An Assessment of Information Warfare as a Cybersecurity Issue

Justin Sherman is a sophomore at Duke University double-majoring in Computer Science and Political Science, focused on cybersecurity, cyberwarfare, and cyber governance. Justin conducts technical security research through Duke’s Computer Science Department; he conducts technology policy research through Duke’s Sanford School of Public Policy; and he’s a Cyber Researcher at a Department of Defense-backed, industry-intelligence-academia group at North Carolina State University focused on cyber and national security – through which he works with the U.S. defense and intelligence communities on issues of cybersecurity, cyber policy, and national cyber strategy. Justin is also a regular contributor to numerous industry blogs and policy journals.

Anastasios Arampatzis is a retired Hellenic Air Force officer with over 20 years’ worth of experience in cybersecurity and IT project management. During his service in the Armed Forces, Anastasios was assigned to various key positions in national, NATO, and EU headquarters, and he’s been honored by numerous high-ranking officers for his expertise and professionalism, including a nomination as a certified NATO evaluator for information security. Anastasios currently works as an informatics instructor at AKMI Educational Institute, where his interests include exploring the human side of cybersecurity – psychology, public education, organizational training programs, and the effects of cultural, cognitive, and heuristic biases.

Paul Cobaugh is the Vice President of Narrative Strategies, a coalition of scholars and military professionals involved in the non-kinetic aspects of counter-terrorism, defeating violent extremism, irregular warfare, large-scale conflict mediation, and peace-building. Paul recently retired from a distinguished career in U.S. Special Operations Command, and his specialties include campaigns of influence and engagement with indigenous populations.

Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.


Title:  An Assessment of Information Warfare as a Cybersecurity Issue

Date Originally Written:  March 2, 2018.

Date Originally Published:  June 18, 2018.

Summary:  Information warfare is not new, but the evolution of cheap, accessible, and scalable cyber technologies enables it greatly.  The U.S. Department of Justice’s February 2018 indictment of the Internet Research Agency – one of the Russian groups behind disinformation in the 2016 American election – establishes that information warfare is not just a global problem from the national security and fact-checking perspectives; but a cybersecurity issue as well.

Text:  On February 16, 2018, U.S. Department of Justice Special Counsel Robert Mueller indicted 13 Russians for interfering in the 2016 United States presidential election [1]. Beyond the important legal and political ramifications of this event, this indictment should make one thing clear: information warfare is a cybersecurity issue.

It shouldn’t be surprising that Russia created fake social media profiles to spread disinformation on sites like Facebook.  This tactic had been demonstrated for some time, and the Russians have done this in numerous other countries as well[2].  Instead, what’s noteworthy about the investigation’s findings, is that Russian hackers also stole the identities of real American citizens to spread disinformation[3].  Whether the Russian hackers compromised accounts through technical hacking, social engineering, or other means, this technique proved remarkably effective; masquerading as American citizens lent significantly greater credibility to trolls (who purposely sow discord on the Internet) and bots (automated information-spreaders) that pushed Russian narratives.

Information warfare has traditionally been viewed as an issue of fact-checking or information filtering, which it certainly still is today.  Nonetheless, traditional information warfare was conducted before the advent of modern cyber technologies, which have greatly changed the ways in which information campaigns are executed.  Whereas historical campaigns took time to spread information and did so through in-person speeches or printed news articles, social media enables instantaneous, low-cost, and scalable access to the world’s populations, as does the simplicity of online blogging and information forgery (e.g., using software to manufacture false images).  Those looking to wage information warfare can do so with relative ease in today’s digital world.

The effectiveness of modern information warfare, then, is heavily dependent upon the security of these technologies and platforms – or, in many cases, the total lack thereof.  In this situation, the success of the Russian hackers was propelled by the average U.S. citizen’s ignorance of basic cyber “hygiene” rules, such as strong password creation.  If cybersecurity mechanisms hadn’t failed to keep these hackers out, Russian “agents of influence” would have gained access to far fewer legitimate social media profiles – making their overall campaign significantly less effective.

To be clear, this is not to blame the campaign’s effectiveness on specific end users; with over 100,000 Facebook accounts hacked every single day we can imagine it wouldn’t be difficult for any other country to use this same technique[4].  However, it’s important to understand the relevance of cybersecurity here. User access control, strong passwords, mandated multi-factor authentication, fraud detection, and identity theft prevention were just some of the cybersecurity best practices that failed to combat Russian disinformation just as much as fact-checking mechanisms or counter-narrative strategies.

