Category Archives: Cyber Security

What portions of the IC budget are publicly disclosed? Why? Should more of the IC budget be publicly disclosed? Why? Why not?



The Intelligence Community (IC) budget is only disclosed publically in the aggregate. In other words, only the top line total amount is revealed. As the Office Of the Director of National intelligence Media Release of 2 February 2015 puts it,
Consistent with 50 U.S.C. 3306(a), the Director of National Intelligence is disclosing to the public the aggregate amount of appropriations requested for Fiscal Year 2016. The aggregate amount of appropriations requested for the FY 2016 National Intelligence Program (NIP) is $53.9 billion, which includes funding requested to support Overseas Contingency Operations (OCO).(“DNI Releases Requested Budget Figure for FY 2016 Appropirations for the National Intelligence Program,” 2015, p. 1)


The top line number is provided as a result of series of efforts that began with a Freedom of Information Act suit in 1997. The suit compelled DCI tenet to reveal the intelligence spending for fiscal year 1998. In July 2007 Congress passed a law which according to Lowenthal, “…Requires the DNI to disclose the aggregate amount appropriated in the NIP, beginning one month after the end of the previous fiscal year.” (Lowenthal, 2012, p. 235) The revelation is part of Congresses effort to improve its oversight of the intelligence committee that grew out of the examination of intelligence community performance as it related to 9/11 and the Iraqi Weapons of Mass Destruction (WMD) investigation.

Control of the budget is a central mechanism for Congressional oversight of IC activities. As Lowenthal explains, “Control over the budget for the entire federal government is the most fundamental lever of congressional oversight.” (Lowenthal, 2012, p. 224). However, as Saturno points out, “The Constitution grants the ‘power of the purse’ to Congress, but does not establish any specific procedure for the consideration for budgetary legislation.” (Saturno, 2004) As a result, the nature of the use of the budget as a tool for Congressional oversight of the IC has evolved over time. As discussed above, the pressure for the revelation of the IC budget did not seriously grow until 1997. Prior to that, Congress had performed its oversight without requiring explicit revelation of the exact size of the IC budget, even as it criticized intelligence agencies and actors for intelligence failures.

Although pressure from Congress, the media and the public for more detailed information on the specific line items of the IC community budget has increase in the 21st century, additional details about the IC community budget should not be revealed. Doing so provides adversaries with insight into IC priorities and thus enables them to further refine their asymmetric attacks. For example, knowledge that the US is making huge investments in a certain technology could inform adversary budgetary decision making. By knowing where the US is placing investments, they can adjust their own investments toward technologies that promise them an advantage against the US efforts, ultimately rendering the US expenditure worthless.

Although Congress must perform its oversight role, the revelation of the budgetary numbers to the public is not necessary. Even in the absence of public awareness of the particulars of the intelligence budget, Congressional representatives can play their proper oversight and guidance roles.





DNI Releases Requested Budget Figure for FY 2016 Appropirations for the National Intelligence Program. (2015). [Press release]. Retrieved from

Lowenthal, M. (2012). Intelligence: From Secrets to Policy (5th ed.). Washington, DC: CQ Press.

Saturno, J. (2004). The Congressional Budget Process: A Brief Overview. Retrieved from Washington, DC:


What role does the judiciary play in shaping U.S. intelligence in cyberspace? How have courts historically shaped intelligence collection and operations? How have recent rulings and decisions impacted intelligence activities in cyberspace?

The Judiciary plays a central role in the shaping the boundaries of acceptable U.S. cyber intelligence activities, helping to mediate the tension between the Executive branch actions as it performs its national defense responsibilities and the Congressional oversight of those activities. In addition, the Judiciary is at the forefront of ensuring civil liberties are protected.

The judiciary has historically shaped intelligence collections and operations through jurisprudence related to the Fourth Amendment. More recently, recognizing that definitive resolution of determining the explicit rules for cyber intelligence collection in each and every situation remained unachievable due to the continuous changes in technology, and the salutary tension between the various branches of government, Congress established the Foreign Intelligence Surveillance Court (FISC) through the Foreign Intelligence Surveillance Act (FISA). FISA provided a way for Congress to assert its prerogatives in the area while simultaneously recognizing the Executive’s powers as enumerated in Article II of the Constitution.

