“Every great magic trick consists of three parts or acts. The first part is called “The Pledge.” The magician shows you something ordinary: a deck of cards, a bird or a man. He shows you this object. Perhaps he asks you to inspect it to see if it is indeed real, unaltered, normal. But of course… it probably isn’t.

The second act is called “The Turn.” The magician takes the ordinary something and makes it do something extraordinary. Now you’re looking for the secret… but you won’t find it, because of course you’re not really looking. You don’t really want to know. You want to be fooled. But you wouldn’t clap yet.

Because making something disappear isn’t enough; you have to bring it back. That’s why every magic trick has a third act, the hardest part, the part we call “The Prestige.” – Cutter

The Pledge

Intelligence covers a broad spectrum of academic disciplines and generally functions to reduce the fog of war within the Department of Defense (DoD). Within the U.S. intelligence community, among the 16 primary agencies, intelligence has a different scope and a different definition.

Thus, when discussing any kind of intelligence it’s important to put it into the context and scope of the relevant agency. Are you referring to the Central Intelligence Agency (CIA)? If so, are you referring to the Department of Operations (DO)? Or the Department of Intelligence (DI)? At the CIA, for example, the DO is a function of intelligence; however, in the DoD J3/G3/S3 or Operations is not a function of intelligence (J2/G2/S2). Operations would continue in the absence of intelligence (perhaps not as effectively) but they would continue.

Most of the time the interface for intelligence with operations in the DoD is the “Two Three” shop. The intelligence operations shop. Hypothetically, this is where Coriolanus meets Jack Murphy. The shop divides further, but that’s a topic for another day.

The Turn

The disciplines of intelligence are the following: Human intelligence (HUMINT) or what we classically think of as “spies.” Imagery Intelligence (IMINT), which is combined with geographic information systems (GIS). And signals Intelligence (SIGINT), the subcomponents of which are communications intelligence (COMINT) and electronic intelligence (ELINT) — ELINT is often the most time-sensitive of all the disciplines, followed closely by HUMINT.

The most recent entry to our field is a direct result of 9/11, and one I very much appreciate. It is open-source intelligence (OSINT). OSINT is basically everything not available using national or military collection efforts. Academia, hard copy archives, media, metadata, data repositories, and blogs are just some examples.

So what brings all these disciplines together? The fusion analyst.

To put it lightly, a good fusion analyst knows where the bodies are buried. He knows collectors by their collection code and often discusses their findings to gain insight into products. A good analyst knows operators and policymakers by name, meaning he needs to have a good doctrinal understanding of both policy and operations.

Much like the most important lines on an OPORD (Operations Order), you must understand the intent of the intelligence. Despite their nomenclature each of the above disciplines produces “data” and that data is a raw “scrape” or “collection effort.” It has not been vetted.

When a fusion analyst puts it together, it becomes “finished intelligence,” the end state of all the individual disciplines. As a fusion analyst, I write “evals” on Intelligence Information Reports (IIR) and SIGINT reports, to determine their utility and refine the collections process. The final product is a “fusion” of all inputs into a brief, web page, papers, or network chart or all the above.

In military intelligence, at the doctrinal joint level (much like Operations), enemy vulnerabilities are broken down using Clausewitz’s “center of gravity” (COG) concepts. This concept was further developed by Dr. Joe Strange, a former professor at the United States Marine Corps (USMC) war college. Last I heard, he was working at the Counter-IED Operations Integration Center (COIC). The concept is commonly referred to as Systems of Systems Analysis (SoSA).

To understand military intelligence you need to have an intimate understanding of the seven elements of national power: Diplomatic, Information, Military, Economic, Financial, Intelligence, and Law Enforcement. These are all the elements a government can use to exercise its power over both its citizens and other nations.

The doctrinal methodology (as written in Joint Publication 2-0) for looking at DIMEFIL is the Joint Intelligence Processing of the Operational Environment (or JIPOE). This is used at an operational level and is referred to as IPOE (or formerly intelligence processing of the battlespace (IPB)). It works hand in hand with the Joint Operational Planning and Execution System (JOPES).