These technical and behavioral failures didn’t just compromise the integrity of information, a pillar of cybersecurity; they also enabled the campaign to become incredibly more effective.  As the hackers planned to exploit the polarized election environment, access to American profiles made this far easier: by manipulating and distorting information to make it seem legitimate (i.e., opinions coming from actual Americans), these Russians undermined law enforcement operations, election processes, and more.  We are quick to ask: how much of this information was correct and how much of it wasn’t?  Who can tell whether the information originated from un-compromised, credible sources or from credible sources that have actually been hacked?

However, we should also consider another angle: what if the hackers hadn’t won access to those American profiles in the first place?  What if the hackers were forced to almost entirely use fraudulent accounts, which are prone to be detected by Facebook’s algorithms?  It is for these reasons that information warfare is so critical for cybersecurity, and why Russian information warfare campaigns of the past cannot be equally compared to the digital information wars of the modern era.

The global cybersecurity community can take an even greater, active role in addressing the account access component of disinformation.  Additionally, those working on information warfare and other narrative strategies could leverage cybersecurity for defensive operations.  Without a coordinated and integrated effort between these two sectors of the cyber and security communities, the inability to effectively combat disinformation will only continue as false information penetrates our social media feeds, news cycles, and overall public discourse.

More than ever, a demand signal is present to educate the world’s citizens on cyber risks and basic cyber “hygiene,” and to even mandate the use of multi-factor authentication, encrypted Internet connections, and other critical security features.  The security of social media and other mass-content-sharing platforms has become an information warfare issue, both within respective countries and across the planet as a whole.  When rhetoric and narrative can spread (or at least appear to spread) from within, the effectiveness of a campaign is amplified.  The cybersecurity angle of information warfare, in addition to the misinformation, disinformation, and rhetoric itself, will remain integral to effectively combating the propaganda and narrative campaigns of the modern age.


Endnotes:

[1] United States of America v. Internet Research Agency LLC, Case 1:18-cr-00032-DLF. Retrieved from https://www.justice.gov/file/1035477/download

[2] Wintour, P. (2017, September 5). West Failing to Tackle Russian Hacking and Fake News, Says Latvia. Retrieved from https://www.theguardian.com/world/2017/sep/05/west-failing-to-tackle-russian-hacking-and-fake-news-says-latvia

[3] Greenberg, A. (2018, February 16). Russian Trolls Stole Real US Identities to Hide in Plain Sight. Retrieved from https://www.wired.com/story/russian-trolls-identity-theft-mueller-indictment/

[4] Callahan, M. (2015, March 1). Big Brother 2.0: 160,000 Facebook Pages are Hacked a Day. Retrieved from https://nypost.com/2015/03/01/big-brother-2-0-160000-facebook-pages-are-hacked-a-day/

Anastasios Arampatzis Assessment Papers Cyberspace Information and Intelligence Information Systems Justin Sherman Paul Cobaugh Political Warfare Psychological Factors

Assessing Al Suri’s Individual Terrorism Jihadist Against Lone Wolves

Cory Newton served as a Machinegunner in the United States Marine Corps from 1996-2000 and earned a B.S. in Philosophy, Politics, and Economics form Eastern Oregon University in 2012.  Cory authored Constitutional Capitalism and Common Defense in 2014 and can be found on Twitter @corynewton78 or on the web at www.corynewton.com.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.


Title:  Assessing Al Suri’s Individual Terrorism Jihadist Against Lone Wolves

Date Originally Written:  December 11, 2017.

Date Originally Published:  February 19, 2018.

Summary:  Terrorism is a tactic and often results in dead or wounded civilians.  Both individual terrorism jihadists and lone wolves use this tactic.  Despite this tactic producing similar results by whomever uses it, there is a distinct difference between individual terrorism jihadists and lone wolves.  Until governments understand and accept this difference, data related to attacks that use terrorism tactics will be skewed.

Text:  The Global Islamic Resistance Call was published by Abu Mus’ab al-Suri in January 2005[1].  The military theory of the Resistance Call is based on applying two forms of jihad.  The first form is individual terrorism jihad and secret operational activity of small units totally separated from each other.  The second form is participation in jihad at the open fronts wherever the necessary preconditions exist.  The individual terrorism jihadist differs from an open front jihadist in that the individual jihadist is unable to make it to the open front.  The individual terrorism jihadist also differs from the small cell jihadist in that their actions are truly independent.  Individual terrorism jihad was specifically designed to maximize feelings of helplessness of the targeted population by unleashing the innovation, initiative, and creativity inherent in a decentralized structure.

