Increased military spending in Europe and the UK is set to pose fresh due diligence challenges for primary defence contractors and government agencies, saysDavid Janson, VP EMEA, Fivecast.
Defence supply chains are highly sensitive and fragmented, often involving a vast network of subcontractors and lower-tier suppliers. This makes risk assessment difficult using traditional manual methods. Yet these challenges are set to multiply as increases in defence spending mean more companies seek to join the supply chain.
By 2030, for example, Europeโs NATO members are projected to spend โฌ800bn on defence, with equipment spending nearly doubling. In the UK, defence spending is expected to increase from ยฃ62bn in 2025/2026 to ยฃ73.5bnin 2028/2029.
A growing supplier base brings greater exposure
With new entrants to the supply chain comes the risk they have links to threat actors, hostile states or sanctioned entities. Who exactly are the beneficial owners and are there any risk indicators that the organisationโs employees have contact with criminal networks or individuals with troubling track records?
Then there are the broader questions that arise on the political and social profile of the company and whether it is in the sights of global activists or violent protest groups who may cause disruption. The 2024 attacks on Elbit Systemsin the UK by activists are a good example.
Any organisation partnering with a business unpopular with protest organisations, or a hostile stateโs civilian proxies, may find it needs to step up protection of its own employees and locations overseas. Being aware of this in advance is a significant gain, enabling pre-emptive steps to be put in place.
Manual due diligence cannot keep pace
One overlooked major source of insight into these supply chain risks is open-source intelligence (OSINT). Many suspicious connections are evident from analysis of public records and databases, news and social media. Correlating this information provides security and due diligence teams with important insights. They can then decide if they should conduct further investigations using traditional human intelligence and other methods. Theย challenge is scale.ย Defence supply chains are so complex and involve numerous organisations, individuals, facilities and relationships across different regions. For security teams already operating under significant pressure, manually reviewing vast numbers of relationships and content sources on social media, forums, message boards and industry databases is impossible.
Even skilled OSINT analysts using targeted search terms, such as organisation names, product references and facility locations can find investigations extremely time intensive. This is especially true when global supply chains generate relevant signals across multiple languages and platforms.
OSINT powered by AI-driven insights helps prioritise risk
ย AI-powered OSINT technology has now emerged to enable analysts to overcome these difficulties. Using this technology, they can monitor the surface web, deep web, and dark web for content, activity and connections that indicate risks. Using intelligent automation, they can extract the insights they need from zettabytes of data while avoiding the burden of manual analysis.
Social media intelligence, or SOCMINT, adds another layer of context. Combing through multiple social media platforms, OSINTโs subset SOCMINT (social media intelligence) provides analysts with evidence of social connections between suspect individuals, entities and threat networks. It also points to unwarrantedly lavish lifestyles among key contacts and other content that may indicate illegal behaviour or corruption risk.
Image and video analysis, using optical character recognition (OCR) can read signs, identify logos and use visual matching to help analysts identify relevant content even when it has been posted without clear captions or searchable text.
Instead of an analyst having to sit down and trawl through images and videos for suspicious markings, vehicle registrations, facility details or branded assets, they can focus on the signals extracted and prioritised for review.
Text analytics identify sentiment and emotion alongside recurring language and hashtags linked to specific organisations, facilities, technologies or supply chain entities. Analysts can use these insights to build patterns and fill in the bigger picture.
Open-source signals relevant to defence contractors
ย Using publicly available, openโsource information, organisations can maintain awareness of emerging narratives, commentary, and reported events that may be relevant to defence contractors, their suppliers, or facilities. This helps teams understand the broader public context around their operations, including where concerns, criticism, or heightened attention may be developing in the open domain.
When supported by appropriate analytical tools, teams can assess how widely themes are being discussed, understand the nature and credibility of openly reported information, and decide whether any further internal review or engagement is warranted. This form of openโsource context is increasingly valuable as online discourse becomes more fragmented and complex, and publicly visible narratives can evolve rapidly.
In the current climate, international defence supply chains face multiple risks. This demands a more comprehensive approach to due diligence and security that encompasses open-source information using capabilities beyond what manual review and human power alone can achieve.
Advanced OSINT technology can fill in the gaps that traditional due diligence processes miss. It brings the power of AI to bear on masses of open-source global data, helping government agencies and primary contractors uncover hidden risks to national security and business resilience – and make more informed decisions about the organisations they work with.