The Fusion Analyst: An Intro to All Source Intelligence and Analysis

Read Next: The Fusion Analyst: An Intro to All Source Intelligence and Analysis

In this analyst’s opinion, to understand your job most effectively you must know how operations work intimately at the tactical, operational, and strategic levels. Only then will you be any good to a decision-maker. JIPOE categorizes all COG’s into Political, Military, Economic, Social, Infrastructural, and Informational COG’s or PMESII. Notice how these correspond to the elements of national power. This is the relationship between capabilities and vulnerabilities.

What’s important to realize is that COG’s are determined in the “Risks, Assumptions, and Constraints” portion of operational planning. If a decision-maker does not have enough information on a node or series of nodes in the COG, he designates this as a Commander’s Critical Information Requirement (CCIR). This is then used to build Priority Intelligence Requirements (PIRs): from a bottom-up approach mission, enemy, terrain and weather, troops and support available, time available, civil considerations (METT-TC) become IPOE and then this becomes JIPOE.

I am very familiar with tools like Palantir, DCGS-A, M3, etc. and I use all of them. However, that changes from top-down in the military hierarchy. I have all these tools here in CONUS (Continental United States) in a Sensitive Compartmented Information Facility (SCIF).

Once you leave the U.S. and work in TSCIF (T is for tactical) or TOC, you run into bandwidth requirements. Often times at the tactical level I have only had one or two tools available, and then you have to rely on the operator’s and analyst’s best weapon…your brain. You have to create time wheels and CARVER charts from the ground up. Not hard, but time-consuming and usually you are running against a clock that counts time in lives.

The Prestige

That’s doctrine. It’s important to understand doctrine… because you need to know it. Then you need to understand how to destroy it, how to make it yours and redevelop it. You need to approach a problem set deemed impossible and reduce it to ruins.

What you just learned was doctrinal intelligence.

My job and what I do currently is to solve “impossible” problems. Problems other analysts have given up on because there is too much data, too little time, or they’re just too hard. My data sets resemble an OLAP (Online Analytic Processing) cube.

An OLAP cube is a visual model of three dimensions of data. I am in essence called on to learn a subject as fast as possible, become close to an expert on it, and then analyze and synthesize a solution to a problem.

Bigger problem sets usually take 90 days to solve…smaller ones can even take four days. Recently an epidemiologist we worked with pointed out that what we did in four days would have taken him at least a year, if not two.

I’ve had to become an expert on everything from nuclear and biological weapons to illicit financial networks. What does sharia-compliant mean? I can tell you. What does Shor’s algorithm have to do with quantum entanglement? I can tell you.

I use tools that are generally acquired as part of a larger budget (one not available to the public). We use semantic mapping and entity extraction, combined with every piece of data we can get our hands on. Our facilities house entire copies of 10 years of military message traffic. We have complete copies of many SECRET and TOP SECRET intelligence databases joined with open source databases like LiveShips.

We stick it all in a virtual sandboxed environment and see what pops up. What data we can’t get upfront we use “cut-outs” to acquire. We code API’s and then we take existing programs like Palantir and force them to work with others like Starlight.

We use Hadoop as a distributing computing system and we use Field Programmable Gate Arrays (FPGA) to take it outside the wire. We use NoSql to avoid inter-relational databases and to just create a cloud. We munge data using Google Refine and then push it through programs like Future Point’s Starlight. When we are done…we take it to operators. Cyber operators…tactical operators…intelligence officers…and we say “Run with it.”

We’ve helped in personnel recovery (the recovery of Captain Scott Speicher for instance) and discovered efforts by the People’s Republic of China (PRC) to acquire tech via illicit means. This is the new intelligence analyst. This intelligence analyst is a data scientist. His is an empirical look at big data. He sifts through it and finds those same vulnerabilities as a traditional analysis of the enemy would, and then takes the fight to them.

Welcome to spook country.


This article originally published on SOFREP 08.20.2012