As Medine points out,

In essence, FISA represented an agreement between the executive and legislative branches to leave that debate aside and establish a special court to oversee foreign intelligence collection. While the statute has required periodic updates, national security officials have agreed that it created an appropriate balance among the interests at stake, and that judicial review provides an important mechanism regulating the use of very powerful and effective techniques vital to the protection of the country. (Medine, 2014, p. 174)


The development of the FISA activities after 9/11 supports the contention in the An Assessment of International Legal Issues in Information Operations that the judiciary plays a backward facing role in formulating legal treatment of newly emerging situations. “It seldom happens that a legislature foresees a problem before it arises and puts into place a legislative solution before it is needed. More typically, legislators react to a problem that has already manifested itself.”(An Assessment of International Legal Issues in Information Operations, 1999, p. 464) (464)

The tension between civil liberties, cyber intelligence and government activities in cyberspace as they relate to individuals illuminates this lagging. This lag requires continuous emphasis on the protection of civil liberties even as technology changes. the Executive Order 12333 governing United States Intelligence Activities puts the necessity to protect civil liberties at the forefront of the text. It says, “The United States Government has a solemn obligation, and shall continue in the conduct of intelligence activities under this order, to protect fully the legal rights of all United States persons, including freedoms, civil liberties, and privacy rights guaranteed by Federal law.” (Obama, p. 1)

Recent rulings and decisions continue to impact the day to day work associated with cyber intelligence. The legal doctrines concerning the Fourth Amendment considerations on unlawful search and seizure developed when the capability to search was limited by physical proximity. The necessity for physical access bounded the scope of the search problem space (this is legitimate to search, this search requires a warrant) in ways that were especially clear. Even with the development of telephone communications, the link between the physical entry and exit points of the communication were readily determined. The development of the cyber domain has changed these factors, and the law has not yet caught up. Therefore, the tension between civil liberties and the access required for cyber intelligence to achieve its mission of informing policy makers in order to provide decisional advantage will likely persist.







An Assessment of International Legal Issues in Information Operations. (1999). Washington, DC: DoD Office of General Council.

Medine, D. (2014). Report on the Telephone Records Program Conducted under Section 215of the USA PATRIOT Act and on the Operations of the Foreign Intelligence Surveillance Court Retrieved from Washington, DC:

Obama, Barak. Executive Order 12333 United States Intelligence Activities (As amended by Executive Orders 13284 (2003), 13355 (2004) and 13470 (2008)) (1981). Washington, DC: White House.

What framework does INSA propose for a competency-based knowledge framework for cyber intelligence? How does INSA suggest integrating both analytic and technical skills? What range of cyber professionals does INSA consider for its proposed framework?



Many organizations, both government and private sector, now require some sort of cyber intelligence capabilities. Although many organizations will be able to outsource their cyber intelligence activities, some organizations will have to develop their own organic cyber intelligence capabilities in order to accomplish their missions.

Capability development requires investment in the development of the full range of capability elements. These capability elements include doctrine, organization, training, materiel, personnel, facilities, and in the NATO application of the capability development paradigm, interoperability. The absence of any one of the capability elements can lead to execution failures. (Jasper, 2009)

The capability elements are therefore interdependent – doctrine without the other elements will remain a dead letter, just as personnel without the training and facilities in which to operate will be unable to, even with the best of intentions, perform adequately to accomplish their mission essential tasks.

Due in part to the newness of the cyber intelligence capability requirement, personnel development polices, education and training programs and carrer paths are not well articulated. As a step toward this articulation, and thus development of cyber intelligence as a profession, the Intelligence and National Security Alliance (INSA) Cyber Intelligence Task Force produced a cyber intelligence capability development concept. This concept explains their proposed framework for development of cyber intelligence professionals. Their proposed competency-based knowledge framework for cyber intelligence includes 5 competency sets: Technical Competencies, Analytic Competencies, Knowledge Management (Informatics) Competencies, Contextual domain Competencies and Communication and Organizational Competencies. (Borum & Sanders, 2015, p. 6) These competency sets are required for all cyber intelligence personnel, though the two broad categories of cyber intelligence professionals will focus on different parts of those competency sets.

The INSA emphasize that an effective cyber capability requires expertise in in both analytical and technical domains. The INSA explains,

Because cyber intelligence is as much or more of an analytic discipline than a purely technical one, professionals in the field must be capable of conducting research, developing and evaluating hypotheses, acquiring and managing new knowledge, generating and analyzing courses of inquiry (that is, collection) and action, formulating and solving complex problems, expressing clearly reasoned opinions, and communicating effectively in writing, oral presentation, and visual display – in addition to understanding computing and information security fundamentals and technical exploitation (though to a lesser extent than specialists). (Borum & Sanders, 2015, p. 6)

The INSA proposes integrating both analytical and technical skills by creating two professional development pathways. Within each pathway individuals can specialize in either technical or analytical areas. This allows for the specialization necessary in order to develop the five competences at the tactical, operational and strategic levels, but also provides for cross fertilization between the domains.



