This article has multiple issues. Please help improve it or discuss these issues on the talk page . (Learn how and when to remove these template messages)
|
Intelligence collection management is the process of managing and organizing the collection of intelligence from various sources. The collection department of an intelligence organization may attempt basic validation of what it collects, but is not supposed to analyze its significance. There is debate in U.S. intelligence community on the difference between validation and analysis, where the National Security Agency may (in the opinion of the Central Intelligence Agency or the Defense Intelligence Agency) try to interpret information when such interpretation is the job of another agency.
Disciplines which postprocess raw data more than collect it are:[ citation needed ]
At the director level and within the collection organization (depending on the intelligence service), collection guidance assigns collection to one or more source managers who may order reconnaissance missions, budget for agent recruitment, or both.
This may be an auction for resources, and there is joint UK-US research on applying more formal methods. One method is "semantic matchmaking" based on ontology, originally a field of philosophy but finding applications in intelligent searching. Researchers match missions to the capabilities of available resources, [1] defining ontology as "a set of logical axioms designed to account for the intended meaning of a vocabulary". [2] The requester is asked, "What are the requirements of a mission?" These include the type of data to be collected (distinct from the collection method), the priority of the request, and the need for secrecy in collection.
Collection system managers are asked to specify the capabilities of their assets. Preece's ontology focuses on ISTAR sensors, but also considers HUMINT, OSINT and possible methodologies. The intelligence model compares "the specification of a mission against the specification of available assets, to assess the utility or fitness for purpose of available assets; based on these assessments, obtain a set of recommended assets for the mission: either decide whether there is a solution—a single asset or combination of assets—that satisfies the requirements of the mission, or alternatively provide a ranking of solutions according to their relative degree of utility."[ citation needed ]
In NATO, the questions driving collection management are Priority Intelligence Requirements (PIR). PIRs are a component of Collection Coordination and Intelligence Requirements Management (CCIRM) focused on the collection process, uniting the intelligence effort to maneuver through Decision Points (DPs). These questions, refined into Information Requirements (IRs), enable the Collection Manager (CM) to focus assets on a problem. Without this synchronization, it would be impossible to ensure that the intelligence focus meets the commander's requirements and priorities. [3]
When a PIR defining the information to be collected exists, discipline specialists and resource schedulers select the appropriate collection system and plan the mission, taking into account the capabilities and limitations of collection platforms. Weather, terrain, technical capabilities and opponents' countermeasures determine the potential for successful collection. Through an understanding of all available platforms (tied to questions related to the PIR) the collection manager synchronizes available assets, theatre and corps collection, national capabilities and coalition resources (such as the Torrejon Space Center) to maximize capabilities.[ citation needed ]
Despite the desirability of a given method, the information required may not be collectible due to interfering circumstances. The most desirable platform may not be available; weather and enemy air-defense might limit the practicality of UAVs and fixed-wing IMINT platforms. If air defense is the limitation, planners might request support from a national-level IMINT satellite. If a satellite will do the job, the orbits of available satellites may not be suitable for the requirement.
If weather is the issue, it might be necessary to substitute MASINT sensors which can penetrate the weather and get some of the information. SIGINT might be desired, but terrain masking and technical capabilities of available platforms might require a space-based (or long-range) sensor or exploring whether HUMINT assets might be able to provide information. The collection manager must take these effects into consideration and advise the commander on the situational awareness available for planning and execution.
Other sources may take some time to collect the necessary information. MASINT depends on a library of signatures of normal sensor readings, so deviations stand out. Cryptanalytic COMINT can take considerable time to enter into a cryptosystem, with no guarantee of success.
An available, appropriate collection platform does not mean it will be useful if the facilities needed to receive and process the information are unavailable. Two factors affect this process: the physical capabilities of the intelligence systems and the training and capabilities of the intelligence section.
Collection platforms able to collect tens of thousands of pieces of information per hour need receivers which can accept that volume. The collection capability, even with self-generating reports, can quickly overwhelm inexperienced or understaffed analysts. While the CM is primarily concerned with collection, they must also know if analysis for the requested system has the resources to reduce and analyze the sensor data within a useful length of time.