Individual terrorism jihad enables anyone, anywhere, at any time to wage jihad using terrorism without formally being affiliated with a terrorist organization.  All the individual terrorism jihadist must do is be properly motivated to take action in the name of jihad, identify a weakness or vulnerability, and apply force to exploit it.  Although the attacker does not have any direct ties to a terrorist organization, the attacker has rationally chosen to wage jihad using terrorism in a manner which they expect the attack to produce more benefits than costs.

There is a clear distinction between participation in what Al-Suri identified as individual terrorism jihad and lone wolf violent extremists who use terrorist tactics in the name of their cause.

Suppose a person who is inspired by, but not directly affiliated with, any one of the 917 hate groups in the United States identified by the Southern Poverty Law Center (SPLC)[2] carries out a lone wolf terrorist attack.  Despite the violent extremists’ non affiliation with an SPLC-identified hate group, the attack will likely be investigated as an act of terror.

On the other hand, suppose a marginalized person is seduced by an outside of the mainstream Islamist organization.  The person lacks affiliation to a terrorist organization but possess “a resolute, personal decision to perform the individual duty of jihad[1]” which motivates them to conduct an active shooting, knife attack, or vehicular ramming assault in which they verbalize their intentions with an Allahu Akbar war cry.  Despite the attacker’s non affiliation with a terrorist organization, the attack will likely be investigated as an act of terror.

One difference between the two acts of terror described above is that the former is carried out by a lone wolf using terrorism to wage war on a local scale, while the latter is performed by an individual terrorism jihadist locally waging war on a global scale.  The lone wolf who carries out a terrorist attack does not belong to a decentralized military theory of global Islamist resistance, as the individual terrorism jihadist does.  Individual terrorism jihad is similar to an independent franchise.  A lone wolf attack is independent, but usually does not occur within the context of a global resistance movement.

The individual terrorism jihadist and the lone wolf are two different threats.  As terroristic violence that specifically originates from the concept of individual terrorism jihad differs from terroristic violence that originates from the lone wolf, consideration should be given to classifying each differently in order to measure the frequency and severity of individual terrorism jihadist attacks.  If the frequency and severity of terrorist attacks by lone wolves is measured separately, terrorism data will be more accurate.  Both types of terrorist attacks will often have identical consequences.  The carnage wrought by an individual terrorism jihadist may very well be indistinguishable from the carnage wrought by a lone wolf white nationalist or lone wolf ecological extremist.  One is the result of global jihad attacking locally.  The other is a localized attack seeking national media attention.

As individual terrorism jihad and lone wolf attacks continue to increase, it is important properly identify and properly categorize each.  Theodore Kaczynski is the best example of a lone wolf who waged war using terrorism.  The threat posed by a person in that category is significantly different from an individual jihadist locally attacking a variety of soft targets using rifles, blades, explosives, or vehicles in the context of a global resistance movement.

Both individual terrorism jihad attacks and lone wolf attacks will continue to increase and evolve.  In order to combat these attacks in the future it is best if government officials understand whether the terrorist actions are part of global resistance movement or based on a personal or localized motivation.  In the case of individual terrorism jihad, these attacks will continue until the cost far exceeds the benefits.  The U.S. is very effective at determining the amount of force necessary to destroy enemy personnel and equipment.  Unfortunately, the U.S. still has a long way to go in determining the fine line between the amount of force necessary to destroy the enemies’ will to fight, and the amount of force that will galvanize the enemies’ will to resist.


Endnotes:

[1] Lia, Brynjar (2008) Columbia University Press, Architect of Global Jihad, The Global Islamic Resistance Call (Key Excerpts), Military Theory of The Global Islamic Resistance Call, Page 371

[2] Southern Poverty Law Center Hate Map. (n.d.). Retrieved December 13, 2017, from https://www.splcenter.org/hate-map

Assessment Papers Cory Newton Information and Intelligence Violent Extremism

Evolution of U.S. Cyber Operations and Information Warfare

Brett Wessley is an officer in the U.S. Navy, currently assigned to U.S. Pacific Command.   The contents of this paper reflect his own personal views and are not necessarily endorsed by U.S. Pacific Command, Department of the Navy or Department of Defense.  Connect with him on Twitter @Brett_Wessley.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.  


National Security Situation:  Evolving role of cyber operations and information warfare in military operational planning.

Date Originally Written:  April 19, 2017.