Figure 1 shows a visual representation of the framework and the workforce capability pathways the INSA proposes. Based on a common body of cyber intelligence knowledge, the framework upon which the competency sets rest emerges. Personnel advance through the framework through training and education activities and professional experience. The advance takes place along two main pathways, the analytical and technical, but both training and professional development opportunities are available (in the center of the framework) to allow for cross domain expertise development. Each pathway goes through the five competency areas in order to generate well rounded cyber intelligence personnel.

The INSA considers the full range of cyber professionals in its proposed framework, including the entry-level analyst, the cyber intelligence professional, and the senior executive. (Borum & Sanders, 2015, p. 9) Conceptualizing career paths for cyber intelligence professionals is essential. If career paths do not allow for advancement into positions of increasing complexity and responsibility they will not attract people to stay in the profession, thus leading to personnel gaps in the capability especially at the more senior levels.




Borum, R., & Sanders, R. (2015). Cyber Intelligence: Preparing Today’s Talent for Tommorow’s Threats. Washington, DC: Intelligence and National Security Alliance.

Jasper, Scott. (2009). The Capabilities Based Approach. In Scott Jasper (Ed.), Transforming Defense Capabilities: New Approaches for International Security (pp. 1-24). Boulder: Lynne Rienner.

What major intelligence themes occur throughout U.S. history?

Lowenthal lists 12 major themes in the development of U.S. Intelligence.(Lowenthal, 2012, pp. 11-19) This paper focuses on two of these themes, under which many of the others can be subsumed: the organization of intelligence capabilities referred to as “A wittingly redundant analytical structure” and the tension between secrecy and openness.

Lowenthal provides two explanations for the redundancy in the US government intelligence analytical organizations. He says,

Two major reasons explain this redundancy, and they are fundamental to how the Unite States conducts analysis. First, different consumers of intelligence – policy makers- have different intelligence needs… Second, the United States developed the concept of competitive analysis, an idea that is based on the belief that by having analysts in several agencies with different backgrounds and perspectives work on the same issue, parochial views more likely will be countered – if not weeded out – and proximate reality is more likely to be achieved. (Lowenthal, 2012, p. 14)

The multiplication of analysis capabilities imposes costs in personnel and resources, but the use of multiple perspectives from many different agencies has been considered worth the cost.

Warner and McDonald point out an additional theme, that while related to Lowenthal’s theme of “A wittingly redundant analytical structure” is not identical with it. They refer to this theme as a trend toward the concentration of power at the highest levels of either the Central intelligence Agency or the Department of Defense. This trend emerges in part from a desire to rationalize the intelligence structures running up against the organizational imperatives of the two largest intelligence consumer/producers, the CIA and the DOD, neither one of which is willing to make its own intelligence capabilities subservient to the other. They explain,

… in the substance of these reports, one large trend is evident over the years. Studies

whose recommendations have caused power in the Intelligence Community to gravitate

toward either the Director of Central Intelligence or the Office of the Secretary of Defense— or both—have generally had the most influence. This pattern of increasing concentration of intelligence power in the DCI and Secretary of Defense endured from the 1940s through the 1990s, whether Democrats or Republicans controlled the White House or Congress.(Warner & McDonald, 2005, p. V)


The redundancy of intelligence capability generate a theme of calls for rationalization in resource expenditures which collides with government organizational dynamics in which organization work to increase their own capabilities even at the expense of other government agencies. Allison and Zeikow refer to this behavior as the “Governmental Politics Model” as and it is a theme likely to persist. (Allison & Zelikow, 1999, pp. 255-294)