IMINT and SIGINT ground stations may be able to accept sensor data, but the networks and information-processing systems may be inadequate to get data to analysts and commanders; an example is imagery intelligence derived from UAVs and fixed-wing IMINT platforms. Commanders and staff are accustomed to receiving quality imagery products and UAV feeds for planning and execution of their missions. In exercises, this is often done with high-speed fixed networks; in a mobile, fluid battle it would be nearly impossible to develop a network capable of carrying the same amount of information. The CM must decide if an analytic report (rather than the imagery itself) will answer the question; when a hard-copy image or video is required, the CM must inform staff members of the cost to the IT network and HQ bandwidth.
Collection management is the cornerstone on which intelligence support to ARRC operations is built. Since the starting point of the collection process is the commander's PIRs, they are a critical component of the staff planning process and support the commander's decision-making.
Intelligence requirements were introduced after World War II. After an initial phase where field personnel decided priorities, an interim period began in which requirements were considered "as desirable but were not thought to present any special problem. Perhaps the man in the field did, after all, need some guidance; if so, the expert in Washington had only to jot down a list of questions and all would be well." [4]
In a third phase (by the early 1950s), a consensus was established that a formal requirement structure was needed. When that machinery was set up, specialized methodologies for requirement management needed to be developed. The methodologies first needed were those used against the Sino-Soviet bloc, and radical changes in the threat environment may make some of those methodologies inappropriate.
Requirements may be cast in terms of analysis technique, collection method, subject matter, source type or priority. Heffter's article says that not every problem is a special case, but may be a problem "central to the very nature of the requirements process. One cannot help feeling that too little of the best thinking of the community has gone into these central problems—into the development, in a word, of an adequate theory of requirements." [5]
"But there is often a conspicuous hiatus" between requirements produced at a managerial level "and the requirements produced on the working level. Dealing with general matters has itself become a specialty. We lack a vigorous exchange of views between generalists and specialists, requirements officers and administrators, members of all agencies, analysts in all intelligence fields, practitioners of all collection methods, which might lead at least to a clarification of ideas and at best to a solution of some common problems." [4]
Priority-based needs must be presented, with the best way to meet those needs based on an effective use of the collection means available. Heffter's paper centers on the management of priorities for the use of collection assets; three factors which must be balanced are:
" ... Each of the three kinds answers a deep-felt need, has a life of its own, and plays a role of its own in the total complex of intelligence guidance". Since Heffter focused on the problem of priorities, he concerned himself chiefly with policy directives, which set overall priorities. Within that policy, "requests are also very much in the picture since priorities must govern their fulfillment". [4]
A collection requirement is "a statement of information to be collected".[ citation needed ] Several tendencies hinder precision:
These differing desires can cause friction or complement one another. The tendencies can complement each other if brought into balance, but their coexistence has often been marked with friction.
The characteristics of a requirement are:
In intelligence, the meaning of "require" has been redefined. Under this interpretation, one person (the "customer") makes a request (or puts a question) to another of equal status (the collector) who fulfills (or answers) it as best they can.
There is an honor system on both sides:
The relationship is free from compulsion. The use of direct requests appeals to collectors, who find that it provides them with more viable, collectible requirements than any other method. It sometimes appeals to requester-analysts, who (if they find a receptive collector) can get more requirements accepted than would be possible otherwise.
The elements of need, compulsion and request are embodied in three types of collection requirements: the inventory of needs, addressed to the community at large and to nobody in particular; the directive, addressed by a higher to a lower echelon; and the request, addressed by a customer to a collector.
Intelligence watch centers and interdisciplinary groups, such as the Counterterrorism Center, can create and update requirements lists. Commercial customer relationship management (CRM) software or the more-powerful enterprise relationship management (ERM) systems might be adapted to managing the workflow separate from the most sensitive content. No collector is directed (required) to collect on the basis of these lists, and the lists are not addressed to any single collector. CRM, ERM and social-networking software routinely build ad hoc alliances for specific projects (see NATO Collection Guidance, above).
