22 Jun 2023

Improving your Intelligence Analysis with Structured Analytic Techniques

Aaron Dixon

KEY POINTS: πŸ”—︎

  • Structured Analytic Techniques (SATs), such as the Key Assumptions Check (KAC) and Red Team Analysis (RTA), assist analysts in critically examining information and mitigating biases amid the growing challenges posed by threat actors.
  • The effectiveness of the KAC lies in its ability to yield immediate and valuable results. By allowing analysts to scrutinize assumptions, identify flaws, and promote transparency and logical reasoning, it enhances the analytic process.
  • RTA enables analysts to break free from established mental frameworks, but its execution requires careful planning, challenging institutionalized beliefs, and assessing plans from different perspectives.

Introduction πŸ”—︎

As threat actors continue to adapt and excel in complex environments, countering them has become increasingly challenging, often leaving those who seek to hunt them lagging behind. This puts pressure on analysts to work more effectively and efficiently to produce valuable intelligence results.

Generating intelligence in the face of this adaptability becomes an arduous task characterized by a rigorous selection, evaluation, interpretation, and expression process. On top of that, intelligence analysis is susceptible to human fallacies that can impair judgment and undermine conclusions.

To elevate the structure of the analytic process and keep pace with changing circumstances, analysts can employ Structured Analytic Techniques (SATs) which we will evaluate in this article.


What are Structured Analytic Techniques? πŸ”—︎

While the concept of using SATs to meet analytic needs is not a new one, it was not until the attacks of September 2001 that the cost of intelligence failures in the modern world was brought into the public sphere.

This revelation made it evident that intelligence analysis itself has significant limitations, which could have critical implications.

Ultimately, a set of Structured Analytic Techniques was established to help alleviate common analysis failures by:

  • Accelerating analysis with a formalized framework for information processing
  • Implementing quality gates and checks to ensure objectivity
  • Laying the foundation for critical analysis, leading to self-reflection and processual improvements

By utilizing SATs, we can enhance the way in which we analyze information, ensuring our conclusions are well-structured and based on logical reasoning. SATs also help to overcome cognitive biases, foster creativity in our thinking, and identify early warning signs of change, which are crucial in uncertain and high-stakes situations.

Role of Structured Analytic Techniques (SATs)

Numerous SATs have been identified over the past decades, but we will narrow our focus to two specific examples in this article: the Key Assumptions Checks (KAC) and Red Team Analysis (RTA).

What are Key Assumptions Checks? πŸ”—︎

The Key Assumptions Checks aim to enhance the transparency of analytic arguments and assumptions regarding intelligence gaps.

It is about dedicating time, either individually or as a group/team, to identify, elaborate upon, and review the key assumptions that have been made.

The KAC methodology follows a four-step process:

  1. Reviewing the current analytic line on the issue and documenting it for all to see
  2. Articulating all the premises, both stated and unstated, that are accepted as true for the validity of the analytic line
  3. Questioning each assumption by examining why it “must” be true and whether it remains valid under all conditions
  4. Refining the list of key assumptions to contain only those that are necessary to support the analytic line, and considering the conditions or information that could challenge these assumptions

In brief, KAC will enable us to critically examine and gain a deeper understanding of crucial aspects within an investigation. This includes analyzing individual data points and the connections between them.

Key Assumption Checks (KAC)

The KAC technique requires minimal setup, is straightforward to use, and can yield immediate and valuable results.

It is particularly valuable when applied at the outset of an analytic project, although it can also be implemented at various stages throughout the analysis process prior to reaching a conclusion.

Key Assumptions Checks in Practice πŸ”—︎

To demonstrate the practical application of this SAT, let’s examine the 2002 DC Sniper Case. During this period, a series of shootings took place, claiming the lives of 17 individuals and injuring 10 others over 10 months.

When law enforcement initially analyzed the incident, they made several critical assumptions:

  1. The sniper was male.
  2. The sniper was acting alone.
  3. The sniper was white.
  4. The sniper had military training.
  5. The sniper was driving a white van.

A critical analysis of these assumptions would reveal the following points of contention:

  • While most similar incidents in the US involve white, male, solo actors, excluding non-white and female suspects would greatly limit the suspect pool.
  • Military training, while plausible, is not a certainty as private citizens also have access to firing ranges.
  • Relying solely on one witness report of a white van speeding away prematurely narrows down the potential suspects.

Ultimately, the “DC sniper” case resulted in the detention of two men of Jamaican heritage who were charged with the crimes. One of them did have military training, but they used a blue Chevrolet for the attacks instead of the assumed white vehicle.

Out of the five initial assumptions, only two proved to be correct. If these assumptions had been properly scrutinized, the investigation could have proceeded in a more comprehensive manner, and although more suspects would have been considered, this β€˜wider net’ could have included the perpetrators thus bringing the case to a close much sooner.

The KAC technique could have been employed with minimal effort and yielded significant results. In similar cases, other SATs can also be applicable. For example, Red Team Analysis.

