Kent and Heuer – CTI roots in a conventional interview

The vacation period is conducive to catching up with book arrears, on counterintelligence.pl so let's look at the subject called book-historic. It won't be any secret that the CTI is simply a beautiful flinching field. Even if we look at the distance between information protection and information protection in the context of computer networks, the 3 intelligence will be an even younger discipline. If the book Cliffa Stolla The Cuckoo’s Egg in which the author described his investigation into breaking into the university's network where he worked and which we can consider as the first description of the analysis of 3 intelligence came out in 1989, we had to wait about 15 years to formalize discipline. The symbolic date of the beginning of the CTI we know present is sometimes adopted in 2004 and the publication by Mandiant of a study describing the activity of the APT1 group. Given specified a short past of discipline, it cannot be amazing that it draws a fistful of achievements and discovers its "analog" ancestors. So in this post I would like to approximate 2 characters and concepts of their authorship, which, despite coming from a completely different world, are firmly embedded in modern CTI practice. Our heroes will be Sherman Kent and Richards Heuer.

Let's start with the figure whose intelligence and intelligence analysis achievements are so crucial that it is frequently called even "the father of intelligence analysis". We are talking about Sherman Kent, who, after graduating from Yale where he studied in European history, has been employed at the Office of strategical Services (OSS), which we can respect as the predecessor of the CIA. During the war he served in this organization in the investigation and Analysis Department as Head of the Department for Europe and Africa. He was there preparing for Operation Torch An Allied invasion of North Africa. After the war, he again worked on academic work at National War College and Yale, during this period writing 1 of his most celebrated works – strategical Intelligence for American planet Policy. The inspiration for writing the survey was to supply a solid methodological basis for analysts starting their professional intelligence analysis adventure. And of Kent's many activities, it is working for a methodology of analysis to guarantee that intelligence products are as valuable as possible to consumers as possible to influence the improvement of CTI practices. If we even look at Katie Nickels' post in which she writes about an example of a discipline plan for those aspiring to the function of CTI analyst, Kent's analytical doctrine is the first point. So let's take a closer look. What principles Sherman Kent meant by analytical doctrine:

1. Focus on the concerns of decision-makers – Kent, due to the conditions in which he worked, of course, focused on working in the government sector and speaking of decision-makers, he meant political decision-makers, but the rule will apply regardless of our working environment. Remember that intelligence is an advisory function and analysts must avoid creating products and ratings for their creation itself. Instead, as crucial as the analysis of the collected data to prepare the report, is the analysis of how this study can be utilized by our recipients and whether it will facilitate their work.
2. Avoid private views on the direction of politics – the rule was rather hard for me to translate into Polish, but I hope that I gave it the essence. As an analyst who influences what decisions will be made, it may be a temptation to conduct an analysis so that the final product supports a decision that will conform to our private views. This, of course, can completely disrupt our analysis process, not to mention that, by referring to the first principle, trying to impose our views, we are coming out of our analytical role.
3. Intellectual rigor – Kent paid large attention to the request for a critical and thorough assessment of the facts. This evaluation must take into account the assessment of the origin and context of the information and a fair approach from gaps in the picture.
4. Conscious effort to avoid cognitive errors – the work of an analyst is unfortunately set by traps resulting from the subconscious tendency of thinking, searching for shortcuts and the necessity to separate ourselves from the natural course of reasoning for us – for example, the request to search evidence against the thesis that seems most appropriate to us. Therefore, analysts must pay as much attention to avoiding cognitive errors as to passing on their own political and ideological beliefs in products.
5. Openness to another views and assessments – 1 of the most crucial signs that something is incorrect with the analytical process is that all analysts agree on the assessment of Kent recommended not only discussions on proposals, but even confronting views and combining opposing analyses. The "grinding" of analysts should lead to a better assessment of individual arguments, and thus more accurate analyses.
6. Regular usage of external sources – analysts should usage the widest scope of external sources and analyses, especially those with which they disagree. Additionally, Kent was a supporter of engaging in business, technological and academic cooperation to work with analysts from another centres.
7. Shared work for the assessment – erstwhile the squad of analysts has decided to make the evaluation, it should represent the position of the full team. erstwhile presenting their products to consumers, analysts should present a uniform position as a consequence of the analytical process.
8. Effective communication in support of decision-making – Kent was aware of the request to keep balance between the limited time that decision-makers gotta get acquainted with the analysis products and the request to supply all applicable details. Therefore, analysts must take care of the kind of speech, avoiding even phrases specified as “possibly”, “maybe” which in fact do not convey any value as to the assessment of the situation.
9. Honest admission of mistakes – the work of an analyst is peculiarly affected by the hazard of errors in the assessment and forecast of the situation, for example due to incomplete image of the situation or unreliable sources. It is so peculiarly crucial to usage errors and mistakes as an chance to improve the analytical workshop. But specified an approach requires an environment in which analysts feel assured and not afraid to admit mistakes.

So, as we see, Kent's principles are universal in nature and work equally well in classical intelligence and his cyber dimension. However, while the principles of Kent's doctrine are general and abstract, CTI analysts surely had contact with Kent's more circumstantial work – words of probability assessment. As a proponent of effective communication, Kent rapidly noticed the problem resulting from the usage of indeterminate statements to describe the probability of events and that they could origin confusion among the audience. Therefore, he proposed to delegate the statements to the circumstantial chances of occurrence of events expressed in percentages. The terminology proposed by him so looked as follows:

• Certain – 100% chance
• Almost certain – 93% chance +/- 6%
• Possible – 75% chance +/- 12%
• Equal chances – 50% chance +/- 10%
• Probably not – 30% chance +/- 10%
• Almost surely not – 7% chance +/- 5%
• Certainly not – 0% chance

Thus, utilizing the same terms in the preparation of a product specified as a report, an analyst facilitates the work of his recipients who do not gotta guess what the author meant by utilizing a circumstantial word and whether "almost certain" is different from "probable".