Branch and station chiefs have refused to handle the Periodic Requirements List (PRL) because these are "not really requirements," i.e., they are not requests to the clandestine collector for information which only he can provide. Intelligence requirements in the PRL may be crafted to elicit information from a specific source, sidestepping a request process which could have ended in denial. [4]
PRLs are sometimes used for guidance, despite their description as inventories. Revised three times a year, they are the most up-to-date requirement statements and their main subject is current affairs of political significance. Although the inventory of needs is a valuable analytical instrument in the intelligence-production office which originates it, it cannot set priorities.
Although short, prioritized directives for collection missions have come from top-level inter-agency policy boards, directives more often come from lower managerial levels. They are most useful in the following circumstances:
Technical collection methods are the least ambiguous, with meaningful priorities and actual, scheduled resources. HUMINT is flexible, but uses a wider range of methods. Agencies requiring HUMINT prepare lists of priorities which establish goals, provide a basis for planning and summarize the information needs of consumers.
Most requirements fall into this category, including the majority of those with requirement-tracking identifiers in a community-wide numbering system administered by a central group. Requests vary, from a twenty-word question to a fifty-page questionnaire and asking for one fact or a thousand related facts. Its essence is the relationship between requester and collector.
A variant on the request is the solicited requirement, in which the request itself is requested by the collector. The collector informs the customer of their capability and asks for requirements tailored to it. The consumer and collector then negotiate a requirement and priority. In clandestine collection, solicited requirements are regularly used for legal travelers, for defectors and returnees, and for others whose capability or knowledge can be used only through detailed guidance or questioning. Solicited requirements blend into jointly developed ones, in which collector and consumer work out the requirement (usually for a subject of broad scope, at the collector's initiative).
A department (or agency) which collects intelligence primarily to satisfy its own requirements usually maintains an internal requirements system with its own terminology, categories and priorities, with a single requirements office to direct its collection on behalf of its consumers. One requirements office, or a separate branch of it, represents collector and consumer in dealing with other agencies. Where consumers depend on many collectors and collections serve consumers throughout the community, no such one-to-one system is possible and each major component (collector or consumer) has its own requirements office.
Requirements offices are middlemen, with an understanding of the problems of those they represent and those whom they deal with on the outside. A consumer requirements officer must find the best collection bargain he can for his analyst client, and a collector requirements officer must find the best use for the resources he represents and protect them from unreasonable demands.
Intelligence taken from sensitive sources cannot be used without exposing the methods or persons providing it. A strength of the British penetration of the German Enigma cryptosystem was that no information learned from it or other systems was used for operations without a more plausible reason for the information leak that the Germans would believe. If the movement of a ship was learned through deciphered Enigma, a reconnaissance aircraft was sent into the same area and allowed to be seen by the Axis so the detection was attributed to the aircraft. When an adversary knows that a cryptosystem has been broken, they usually change systems immediately, cutting off a source of information and turning the break against the attacker, or they leave the system unchanged and use it to deliver disinformation. [6]
In strategic arms limitation, a different sensitivity applied. Early in the discussion, the public acknowledgement of satellite photography elicited concern that the "Soviet Union could be particularly disturbed by public recognition of this capability [satellite photography]...which it has veiled." [7]
Early in the collection process, the identity of the source is removed from reports to protect clandestine sources from being discovered. A basic model is to separate the raw material into three parts:
Since the consumer will need some idea of source quality, it is not uncommon in the intelligence community to have several variants on the source identifier. At the highest level, the source might be described as "a person with access to the exact words of cabinet meetings". At the next level of sensitivity, a more general description could be "a source with good knowledge of the discussions in cabinet meetings". Going down another level the description gets even broader, as "a generally reliable source familiar with thinking in high levels of the government".
In U.S. practice, [8] a typical system, using the basic A-F and 1-6 conventions below, comes from ( FM 2-22.3 , Appendix B, Source and Information Reliability Matrix). Raw reports are typically given a two-part rating by the collection department, which also removes all precise source identification before sending the report to the analysts.