What is Red Team Analysis? πŸ”—︎

Red Team Analysis can be likened to a pattern of imaginative thinking, aimed at generating fresh insights, alternative perspectives, and different outcomes.

By adopting RTA, analysts can break free from their established mental environment and transition from being mere observers of an adversary to assuming the role of the adversary themselves. This involves considering the cultural norms, personal values, and rationality of the adversary they seek to emulate.

What Red Team Analysis entails

On the whole, RTA does not have clear and concise steps but rather seeks to establish an environment in which the technique can be leveraged. The ultimate goal is to assess the operation’s vulnerabilities and weaknesses from an opposing perspective, as well as helping to identify blind spots and potential flaws in a given plan.

An example of effective Red Teaming is Operation Desert Storm, where RTA was utilized to simulate and assess potential Iraqi strategies and tactics, which in turn led to improved operational planning and decision-making.

In its nature, the role of RTA is to:

  • Challenge institutionalized beliefs
  • Help avoid cognitive biases
  • Aid in plan assessment
  • Establish a common understanding
  • Formulate insights and intuition
  • Detect flaws in assumptions

Red Team Analysis in Practice πŸ”—︎

RTA is a complex and context-dependent technique to plan and execute. In the book Enhancing and Developing a Red Teaming Community in MORS, Kardos and Dexter identified seven different types of Red Teaming activities, including:

  • Field/Deployment Exercises
  • Wargaming
  • Cyber
  • Computational
  • Functional/CPX
  • Discussion/Tabletop Exercises
  • Critical Analysis

In terms of technical considerations, there are a few requirements to consider:

  1. The perspective and approach for each of these activity types need to be defined and planned to create the framework and boundaries for the exercise.
  2. Participant selection is critical to achieving ideological neutrality to maintain objectivity because a biased team may suppress dissent rather than engage in substantive debate.
  3. Given the nature of RTA and its requirement to understand the adversary’s mindset, intimate knowledge of adversarial tactics, technology, political climate, forces, systems, and values is necessary.

It is important to note that the expertise needed for RTA may surpass the capabilities of regular intelligence analysts and require experienced subject matter experts, such as university professors.

How Can SATs Help Shape Better Intelligence Analysis? πŸ”—︎

Both the Key Assumptions Check (KAC) and Red Team Analysis (RTA) provide valuable techniques for intelligence investigations, but their effectiveness relies on systematic, rigorous, and regular application.

Instead of simply mandating their teaching to analysts, it is advisable to invest time and resources in evaluating their usefulness to prevent SATs from complicating the analytic process rather than providing clarity.

In the longer term, prioritizing the understanding of SATs before implementation will support the professional growth of intelligence analysts and equip analysts with critically analyzed and effective techniques.

To read the complete essay about evaluating SATs, download Aaron’s original paper here:

Download the resource

DE +49
Albania +355
Algeria +213
Andorra +376
Angola +244
Anguilla +1264
Antigua And Barbuda +1268
Argentina +54
Armenia +374
Aruba +297
Australia +61
Austria +43
Azerbaijan +994
Bahamas +1242
Bahrain +973
Bangladesh +880
Barbados +1246
Belarus +375
Belgium +32
Belize +501
Benin +229
Bermuda +1441
Bhutan +975
Bolivia +591
Bosnia and Herzegovina +387
Botswana +267
Brazil +55
Brunei Darussalam +673
Bulgaria +359
Burkina Faso +226
Burundi +257
Cambodia +855
Cameroon +237
Canada +1
Cape Verde +238
Cayman Islands +1345
Central African Republic +236
Chile +56
China +86
Cote d'Ivoire +225
Colombia +57
Comoros +269
Congo +242
Cook Islands +682
Costa Rica +506
Croatia +385
Cuba +53
Cyprus +90392
Czech Republic +42
Denmark +45
Djibouti +253
Dominica +1809
Dominican Republic +1809
Ecuador +593
Egypt +20
El Salvador +503
Equatorial Guinea +240
Eritrea +291
Estonia +372
Ethiopia +251
Falkland Islands (Malvinas) +500
Faroe Islands +298
Fiji +679
Finland +358
France +33
French Guiana +594
French Polynesia +689
Gabon +241
Gambia +220
Georgia +7880
Germany +49
Ghana +233
Gibraltar +350
Greece +30
Greenland +299
Grenada +1473
Guadeloupe +590
Guam +671
Guatemala +502
Guinea +224
Guinea-Bissau +245
Guyana +592
Haiti +509
Honduras +504
Hong Kong +852
Hungary +36
Iceland +354
India +91
Indonesia +62
Iran, Islamic Republic of +98
Iraq +964
Ireland +353
Israel +972
Italy +39
Jamaica +1876
Japan +81
Jordan +962
Kazakhstan +7
Kenya +254
Kiribati +686
Korea, Democratic People's Republic of +850
Korea, Republic of +82
Kuwait +965
Kyrgyzstan +996
Lao People's Democratic Republic +856
Latvia +371
Lebanon +961
Lesotho +266
Liberia +231
Libyan Arab Jamahiriya +218
Liechtenstein +417
Lithuania +370
Luxembourg +352
Macao +853
Macedonia, the former Yugoslav Republic of +389
Madagascar +261
Malawi +265
Malaysia +60
Maldives +960
Mali +223
Malta +356
Marshall Islands +692
Martinique +596
Mauritania +222
Mauritius +230
Mayotte +269
Mexico +52
Micronesia, Federated States of +691
Moldova, Republic of +373
Monaco +377
Mongolia +976
Montserrat +1664
Morocco +212
Mozambique +258
Myanmar +95
Namibia +264
Nauru +674
Nepal +977
Netherlands +31
New Caledonia +687
New Zealand +64
Nicaragua +505
Niger +227
Nigeria +234
Niue +683
Norfolk Island +672
Northern Mariana Islands +670
Norway +47
Oman +968
Pakistan +92
Palau +680
Panama +507
Papua New Guinea +675
Paraguay +595
Peru +51
Philippines +63
Poland +48
Portugal +351
Puerto Rico +1787
Qatar +974
Reunion +262
Romania +40
Russian Federation +7
Rwanda +250
San Marino +378
Sao Tome and Principe +239
Saudi Arabia +966
Senegal +221
Serbia +381
Seychelles +248
Sierra Leone +232
Singapore +65
Slovakia +421
Slovenia +386
Solomon Islands +677
Somalia +252
South Africa +27
Spain +34
Sri Lanka +94
Saint Helena +290
Saint Kitts and Nevis +1869
Saint Lucia +1758
Sudan +249
Suriname +597
Swaziland +268
Sweden +46
Switzerland +41
Syrian Arab Republic +963
Taiwan +886
Tajikistan +7
Thailand +66
Togo +228
Tonga +676
Trinidad and Tobago +1868
Tunisia +216
Turkey +90
Turkmenistan +993
Turks and Caicos Islands +1649
Tuvalu +688
Uganda +256
United Kingdom +44
Ukraine +380
United Arab Emirates +971
Uruguay +598
United States +1
Uzbekistan +7
Vanuatu +678
Holy See (Vatican City State) +379
Venezuela +58
Viet Nam +84
Virgin Islands, British +84
Virgin Islands, U.S. +84
Wallis and Futuna +681
Yemen +967
Zambia +260
Zimbabwe +263

By clicking on "Access", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.

If you found this article useful and would like to see more updates on intelligence gathering or other related topics, you can follow us on Twitter and LinkedIn, or subscribe to our newsletter.

Happy investigating!

About the Author πŸ”—︎

Aaron Dixon πŸ”—︎

Aaron Dixon is a former member of the New Zealand Military who has spent the last 6 years working as a consultant in the areas of IT Security and Compliance, Data Privacy, Digital Forensics and Cyber Threat Intelligence. He holds a bachelor’s degree with a double major in History and Defense Studies, as well as a Postgraduate Certificate in International Security. His primary areas of interest are terrorism and geopolitical conflict, as well as focusing on the foundational processes and principles of the Intelligence Cycle.

Sources πŸ”—︎

  • Greenberg, A. (1981). An Outline of Wargaming. Naval War College Review, 34(5), 93–97.
  • Coulthart, S. J. (2017). An Evidence-Based Evaluation of 12 Core Structured Analytic Techniques. International Journal of Intelligence and Counterintelligence, 30(2), 368–391.
  • Kardos, M., Dexter, P., & Bowden, F. D. J. (2016). Enhancing and Developing a Red Teaming Community in MORS. Phalanx, 49(4), 20–22.
  • Marrin, S. (2009). Training and Educating U.S. Intelligence Analysts. International Journal of Intelligence and Counterintelligence, 22(1), 131–146.
  • Moore, D. T. (2007). Critical Thinking and Intelligence Analysis. National Defense Intelligence College Occasional Paper 2007(1). Washington, D.C.: National Defense Intelligence College.
  • Moran, J. P. (2021). Red Team or Red Herring? Lessons Learned from the Policy Counter Terrorism Evaluation Group. The International Journal of Intelligence, Security, and Public Affairs, 23(3), 400–424.
  • Pherson, R. H., & Heuer, R. J. Jr. (2014). Structured Analytic Techniques: A New Approach to Analysis. In R. Z. George & J. B. Bruce (Eds.), Analyzing Intelligence: National Security Practitioners’ Perspectives (2nd ed., pp. 444–477). Washington, DC: Georgetown University Press.
  • Reinhold, D., Russo, C., & Eisenfeld, B. (2020). Analytical Standards in the Intelligence Community: Are Standards Professionalized Enough? Journal of Strategic Security, 14(1), 106–121.
  • United States Government. (2009). A Tradecraft Primer: Structured Intelligence Techniques for Improving Intelligence Analysis. Washington, DC.

By clicking on "Subscribe", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.