and map networks of interest. These insights can help establish motive, identify additional risks, and inform future protective strategies ensuring lessons are learned and vulnerabilities addressed.
Real World Impact: A Global Resources Company Case Study
One of our clients, a leading global resources company faced mounting challenges in protecting its people, assets, and reputation. Operating across multiple continents in a high-risk industry, they were exposed to a wide range of risks – including insider threats, executive impersonation, and digital exploitation. Their security team struggled with manual, reactive processes that couldn’t keep pace with the rapidly evolving digital threat landscape. By integrating Fivecast ONYX into their workflows, they have transformed their approach to security. The platform enables:
- Automated data collection with built-in obfuscation and audit capabilities
- AI-driven risk detection across 100+ languages
- Digital footprint mapping and identity verification
- Advanced network analysis to uncover hidden affiliations
The result? Faster threat detection, enhanced situational awareness, and improved protection of executives, personnel, and intellectual property.
Request the Global Resources Case Study
Building Resilience in a Digital World
Fivecast ONYX continues to support organizations globally in shifting from reactive investigations to proactive threat detection. Its ability to deliver timely, actionable insights makes it a strategic asset for intelligence and security operations. The death of Brian Thompson is a sobering reminder of the stakes involved in corporate security. In today’s environment, threats can emerge from anywhere – and often begin online. By adopting AI-enabled OSINT, organizations can build resilience, protect their people, and stay ahead of evolving risks. To learn more request a demo from our experienced Tradecraft team and discover how Fivecast can strengthen your security posture.