The second significant macro level theme examined here is the tension between “Secrecy and Openness”. Lowenthal explains, “The openness that is an inherent part of a representative democratic government clashes with the secrecy required by intelligence operations.”(Lowenthal, 2012, p. 18) This is not a new tension in US political thought. It was classically articulated in the first of Wilson’s Fourteen Points. “Open covenants of peace, openly arrived at, after which there shall be no private international understandings of any kind but diplomacy shall proceed always frankly and in the public view.”(Wilson, 1918)This distrust of secrecy remains a constant theme in American political thought. The problem with this Wilsonian idealist position is that it ignores the reality that other actors pose existential threats to free societies. It emerges from a refusal to recognize both the need for and the legitimacy of what the National Intelligence Strategy of the United States of America lists as a operational intelligence community task “Conduct sensitive intelligence operations to support effective national security action.”(Clapper, 2014, p. 8) Far from secret activity being Un-American, secret intelligence activity is necessary to preserve justice. As Strauss put it, “Justice has two different principles or sets of principles: the requirements of public safety, or what is necessary in extreme situations to preserve the mere existence or independence of society, on the one hand, and the rule of justice in the more precise sense, on the other.”(Strauss, 1953, p. 161) The theme of secrecy vs openness can therefore be understood as a result of the tension between conceptions of the two types of justice and their role in society. Those opposed to secrecy in intelligence activity emphasize the “precise sense of justice” and minimize the necessity for actions in order to preserve the continued existence of a society within which the more precise sense of individual justice (as opposed to collectivist views like Marxism or Wahhabism) is possible.






Allison, Graham T., & Zelikow, Philip D. (1999). Essence of Decision: Explaining The Cuban Missile Crisis (2 ed.). New York: Longman.

Clapper, James R. (2014). The National Intelligence Strategy of the United States of America. Washington, DC: Office of the Director of National Intelligence.

Lowenthal, M. (2012). Intelligence: From Secrets to Policy (5th ed.). Washington, DC: CQ Press.

Strauss, Leo. (1953). Natural Right and History. Chicago: University of Chicago Press.

Warner, Michael, & McDonald, J. Kenneth. (2005). US Intelligence Community Reform Studies since 1947. Washington, DC: Strategic Management Issues Office, Central Intelligence Agency.

Wilson, Woodrow. (1918). President Woodrow Wilson’s Fourteen Points. Washington, DC Retrieved from


What is Feedback? How important is it to the Intelligence Process?


Feedback is a difficult subject in regard to intelligence. Lowenthal (2012) lists feedback as the final step of the intelligence process. Feedback in this process model is focused on outcomes after an intelligence collection and analysis process is complete. While this is correct, it is incomplete. Gary Klein, in his Streetlights and Shadows makes a distinction between outcome and process feedback that clarifies the necessity for more complex feedback. He explains,

Feedback about consequences helps us judge if we are making progress. It can motivate us to do better. However, outcome feedback doesn’t help us figure out how to do better… Outcome feedback doesn’t help us diagnose what we need to improve. To improve, we need process feedback about the way we are acting.(Klein, 2009, p. 166)


In other words, feedback only after the task is complete (the intelligence has been received) that addresses the adequacy of the product or outcome is insufficient. Lowenthal alludes to this in his discussion of the role of feedback. He explains,

Although feedback does not occur nearly as often as the intelligence community might desire, a dialogue between intelligence consumers and producers should take place after the intelligence has been received. Policy makers should give the intelligence community some sense of how well their intelligence requirements are being met and discuss any adjustments that need to be made to any parts of the process. Ideally, this should happen while the issue or topic is still relevant, so that improvements and adjustments can be made. Failing that, even an ex post facto review can be tremendously helpful. (Lowenthal, 2012, p. 84)


He thus includes the need for both outcome and process feedback, but still limits the major feedback moment to the conclusion of a specific intelligence process with a clear deliverable.

However, feedback in complex, dynamic activities like intelligence is required not only at the end of a specific evolution, but throughout, and not simply between producers and consumers. In the case of the intelligence process, policy makers, collectors, and analysts all need to provide both process and outcome feedback to one another.

U.S. Military doctrine in part captures the distinction between process and outcome feedback in its assessment concepts. Assessment is a form of feedback, indicating to actors and planners whether or not their actions have achieved their desired effects and if they have acted as they intended, or if the friction associated with human endeavors has prevented their efforts from generating the desired results.

This distinction is articulated in joint and service doctrine in terms of measures of performance (MOP) and measures of effectiveness (MOE). “MOPs measure the organization’s actions against an assigned task, while MOEs assess the success of the task in creating an effect in order to achieve objectives.” (Naval Planning NWP 5-01, 2013, pp. G-6)

MOPs include how well the intelligence process is executed and if the process is answering the demand signal from policy makers. MOEs concern the degree to which the intelligence analyst and collectors are focused on the right subjects and the right questions concerning those subjects. In other words, is the intelligence process focused on creating an accurate picture of the subset of the world of interest to decision makers and is it actually providing those decision makers with decision advantage. In short, MOEs are concerned with the question “Did the intelligence effort contribute positively to the generation of desired outcomes?” Both MOP and MOEs are required.