Code | Source rating | Explanation |
---|---|---|
A | Reliable | No doubt of authenticity, trustworthiness or competency; has a history of complete reliability |
B | Usually reliable | Minor doubt about authenticity, trustworthiness or competency; has a history of valid information most of the time |
C | Fairly reliable | Doubt of authenticity, trustworthiness or competency, but has provided valid information in the past |
D | Not usually reliable | Significant doubt about authenticity, trustworthiness or competency but has provided valid information in the past |
E | Unreliable | Lacking in authenticity, trustworthiness and competency; history of invalid information |
F | Cannot be judged | No basis exists |
Code | Rating | Explanation |
---|---|---|
1 | Confirmed | Confirmed by other independent sources; logical in itself; consistent with other information on the subject |
2 | Probably true | Not confirmed; logical in itself; consistent with other information on the subject |
3 | Possibly true | Not confirmed; reasonably logical in itself; agrees with some other information on the subject |
4 | Doubtfully true | Not confirmed; possible but not logical; no other information on the subject |
5 | Improbable | Not confirmed; not logical in itself; contradicted by other information on the subject |
6 | Cannot be judged | No basis exists |
An "A" rating might mean a thoroughly trusted source, such as your own communications intelligence operation. Although that source might be completely reliable, if it has intercepted a message which other intelligence has indicated was deceptive the report reliability might be rated 5 (known false) and the report would be A-5. A human source's reliability rating would be lower if the source is reporting on a technical subject and its expertise is unknown.
Another source might be a habitual liar, but provides enough accurate information to be useful. Its trust rating would be "E"; if the report was independently confirmed, it would be rated "E-1".
Most intelligence reports are somewhere in the middle, and a "B-2" is taken seriously. It is sometimes impossible to rate the reliability of the source (often from lack of experience with it), so an F-3 could be a reasonably probable report from an unknown source. An extremely trusted source might submit a report which cannot be confirmed or denied, so it would get an "A-6" rating.
In a report rating the source part is a composite, reflecting experience with the source's reporting history, their direct knowledge of what is being reported and their understanding of the subject. Similarly, technical collection may have uncertainty about a specific report, such as partial cloud cover obscuring a photograph.
When a source is untested, "then evaluation of the information must be done solely on its own merits, independent of its origin".[ citation needed ] A primary source passes direct knowledge of an event to the analyst. A secondary source provides information twice removed from the original event: one observer informs another, who then relays the account to the analyst. The more numerous the steps between the information and the source, the greater the opportunity for error or distortion.
Another part of a source rating is proximity. A human source who participated in a conversation has the best proximity, but the proximity is lower if the source recounts what a participant told him was said. Was the source a direct observer of the event, or (if a human source) is he or she reporting hearsay? Technical sensors may directly view an event, or infer it. A geophysical infrasound sensor can record the pressure wave of an explosion, but may be unable to tell if an explosion was due to a natural event or an industrial accident. It may be able to tell that the explosion was not nuclear, since nuclear explosions are more concentrated in time.
If a human source who has provided reliable political information submits a report on the technical details of a missile system, the source's reliability in political matters only generally supports the likelihood that the source understands rocket engineering. If they describe rocket details making no more sense than a low-budget science-fiction movie, such a report should be discounted (a component of the source rating known as appropriateness).
Separate from the source evaluation is the evaluation of the report's substance. The first factor is plausibility, indicating that the information is certain, uncertain, or impossible. Deception always must be considered for otherwise-plausible information.
Based on the analyst's knowledge of the subject, is the information something that reasonably follows from other things known about the situation? This is expectability. If traffic analysis puts the headquarters of a tank unit at a given location, and IMINT reveals a tank unit at that location doing maintenance typical of preparation for an attack, and a separate COMINT report indicates that a senior armor officer is flying to that location, an attack can be expected. In this example, the COMINT report has the support of traffic analysis and IMINT.
When evaluating a report is difficult, its confirmation may be the responsibility of the analysts, the collectors or both. In the U.S. the NSA is seen as a collection organization, with its reports to be analyzed by the CIA and Defense Intelligence Agency.
