Myths vs. Realities: The Private Intel Cycle

This is the first in a series of posts in the Myths vs. Realities Series. In each post, my goal is to help you better understand the field of private intelligence generally and geopolitical risk consulting specifically. Note that I compare the U.S. Intelligence Community with private intelligence firms not because I think the IC and its methodology is to be considered the ideal, but rather because private intelligence firms are often to compared to, and compare themselves to, the IC. For those who haven’t visited this site before, you may want to start by reading the Glossary

For this first post, I’d like to address two things which are often compared: the Intelligence Community’s mission in terms of supporting executive decision-making, and private intelligence and risk assessment firms’ mission in terms of supporting their clients’ decision-making. The biggest misconception that I hear when discussing my work is that many people think private intelligence firms and geopolitical risk firms operate just like a mini intelligence agency. This is a myth. The myth's origins lie in the fact that many former government intelligence professionals transition to private intelligence and risk firms over the course of their careers, and many of these firms were founded by former government officials. As a result, it stands to reason that these individuals sought to reproduce the intelligence cycle at those private firms. (In a forthcoming post, I’ll discuss more about how this myth is often perpetuated by many firms’ marketing initiatives.) 

Let's take a moment to review the basic intelligence cycle: 

Requirements > Planning > Collection > Exploitation > Analysis > Production > Dissemination (Ideally, feedback flows backward through the cycle, helping collectors and analysts refine requirements, update planning priorities, etc.)  

To carry out its mission- providing for national security and supporting the creation of policy- the Intelligence Community has vast resources in terms of personnel, money and capabilities, and seeks to work at the highest speed, meeting as much of its mission as possible through the use of as many resources as necessary. There is a division of labor- collectors employ a variety of sources and methods to gather information, while analysts turn that information into intelligence.

The private intelligence firm's mission is to support executive and strategic decision-making, which helps clients determine best policies and achieve their goals. In this respect, the similarity holds, but that's also where it ends. The resources available to private firms are greatly limited; most of the information is open source, and the tactics are simple and legal. In private intelligence firms, profit, rather than national security are the driving force, and firms want to get the best value per mile, rather than the highest speed at any cost. Private firms have limited numbers of employees, and frequently must rely on local contractors employed for a few hours to collect local information. These contractors often lack the level of vetting and control of human sources in the IC. These firms must also contend with the limited financial resources that are available for use in responding to collection requirements. The analysts and collectors are often one and the same, despite the different skills necessary to succeed in each task. This also introduces substantial bias- analysts just search for enough information to answer a question, and then stop collecting, instead of being able to analyze a wider range of information, some of which could contradict their analysis. There’s a lot to say on this subject as well, and I’ll cover the issue of bias in another post. 

As a result, the private intelligence cycle looks like this: 

Client question > Outlining > Desk Research/Local Contractor Interview/Expert Interview > Basic Analysis > Template > Delivery to Client (Feedback, which should flow back at each step, is nearly nonexistent.) 

What most people expect, of course, is that Former Government Official X is the person writing products. This is almost never the case, since that person is usually in management, and rarely even reviews a product before dissemination. Products are written by junior analysts, many only a year or so out of school, and lacking any Intelligence Community experience, making it hard for them to be able to carry out all aspects of the intelligence cycle successfully. In many cases, one individual is responsible for every aspect, which of course is not the way it's done in the IC. There is little feedback flowing backwards through the cycle. The bottom line is that some parts of the cycle may be successfully reproduced, but the flaws of the cycle are also magnified.  

Let's break down the issues with each step of the cycle. The most important part is the collection requirement. To get a good answer, one must ask the right question. In the IC, there is a clear and longstanding interaction between the producer of the intelligence and the consumer, allowing for greater communication and clarification between the two entities. The government has a more holistic view of the strategic value of intelligence, and tends to operate on broad, long-term requirements. The government is interested in just about everything. For example, the US government is interested in Chinese intentions in the South China Sea. In contrast, private sector clients are usually interested only in, and only willing to pay for, the things that will affect their operations. Their interests are far narrower.  In many cases, the clients themselves are not educated enough to know what may or may not affect them, and there’s little effort to educate them. Again, this is a subject I will return to in the future, when I discuss my ideas for helping integrate geopolitical risk into private sector decision-making, so make it part of an organic process, rather than an add on or afterthought. 

In the private sector, an intelligence or risk assessment firm's goal is to alert clients about issues that may affect operations and help them understand the significance. However, the private firm's clients may not be well versed in the value of the intelligence or the risk assessments, and - for sales reasons- some firms like it that way. Others only want clients to know enough to be awed and willing to pay high monthly retainers. In both cases, clients often don't know the right questions to ask, and therefore, are limiting the value they get for their money. A basic question will have an easy, cheaply acquired answer, making a client wonder why they're paying high fees. The analyst tasked with answering it may amend a convoluted or poorly phrased question, so that it can be answered with information that's easily available. This yields a frustrating answer for clients and may cause them to think the intelligence or risk firm is incapable of meeting client needs. There is a lack of constructive dialogue, and little client education taking place, to help clients understand the value and capabilities of these firms. 

Collection within the IC, as I've mentioned above, is a dynamic and multi-pronged process carried out by collectors, who are distinct from analysts, who require a different skill set and temperament. Collectors in the IC actively search for information in a variety of ways, and many are in the field, establishing long-term relationships with sources. In private firms, there is a lack of unified methodology. The analysts rarely travel, and most of their local information is based on the 3 months they spent in a country while studying abroad. Clients might think a private firm is running sophisticated human source networks, but in fact, collection is also far more ad hoc, and dependent on the connections of the analyst who receives the task, since analysts do their own collecting. In most cases, the entirely of the information used for a product is the result of desk research, thereby weakening the amount of analytical value that can be added.  

When private firms do try to run their own source networks, it’s often done without the tradecraft and discipline used by the IC, and results in somewhat embarrassing revelations. Some readers may recall a certain email revealed by Wikileaks, in which an analyst was urged to use psychological and sexual exploitation to obtain so-called "intelligence" from a "target." Based on what we’ve learned, these firms are likely as effective at those tasks as they are at protecting their sensitive data.

Finally, there’s dissemination, or the delivery of the intelligence to the customer.  There isn’t a great deal of difference between the IC and private firms on this point, and that’s the problem. Despite the wide range of technologies available to private sector firms, there’s been little innovation in terms of the product that customers receive. There is an obsession in the private sector with the term “deliverable,” a word that really just means a 10-page PDF file, and is the end result of an analyst doing desk research, doing some weak analysis of it, and putting the resulting prose into a template. I’ve written previously about why I think this is ineffective. Instead, I think the private firms’ end product should be much more dynamic and useful, but you guessed it! I’ll expand on that idea in a future post, so make it a habit check back here every Tuesday. For now, I'll look forward to your questions and comments...