The problem of inadequate feedback is a central one for intelligence actors, and is related to the dilemmas concerning the boundary between serving policy makers and making policy and the impartiality of intelligence professionals. As Lowenthal says, speaking of the absence of prioritization and requirements in the form of outcome feedback, and indication that “This is the intelligence product we require,” from policy makers,

The intelligence community thus faces two unpalatable choices. The first is to fill the requirements vacuum, running the risk of being wrong or accused of having overstepped into the realm of policy. The second is to overlook the absence of defined requirements and to continue collection and the phases that follow, based on the last-known priorities and the intelligence community’s own sense of priorities, fully realizing that it may be accused of making the wrong decision. (Lowenthal, 2012, p. 85)


Outcome and process feedback from policy makers are both absolutely necessary in order to improve intelligences processes and outcomes. Absent feedback from policy makers, the intelligence product consumers, feedback from senior intelligence community leadership can help intelligence actors to improve both the processes and products.





Klein, Gary. (2009). Streetlights and Shdows: searching for the keys to adaptive decision making. Cambridge: Massachusetts Institute of Technology.

Lowenthal, M. (2012). Intelligence: From Secrets to Policy (5th ed.). Washington, DC: CQ Press.

Naval Planning NWP 5-01. (2013). Norfolk, VA: Navy Warfare Development Command.


The U.S. International Strategy for Cyberspace

Review the U.S. International strategy for Cyberspace (IS4C) and discuss its strengths and shortcomings.

A strength is that the IS4C seems to continue to promote the idea of US leadership in preserving the openness of the Internet.[1]

There are however several shortcomings. First, the text launches immediately into a discussion of “Building Cyberspace Policy” without having articulated the actual International Strategy for Cyberspace. It seems to me that, based on the guidance provided concerning the difference between a strategy and policy, that the text is better described as a policy. It offers a set of basic principles based on the privileging of multilateral cooperation and establishes some general long term goals. However, it does not clearly articulate actionable guidelines and enforcement mechanisms.

Few problems are deliminated in accordance with the jurisdictional boundaries established by or within which organizations are structured to act. Problems, by their nature, often transgress boundaries and challenge institutions in the seams and gaps where the expertise of one organization ends and another begins. Rather than addressing the challenges cyber presents to the US government in this regard, the IS4C attempts to apply a nation state centered paradigm to the cyber domain. On page 11, the IS4C text articulates the paradigm within which it approaches cyberspace challenges: “In the latter half of the 20th century, the United States helped forge a new post-war architecture of international economic and security cooperation. In the 21st century, we will work to realize this vision of a peaceful and reliable cyberspace in that same spirit of cooperation and collective responsibly.”[2] The text thus seems to be basing its strategy on the model of activities that generated the Breton Woods agreements, the trade agreements that eventually led to the creation of the World Trade Organization, and security agreements grounding organizations like the North Atlantic Treaty Organization (NATO) – agreements between nation states to create intergovernmental organizations to deal with a common set of issues in a specific functional domain.

However, as the America’s Cyber Future Security and Prosperity in the Information Age volume I points out, “Cyber threats pose serious challenges to the United States. They blur traditional lines between peace and war, government and private sector, and strategy and tactics. As such they present daunting obstacles that are legal, institutional, technical and cultural in nature. Overcoming these obstacles will require new ways of thinking and new means of governance, involving new actors and a level of agility to which the U.S. government is unaccustomed.”[3]

Therefore, to my mind the biggest gap resulting in a shortcoming in the IS4C is that it is attempting to inappropriately apply a 1940s paradigm of international governance efforts, in which nation states cooperate in the application of their sovereign tools (based on clear distinctions between geographic areas in their sovereign control and those beyond them requiring international agreement on use of the commons) to a domain that is inherently global and in which local effects can be generated by globally distributed actors.

How does the U.S. International strategy for Cyberspace (IS4C) relate to the Cyberspace policy of your organization? 

The IS4C refers to the military, on pages 14 and 20-21. However, the DOD Strategy for Operating in Cyberspace July 2011 is not specifically referenced. In addition, the IS4C states “…we will exhaust all options before military force whenever we can; will carefully weigh the costs and risks of action against the costs of inaction; and will act in a way that reflects our values and strengthens our legitimacy, seeking broad international support whenever possible.”[4](14) This seems to indicate the bias will be toward deliberation and consultation as opposed to rapid action to deter or defeat threats emanating from the cyber domain. This stated bias toward consultation creates unhelpful expectation concerning US actions, unnecessarily circumscribing military action.