One example came from World War II, when U.S. Navy cryptanalysts intercepted a message in the JN-25 Japanese naval cryptosystem clearly related to an impending invasion of "AF". Analysts in Honolulu and Washington differed, however, as to whether AF referred to a location in the Central Pacific or in the Aleutians. Midway Island was the likely Central Pacific target, but the U.S. commanders needed to know where to concentrate their forces. Jason Holmes at the Honolulu station knew that Midway had to make (or import) its fresh water and arranged for a message to be sent to the Midway garrison via a secure undersea cable, in a cryptosystem known to have been broken by the Japanese, that their desalination plant was broken. Soon afterwards, a message in JN-25 said that "AF" was short of fresh water (confirming the target was Midway). [9]
Counterintelligence (counter-intelligence) or counterespionage (counter-espionage) is any activity aimed at protecting an agency's intelligence program from an opposition's intelligence service. It includes gathering information and conducting activities to prevent espionage, sabotage, assassinations or other intelligence activities conducted by, for, or on behalf of foreign powers, organizations or persons.
Measurement and signature intelligence (MASINT) is a technical branch of intelligence gathering, which serves to detect, track, identify or describe the distinctive characteristics (signatures) of fixed or dynamic target sources. This often includes radar intelligence, acoustic intelligence, nuclear intelligence, and chemical and biological intelligence. MASINT is defined as scientific and technical intelligence derived from the analysis of data obtained from sensing instruments for the purpose of identifying any distinctive features associated with the source, emitter or sender, to facilitate the latter's measurement and identification.
An intelligence officer is a person employed by an organization to collect, compile or analyze information which is of use to that organization. The word of officer is a working title, not a rank, used in the same way a "police officer" can also be a sergeant, or in the military, in which non-commissioned personnel may serve as intelligence officers.
The intelligence cycle is an idealized model of how intelligence is processed in civilian and military intelligence agencies, and law enforcement organizations. It is a closed path consisting of repeating nodes, which will result in finished intelligence. The stages of the intelligence cycle include the issuance of requirements by decision makers, collection, processing, analysis, and publication of intelligence. The circuit is completed when decision makers provide feedback and revised requirements. The intelligence cycle is also called intelligence process by the U.S. Department of Defense (DoD) and the uniformed services.
In the United States, geospatial intelligence (GEOINT) is intelligence about the human activity on Earth derived from the exploitation and analysis of imagery, signals, or signatures with geospatial information. GEOINT describes, assesses, and visually depicts physical features and geographically referenced activities on the Earth. GEOINT, as defined in US Code, consists of imagery, imagery intelligence (IMINT) and geospatial information.
The Directorate of Operations (DO), less formally called the Clandestine Service, is a component of the US Central Intelligence Agency. It was known as the Directorate of Plans from 1951 to 1973; as the Directorate of Operations from 1973 to 2005; and as the National Clandestine Service (NCS) from 2005 to 2015.
Intelligence analysis is the application of individual and collective cognitive methods to weigh data and test hypotheses within a secret socio-cultural context. The descriptions are drawn from what may only be available in the form of deliberately deceptive information; the analyst must correlate the similarities among deceptions and extract a common truth. Although its practice is found in its purest form inside national intelligence agencies, its methods are also applicable in fields such as business intelligence or competitive intelligence.
Materials MASINT is one of the six major disciplines generally accepted to make up the field of Measurement and Signature Intelligence (MASINT), with due regard that the MASINT subdisciplines may overlap, and MASINT, in turn, is complementary to more traditional intelligence collection and analysis disciplines such as SIGINT and IMINT. MASINT encompasses intelligence gathering activities that bring together disparate elements that do not fit within the definitions of Signals Intelligence (SIGINT), Imagery Intelligence (IMINT), or Human Intelligence (HUMINT).
Electro-optical MASINT is a subdiscipline of Measurement and Signature Intelligence, (MASINT) and refers to intelligence gathering activities which bring together disparate elements that do not fit within the definitions of Signals Intelligence (SIGINT), Imagery Intelligence (IMINT), or Human Intelligence (HUMINT).
Intelligence cycle management refers to the overall activity of guiding the intelligence cycle, which is a set of processes used to provide decision-useful information (intelligence) to leaders. The cycle consists of several processes, including planning and direction, collection, processing and exploitation, analysis and production, and dissemination and integration. The related field of counterintelligence is tasked with impeding the intelligence efforts of others. Intelligence organizations are not infallible but, when properly managed and tasked, can be among the most valuable tools of management and government.