Date Originally Published:  May 25, 2017.

Author and / or Article Point of View:  This article is intended to present options to senior level Department of Defense planners involved with Unified Command Plan 2017.

Background:  Information Warfare (IW) has increasingly gained prominence throughout defense circles, with both allied and adversarial militaries reforming and reorganizing IW doctrine across their force structures.  Although not doctrinally defined by the U.S. Department of Defense (DoD), IW has been embraced with varying degrees by the individual branches of the U.S. armed forces[1].  For the purposes of this paper, the definition of IW is: the means of creating non-kinetic effects in the battlespace that disrupt, degrade, corrupt, or influence the ability of adversaries or potential adversaries to conduct military operations while protecting our own.

Significance:  IW has been embraced by U.S. near-peer adversaries as a means of asymmetrically attacking U.S. military superiority.  Russian Defense Minister Sergei Shoigu recently acknowledged the existence of “information warfare troops,” who conduct military exercises and real-world operations in Ukraine demonstrating the fusion of intelligence, offensive cyber operations, and information operations (IO)[2].   The People’s Republic of China has also reorganized its armed forces to operationalize IW, with the newly created People’s Liberation Army Strategic Support Force drawing from existing units to combine intelligence, cyber electronic warfare (EW), IO and space forces into a single command[3].

Modern militaries increasingly depend on sophisticated systems for command and control (C2), communications and intelligence.  Information-related vulnerabilities have the potential for creating non-kinetic operational effects, often as effective as kinetic fires options.  According to U.S. Army Major General Stephen Fogarty, “Russian activities in Ukraine…really are a case study for the potential for CEMA, cyber-electromagnetic activities…It’s not just cyber, it’s not just electronic warfare, it’s not just intelligence, but it’s really effective integration of all these capabilities with kinetic measures to actually create the effect that their commanders [want] to achieve[4].”  Without matching the efforts of adversaries to operationalize IW, U.S. military operations risk vulnerability to enemy IW operations.

Option #1:  United States Cyber Command (USCYBERCOM) will oversee Military Department efforts to man, train, and equip IW and IW-related forces to be used to execute military operations under Combatant Command (CCMD) authority.  Additionally, USCYBERCOM will synchronize IW planning and coordinate IW operations across the CCMDs, as well as execute some IW operations under its own authority.

Risk:  USCYBERCOM, under United States Strategic Command (USSTRATCOM) as a sub-unified command, and being still relatively new, has limited experience coordinating intelligence, EW, space and IO capabilities within coherent IW operations.  USSTRATCOM is tasked with responsibility for DoD-wide space operations, and the Geographic Combatant Commands (GCCs) are tasked with intelligence, EW, and IO operational responsibility[5][6][7].”  Until USCYBERCOM gains experience supporting GCCs with full-spectrum IW operations, previously GCC-controlled IO and EW operations will operate at elevated risk relative to similar support provided by USSTRATCOM.

Gain:  USCYBERCOM overseeing Military Department efforts to man, train, and equip IW and IW-related forces will ensure that all elements of successful non-kinetic military effects are ready to be imposed on the battlefield.  Operational control of IW forces will remain with the GCC, but USCYBERCOM will organize, develop, and plan support during crisis and war.  Much like United States Special Operations Command’s (USSOCOM) creation as a unified command consolidated core special operations activities, and tasked USSOCOM to organize, train, and equip special operations forces, fully optimized USCYBERCOM would do the same for IW-related forces.

This option is a similar construct to the Theater Special Operations Commands (TSOCs) which ensure GCCs are fully supported during execution of operational plans.  Similar to TSOCs, Theater Cyber Commands could be established to integrate with GCCs and support both contingency planning and operations, replacing the current Joint Cyber Centers (JCCs) that coordinate current cyber forces controlled by USCYBERCOM and its service components[8].

Streamlined C2 and co-location of IW and IW-related forces would have a force multiplying effect when executing non-kinetic effects during peacetime, crisis and conflict.  Instead of cyber, intelligence, EW, IO, and space forces separately planning and coordinating their stove-piped capabilities, they would plan and operate as an integrated unit.

Option #2:  Task GCCs with operational responsibility over aligned cyber forces, and integrate them with current IW-related planning and operations.

Risk:  GCCs lack the institutional cyber-related knowledge and expertise that USCYBERCOM maintains, largely gained by Commander, USCYBERCOM traditionally being dual-hatted as Director of the National Security Agency (NSA).  While it is plausible that in the future USCYBERCOM could develop equivalent cyber-related tools and expertise of NSA, it is much less likely that GCC responsibility for cyber forces could sustain this relationship with NSA and other Non-Defense Federal Departments and Agencies (NDFDA) that conduct cyber operations.