In the course of his career, Kent was deputy manager and then manager of the Office of National Estimates and the first president of the editorial board of the magazine Studies in Intelligence. Articles of this release not classified are available on the CIA website. Kent died in 1986, and in 2000 Sherman Kent School for Intelligence Analysis was established in which analysts grind their skills.

Another character whose work should be well known to CTI analysts is Richards J. Heuer. Heuer began working for the CIA shortly after obtaining a bachelor's degree in doctrine and spent 24 years in the Operations Directorate before moving to the Intelligence Directorate. His interest in nonsubjective analysis and consideration of how we come to concrete conclusions was due, among others, to the analysis of the case Yurija Nosenko – a KGB officer who switched to the United States side, but his cooperation with the American services was marked by doubts about the sincerity of his intentions And whether his betrayal was part of KGB operations. Finally, he presented his thoughts on the case in his studies in Intelligence, where he published Article on the analysis of the situation in which we are dealing with deception and attempts to confuse analysis. In terms of intelligence analysis methodology, Heuer is best known for publishing structured analytical techniques and avoiding cognitive errors. He devoted the full book to the another 1 – Psychology of Intelligence Analysis. The author noted not only how poorly our head is adapted to an nonsubjective and self-contaminated assessment of information, but besides that cognition of cognitive errors alone is not much aid to analysts. What helps is the usage of analytical tools and techniques to keep self-conscious beliefs that can influence data interpretation. The subject was besides discussed in the publication Structured Analytical Techniques for Intelligence Analysis Heuer wrote with Randolph Pherson. The item contains more than 50 techniques applicable to the full analytical process starting with generating ideas, by investigating hypotheses, up to supporting decisions. The citation of even parts of them is simply a subject on a full series of posts, but 1 of them gained peculiar designation from CTI analysts. We are talking about the analysis of the excluded hypotheses (ACH) or method consisting of independent evaluation of individual evidence in the context of previously adopted hypotheses. The symbol of the technique, as well as the simplest way to explain how it works, is the table which is the most crucial component of the process. In the table we compose how the evidence refers to the support of circumstantial hypotheses, which allows a cross-sectional view of how strong support for given hypotheses we have. Let's see, for example, in which we analyse 4 hypotheses based on 4 evidence:

So we put the evidence in the column on the left, the hypotheses in the top lines, and in the cells we compose whether the evidence supports (1), it denies (-1) whether it is neutral (0) against the hypothesis. erstwhile assessing evidence independently for each hypothesis, we can avoid imposing our own preferences on them to support a peculiar hypothesis. In addition, the table facilitates the assessment of the value of the evidence. In the example above, we can easy see that the proof numbered 4 does not truly substance for our analysis. It supports each of our hypotheses, so its removal will not affect the final assessment, which proves its low diagnostic value. In describing ACH more formally, the process has 7 phases:

1. The creation of hypotheses – preferably in conditions of brainstorming and bringing together analysts with different views we should list all possible hypotheses. In this way, we limit the anticipation of focusing on the "favorite" and poisoning the process with our own preferences at the very beginning.
2. Evidence – then we compose all the evidence supporting or contradicting the hypothesis.
3. Diagnostics – Heuer's most crucial view is the step in which the analyst evaluates how the evidence relates to hypotheses trying to exclude as many of them as possible. alternatively of focusing on all the evidence relating to a given hypothesis, the author suggests a reverse approach – an assessment of how a peculiar evidence refers to subsequent hypotheses.
4. Incompatibility – after the assessment of evidence, the analyst assesses the degree of conformity of individual hypotheses with the evidence and eliminates the most incompatible.
5. Sensitivity – an analyst assesses sensitivity, i.e. assesses how the consequence of the analysis would change if the key evidence proved false or incorrect.
6. Conclusions – on the basis of the process conducted, the analyst presents his conclusions, describing why he adopted a circumstantial hypothesis and why the others were rejected.

As we can see, Heuer's primary presumption was to separate the process of assessing hypotheses and evidence, which allows to reduce most likely the strongest and most tempting cognitive mistake – the confirmation effect erstwhile we measure evidence in the context of the solution we want to obtain. In CTI ACH is often utilized in the distribution processwhich, due to its multifacetedness and the request to operate on assumptions and incomplete information, is peculiarly susceptible to cognitive errors.

Heuer left the Intelligence Directorate in 1979, but worked on various projects as a consultant until 1995. In his work, he did not cover his fascination with cognitive psychology. and claimed that this field could be very useful in developing intelligence analysis techniques. He died in August 2018.

I frequently say that I'm very fortunate to be working at CTI. This is not only due to the fact that I can translate my passions and interests into work, but besides due to the fact that watching how a fresh field of safety is created and developed is simply a unique opportunity. Let us not forget, however, the deep roots of the interview outside the cyber sphere and how “we stand on the shoulders of giants” by assessing the origin or motivation of the attack. So let us not forget about characters specified as Kent or Heuer, whose work has created the foundation of the methodology of the present times and circumstances which no of them always dreamed of creating the first sketches of their concepts.