Intelligence Analysis Management is the process of managing and organizing the analytical processing of raw intelligence information. The terms "analysis", "production", and "processing" denote the organization and evaluation of raw information used in a phase informally called "connecting the dots", thus creating an "intelligence mosaic". The information may result in multiple analytic products, each with different security classifications, time scales, and levels of detail. Intelligence analysis goes back to the beginning of history. Sherman Kent is often considered the father of modern intelligence analysis. His writings include a 1947 book, Strategic Intelligence for American World Policy.
Intelligence dissemination management is a maxim of intelligence arguing that intelligence agencies advise policymakers instead of shaping policy. Due to the necessity of quick decision-making in periods of crisis, intelligence analysts may suggest possible actions, including a prediction of the consequences of each decision. Intelligence consumers and providers still struggle with the balance of what drives information flow. Dissemination is the part of the intelligence cycle that delivers products to consumers, and intelligence dissemination management refers to the process that encompasses organizing the dissemination of the finished intelligence.
National intelligence programs, and, by extension, the overall defenses of nations, are vulnerable to attack. It is the role of intelligence cycle security to protect the process embodied in the intelligence cycle, and that which it defends. A number of disciplines go into protecting the intelligence cycle. One of the challenges is there are a wide range of potential threats, so threat assessment, if complete, is a complex task. Governments try to protect three things:
Failure in the intelligence cycle or intelligence failure, is the outcome of the inadequacies within the intelligence cycle. The intelligence cycle itself consists of six steps that are constantly in motion: requirements, collection, processing and exploitation, analysis and production, dissemination and consumption, and feedback.
The Schlesinger Report, originally titled A Review of the Intelligence Community, was the product of a survey authorized by U.S. President Richard Nixon late in 1970. The objective of the survey was to identify and alleviate factors of ineffectiveness within the United States Intelligence Community (IC) organization, planning, and preparedness for future growth. The report, prepared by James Schlesinger, Deputy Director of the Office of Management and Budget (OMB), was submitted to Nixon on 10 March 1971.
The target-centric approach to intelligence is a method of intelligence analysis that Robert M. Clark introduced in his book "Intelligence Analysis: A Target-Centric Approach" in 2003 to offer an alternative methodology to the traditional intelligence cycle. Its goal is to redefine the intelligence process in such a way that all of the parts of the intelligence cycle come together as a network. It is a collaborative process where collectors, analysts and customers are integral, and information does not always flow linearly.
The reconnaissance mission within the United States Marine Corps is divided into two distinct but complementary aspects; Marine Division Recon and Force Reconnaissance.
Document Exploitation (DOCEX) is the set of procedures used by the United States Armed Forces to discover, categorize, and use documents seized in combat operations. In the course of performing its missions in the War on Terrorism, members of the United States Armed Forces discover vast amounts of documents in many formats and languages. When documents are suspected of containing information of potential intelligence value, rapid and accurate interpretation of the information identifies targets, bolsters success in subsequent operations, and enhances tactical and strategic all-source intelligence efforts. The sheer volume of documents acquired in the course of military operations can overwhelm a unit's capability to extract meaningful information in a timely manner.
Geographic information systems (GIS) play a constantly evolving role in geospatial intelligence (GEOINT) and United States national security. These technologies allow a user to efficiently manage, analyze, and produce geospatial data, to combine GEOINT with other forms of intelligence collection, and to perform highly developed analysis and visual production of geospatial data. Therefore, GIS produces up-to-date and more reliable GEOINT to reduce uncertainty for a decisionmaker. Since GIS programs are Web-enabled, a user can constantly work with a decision maker to solve their GEOINT and national security related problems from anywhere in the world. There are many types of GIS software used in GEOINT and national security, such as Google Earth, ERDAS IMAGINE, GeoNetwork opensource, and Esri ArcGIS.
All-source intelligence is a term used to describe intelligence organizations, intelligence analysts, or intelligence products that are based on all available sources of intelligence collection information.