"Intelligence analysts should be self-conscious about their
reasoning processes. They should think about how they make judgments and
reach conclusions, not just about the judgments and conclusions
themselves." --Richards J. Heuer, Jr.
What is truth and how can we know it? Alternative hypotheses need to be carefully considered--especially those that cannot be disproved on the basis of available information.
So what?
The mounting challenges and problem-sets before us, as "Operational Risk Management" (ORM) professionals is substantial. Still to this day the gaps in fundamental knowledge on topics such as "Digital Forensics" are increasing.
The mobile sensors that we carry around in our pockets and purses have become the problem. Now we have embarked on the mission to call upon the data from the Apple and Samsung devices for a search for the truth. Are we seeking intelligence or looking for evidence? There is an incredible difference.
And where does all of this data live? Have you backed up your iPhone to iCloud lately? Or perhaps you have an online account with your particular Internet Service Provider (ISP) where you archive your data for safekeeping. Or maybe you have backed up our data to the multi-terabyte portable drive sitting on your desk. The possibilities are endless.
In our search of the truth, how do you make judgements and reach conclusions...
What is truth and how can we know it? Alternative hypotheses need to be carefully considered--especially those that cannot be disproved on the basis of available information.
When
was the last time you worked on a challenge to disconfirm or disprove a
hypothesis? Our analysts do not have enough time out of their
building. They must start and end the process for "sense making" with
using all of their senses, in front of and immersed in the hypotheses
they are trying to disprove.
The
data-driven mosaics before the people who are looking
"Over-The-Horizon" (OTH) are vast. In many cases, they do not need more
aerial imagery, RF data, or more forensic information. They just need
more context and they must spend more quality time actually seeing,
smelling, tasting or feeling the environments that they are or will be
analyzing.
Who
makes the best analysts? Some would say those who have been there and
done that. Others would say, it is better to have people that are not
biased and have never done that, yet have the opportunity to experience
the environment being analyzed, long enough and close enough, to be able
to create valid competing hypotheses.
false positive nounThe test produced too many false positives to be reliable. This is our greatest vulnerability and our search for the truth, must do all that we can do, to eliminate the possibility of false positives.
Definition of false positive
: a result that shows something is present when it really is not
The mounting challenges and problem-sets before us, as "Operational Risk Management" (ORM) professionals is substantial. Still to this day the gaps in fundamental knowledge on topics such as "Digital Forensics" are increasing.
The mobile sensors that we carry around in our pockets and purses have become the problem. Now we have embarked on the mission to call upon the data from the Apple and Samsung devices for a search for the truth. Are we seeking intelligence or looking for evidence? There is an incredible difference.
And where does all of this data live? Have you backed up your iPhone to iCloud lately? Or perhaps you have an online account with your particular Internet Service Provider (ISP) where you archive your data for safekeeping. Or maybe you have backed up our data to the multi-terabyte portable drive sitting on your desk. The possibilities are endless.
In our search of the truth, how do you make judgements and reach conclusions...