Gain:  GCCs are responsible for theater operational and contingency planning, and would be best suited for tailoring IW-related effects to military plans.  During all phases of military operations, the GCC would C2 IW operations, leveraging the full spectrum of IW to both prepare the operational environment and execute operations in conflict.  While the GCCs would be supported by USSTRATCOM/USCYBERCOM, in addition to the NDFDAs, formally assigning Cyber Mission Teams (CMTs) as the Joint Force Cyber Component (JFCC) to the GCC would enable the Commander influence the to manning, training, and equipping of forces relevant to the threats posed by their unique theater.

GCCs are already responsible for theater intelligence collection and IO, and removing administrative barriers to integrating cyber-related effects would improve the IW capabilities in theater.  Although CMTs currently support GCCs and their theater campaign and operational plans, targeting effects are coordinated instead of tasked[9].  Integration of the CMTs as a fully operational JFCC would more efficiently synchronize non-kinetic effects throughout the targeting cycle.

Other Comments:  The current disjointed nature of DoD IW planning and operations prevents the full impact of non-kinetic effects to be realized.  While cyber, intelligence, EW, IO, and space operations are carried out by well-trained and equipped forces, these planning efforts remain stove-piped within their respective forces.  Until these operations are fully integrated, IW will remain a strength for adversaries who have organized their forces to exploit this military asymmetry.

Recommendation:  None.


Endnotes:

[1]  Richard Mosier, “NAVY INFORMATION WARFARE — WHAT IS IT?,” Center for International Maritime Security, September 13, 2016. http://cimsec.org/navy-information-warfare/27542

[2]  Vladimir Isachenkov, “Russia military acknowledges new branch: info warfare troops,” The Associated Press, February 22, 2017. http://bigstory.ap.org/article/8b7532462dd0495d9f756c9ae7d2ff3c/russian-military-continues-massive-upgrade

[3]  John Costello, “The Strategic Support Force: China’s Information Warfare Service,” The Jamestown Foundation, February 8, 2016. https://jamestown.org/program/the-strategic-support-force-chinas-information-warfare-service/#.V6AOI5MrKRv

[4]  Keir Giles, “The Next Phase of Russian Information Warfare,” The NATO STRATCOM Center of Excellence, accessed April 20, 2017. http://www.stratcomcoe.org/next-phase-russian-information-warfare-keir-giles

[5]  U.S. Joint Chiefs of Staff, “Joint Publication 2-0: Joint Intelligence”, October 22, 2013, Chapter III: Intelligence Organizations and Responsibilities, III-7-10.

[6]  U.S. Joint Chiefs of Staff, “Joint Publication 3-13: Information Operations”, November 20, 2014, Chapter III: Authorities, Responsibilities, and Legal Considerations, III-2; Chapter IV: Integrating Information-Related Capabilities into the Joint Operations Planning Process, IV-1-5.

[7]  U.S. Joint Chiefs of Staff, “Joint Publication 3-12 (R): Cyberspace Operations”, February 5, 2013, Chapter III: Authorities, Roles, and Responsibilities, III-4-7.

[8]  Ibid.

[9]  U.S. Cyber Command News Release, “All Cyber Mission Force Teams Achieve Initial Operating Capability,” U.S. Department of Defense, October 24, 2016.  https://www.defense.gov/News/Article/Article/984663/all-cyber-mission-force-teams-achieve-initial-operating-capability/

Brett Wessley Cyberspace Information and Intelligence Option Papers Planning Psychological Factors United States

Options for United States Intelligence Community Analytical Tools

Marvin Ebrahimi has served as an intelligence analyst.  Divergent Options’ content does not contain information of an official nature nor does the content represent the official position of any government, any organization, or any group.


National Security Situation:  Centralization of United States Intelligence Community (USIC) Analytical Tools.

Date Originally Written:  March 6, 2017.

Date Originally Published:  May 1, 2017.

Author and / or Article Point of View:  Author has served as an all-source analyst.  The author has personal experience with the countless tool suites, programs, and platforms used by intelligence analysts within the USIC to perform their analytical function, and the fact that there is no centralized collaborative environment from which such tools can be learned, evaluated, or selected for unit-specific mission sets tailored to the end-user.

