Structured Analytic Techniques for Cyber Intelligence

The ability to go beyond current intelligence during the Bush administration’s efforts to find weapons of mass destruction in Iraq was limited at best. The inability to produce much more than daily news highlights named Current Intelligence continues today. Most cyber threat intelligence shops are forced to scour the previous night’s news sites using various automatic tools that aggregate data. The data is examined to see if it even relates to cyber security (another mistake) just to delivery some sort of morning report called “Daily Intelligence Summary.” There is little analysis, less relevance, and few who actually read the report. The worry that leadership will see something on the news, the internet, or in their email inbox scares intelligence teams into producing non-intelligence products.

Discoveries in the intelligence community that analysts were unable to set up estimates, forecasts, and long-range intelligence reporting were commonplace. The IC itself worked to solve that problem. Many intelligence analysts had exited the community leaving very hungry yet very green analysts to fill their shoes. Yet, they face commercial organizations where intelligence is rooted in cyber security with little understanding of what intelligence really is.

The mistakes made, the inability to properly analyze anything beyond short term daily assessments led to the creation of Structured Analytic Techniques.

“The concept of structured analysis and the practice of broadly and consistently applying structured techniques are relatively new in the Intelligence Community. Structured analysis is a mechanism by which internal thought processes are externalized in a systematic and transparent manner so that they can be shared, built on, and easily critiqued by others. Each technique leaves a trail that other analysts and managers can follow to see the basis for an analytic judgment. These techniques are commonly used in a collaborative team or group effort in which each step of the analytic process exposes analysts to divergent or conflicting perspectives. This transparency also helps ensure that differences of opinion among analysts are heard and seriously considered early in the analytic process. Analysts have told us that this is one of the most valuable benefits of any structured technique. Structured analysis helps analysts ensure that their analytic framework—the foundation upon which they form their analytic judgments—is as solid as possible. By helping break down a specific analytic problem into its component parts and specifying a step-by-step process for handling these parts, structured analytic techniques help to organize the amorphous mass of data with which most analysts must contend. This is the basis for the terms structured analysis and structured analytic techniques. Such techniques make an analyst’s thinking more open and available for review and critique than the traditional approach to analysis.”

Heuer Jr., Richards J. Structured Analytic Techniques for Intelligence Analysis. SAGE Publications.

The Treadstone 71 uses Structured Analytic Techniques from Richards Heuer as well as others collected over the years for use in preparing your analysis as well as documenting, tracking, and analyzing your evidence. Highly skilled intelligence analysts with anywhere from 8 to 15 years of experience develop keen skills in intuition. Many do not care to use structured techniques while others combine intuition and structured techniques for a balanced mixed based on available data, time available, and the situation at hand.

We teach these techniques with hands-on activities using cyber threat events from the headlines showing their fundamental value, when to use them, how they are used and where they contribute to the final products. We help you structure the data, analyze the data, and prepare the data for final analysis. The course covers non-inclusively:

STRUCTURED ANALYTIC TECHNIQUES

              What are they?

              When do I use them?

              Possible Sequence of use

Link analysis/network charts

Timeline/chronology

Network analysis

Brainstorming

Scenario analysis

Alternative futures analysis

Indicators

Indicators validator

STEMPLES Plus Indicators of Change

Hypothesis generation

Starbursting

Matrix

Categories by Dimensions

              Solutions by Dimensions

Categories by Predispositions

              Solutions by Predispositions

The multiple hypotheses generator

Help or Hinder

Cross Impact Matrix

Commitment Chart

Cause and Effect

Structure Analogies Matrix

Affinity Diagrams

Check Sheet

Data Points

Prioritization

Prioritization Matrices

Nominal Group Technique

Interrelationship Digraph

Matrix Diagram

Problem Solving/Process

Run Chart

Scatter Diagram

Diagnostic reasoning

Analysis of competing hypotheses

              The Toulmin Method

Argument mapping

Deception detection

Key assumptions check

Outside in thinking

Pre-mortem assessment

What if? Analysis

High impact, low probability

Devil’s advocacy

Force Field Analysis

Matching Techniques to Tools

When to Use – Sequence Reminder

Quality of Information

7 Step Problem Solving Model

Causal Loop Diagrams

Probability Tree Diagrams

Bayesian Analysis

MAPS

FLOW CHARTS

FREQUENCY CHARTS

STORY BOARDS

APPENDICES

The Tools Themselves

The Treadstone 71 Structured Analytic Techniques class runs 3-days for 24 CPEs. The class includes a book, templates, 24 hours of instruction and hands-on practice and use of the techniques.

Contact Treadstone 71 Today for all your Cyber Intelligence needs.

CONTACT US TODAY