Background:  Various USIC agencies and components have access to countless tool suites, some which are unique to that agency, and some available across the community.  These tools vary according to intelligence function, and are available across the multiple information systems used by intelligence components within the community[1].  While a baseline of tools are available to all, there is little centralization of these tools.  This lack of centralization requires analysts to learn and retain knowledge of how to manipulate the information systems and search engines at their disposal in order to find specific tools required for specific analytical functions.

Significance:  Digital collocation or compilation of analytical tool suites, programs, and platforms in a collaborative space would benefit all-source analysts who require access to a diverse set of tools required of their broadly focused function.  The knowledge and ability required to conduct tool-specific searches, i.e. manipulating a basic search engine in order to navigate to a landing page or agency-specific site where tool-specific information can hopefully be found, is time-consuming and detracts from analysts’ time available to conduct and employ analytical tradecraft.  This loss of time from an analyst’s daily schedule creates an opportunity cost that has yet to be realized.

Option #1:  Centralize analytical training, visibility, and accessibility to tool suites, programs, and platforms through creation of a USIC-wide collaborative analytical environment such as the Director of National Intelligence’s Intelligence Community IT Enterprise initiative[2].  Centralization of analytical training is used here to describe the necessity to train analysts on how to manipulate various databases, search engines, and environments effectively to find the specific tool suite or program required for their function.  Option #1 does not refer to centralizing all USIC member analytical training as outlined in the Intelligence Community Directive 203, “Analytical Standards.”

Risk:  Centralization of analytical training and accessibility leads to conflict primarily within respective USIC members’ unique identities and analytical functions.  The tools used by one agency may not work or be required by another.  Various agencies provide different functions, and centralizing access to tools requires further integration of all USIC agencies in the same or at least a compatible digital space.

Creation of a USIC-wide entity to collate, evaluate, and manage access to the multitude of tool suites, etc. creates yet another potentially bureaucratic element in an already robust community.  Such an entity would have to be controlled by the Office of the Director of National Intelligence unless delegated to a subordinate element.

Compartmentalization required to protect agencies’ sources and methods, analytical tradecraft included, may preclude community-wide collaborative efforts and information sharing necessary to create an effective space.

Gain:  Shared information is a shared reality.  Creation of a community-wide space to colocate analytical tool suites enables and facilitates collaboration, information exchange, and innovation across agencies.  These are positive factors in an information-driven age where rapid exchange of information is expected.

Effectiveness of end-user analysts increases with greater access to collective knowledge, skills, and abilities used by other professionals who perform similar specific analytical functions.

Community-wide efforts to improve efficiency in mission execution, development of analytical tradecraft, and the associated tools or programs can be captured and codified for mass implementation or dissemination thereby improving the overall capability of the USIC analytical workforce.

Option #2:  Improve analyst education and training that increases knowledge, skills, and abilities to better manipulate current and existing tool suites, programs, and platforms.

Risk:  USIC components continue to provide function-specific training to their own analysts while other agency partners do not benefit from agency-specific tools, due to inaccessibility or ignorance of tool), thereby decreasing the analytical effectiveness of the community as a whole.  Worded differently, community-wide access to the full range of analytical tools available does not reach all levels or entities.

Analysts rely on unstructured or personal means such as informal on-the-job training and personal networks in learning to manipulate current tools, while possibly remaining unaware or untrained on other analytical tools at their disposal elsewhere in the community.  Analysts rely on ingenuity and resolve to accomplish tasks but are not as efficient or effective.

Gain:  Analytical tradecraft unique to specific community members remains protected and inaccessible to analysts that do not possess required access, thereby preserving developed tradecraft.

Other Comments:  The author does not possess expert knowledge of collaborative spaces or the digital infrastructure required to create such an information environment; however, the author does have deployment experience as an end-user of several tool suites and programs utilized to perform specific analytical functions.  The majority of these were somewhat proliferated across a small portion of USIC components but were not widely accessible or available past basic search engine functions.

Recommendation:  None.


Endnotes:

[1] Treverton, G. F. (2016). New Tools for Collaboration. Retrieved March, 2016, from https://csis-prod.s3.amazonaws.com/s3fs-public/legacy_files/files/publication/160111_Treverton_NewTools_Web.pdf

[2] Office of the Director of National Intelligence IC IT Enterprise Fact Sheet. Retrieved March, 2017, from https://www.dni.gov/files/documents/IC%20ITE%20Fact%20Sheet.pdf

Information and Intelligence Information Systems Marvin Ebrahimi Option Papers United States