How does the IS4C interface with other national policies and strategies? Make sure to comment on the effectiveness (or lack thereof). 

The other national policies and strategies are not explicitly mentioned – the text does not articulate the relationships. I think a diagram or a list explaining how the various other national strategies and policies are nested under this strategy (or policy) would be very helpful.


How do gaps between the IS4C and identified policies affect implementation and coordination?

Major gaps include lack of real interagency articulation and involvement of the private sector. They are mentioned but actual guidelines are not provided. The failure to articulate these guidelines, and the relative prioritization of principles (such as multilateral cooperation vs protection of Internet openness) hinders implementation and coordination.

It also seems that either the thinking has changed, (and so the strategy should be updated to reflect that change) or the strategy is not informing administration policy development. Specifically, the text fails to provide an effective foundation for administration actions concerning two efforts. First, application by the Federal Communication Commission of legislation designed to deal with issues arising from early 1930s telephony practices to the internet. (Title II of the 1934 Communications Act).[5] This regulative initiative seems in conflict with the IS4C assertion that, “The virtues of an open, interoperable, secure, and reliable cyberspace should be more available than they are today, and as the world’s leading information economy, the United States is committed to ensuring others benefit from our technical resources and expertise.”[6](Obama, 2011) (14) The text does not adequately explain how a national regularly regime based on a previous technology offers a model for current cyber regulation, and would enable others to benefit from US “technical resources and expertise”.

Second, the effort to distance the US government from ICAAN seems to privilege international cooperation over openness and innovation on the Internet.[7] The text does not explain how to balance the trade offs between multilateral control of the Internet by nation states and the preservation of this openness. They seem to be mutually exclusive.

Graham Allison and Philip Zelikow’s Governmental Politics paradigm from their Essence of Decision: Explaining the Cuban Missile Crisis could perhaps be used to explain the disjunction between the text and current initiatives by uncovering the different elements in the administration that have different views on the International Strategy for Cyberspace.[8] Or perhaps the text should just be updated to reflect the current priorities.


Allison, G. T., Philip D. Zelikow. (1999). Essence of Decision: Explaining The Cuban Missile Crisis (2 ed.). New York: Longman.

Gordon Crovitz, L. (2014). Information age: Halfway to wrecking internet freedom. Wall Street Journal Retrieved from

Lord, K. M., & Sharp, T. (2011). America’s Cyber Future: security and Prosperity in the Information Age (Vol. 1): Center for a New American Security.

Obama, B. (2011). International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World. White House.


[1] (Obama, 2011, p. 21)

[2] (Obama, 2011, p. 11)

[3] (Lord & Sharp, 2011, p. 11)

[4] (Obama, 2011, p. 14)

[5] See (Gordon Crovitz, 2014) for a more complete discussion of this issue.

[6] (Obama, 2011, p. 14)

[7] (Obama, 2011, p. 21)

[8] (Allison, 1999, pp. 255-324)

How does intelligence support joint planning?

The Joint Planning process is a structured decision making methodology. This methodology enables the commander to better understand the environment and synchronize actions to achieve the politically determined objective by coordinating the contributions of planners and staff subject matter experts. Intelligence directly supports execution of this process by providing the data, information and knowledge the staff and commander need to execute the process.
Intelligence, at the Joint level, serves not only to inform the current operation, but planning for future operations. Indeed, supporting the planning process (after policy objectives have been provided to the military planners by the civilian leadership) is a key intelligence task. As Lowenthal explains, “Intelligence refers to information that meets the stated or understood needs of policy makers and has been collected, processed, and narrowed to meet those needs.” (Lowenthal, 2012, p. 1) As the Joint Publication 2-0, Joint Intelligence (JP-02) puts it, “The primary role of joint intelligence is to provide information and assessments to facilitate mission accomplishment.” (Joint Publication 2-0, Joint Intelligence, 2013, p. ix) In other words, intelligence provides information that enables the commander to better achieve the objective. Intelligence professionals do this by supporting the commander’s decision cycle. As the NWP 5-01 explains, “The decision cycle is the doctrinal construct by which the commander makes decisions: by monitoring and assessing operational orders during execution and issuing guidance and directives when required. The intelligence process simultaneously supports all phases of the operations process and the commander’s decision cycle.” ((Naval Planning NWP 5-01, 2013, pp. B-3-9) The Joint Planning process is one form this decision cycle takes.
The functions intelligence fulfils in this process are derived from the reasons intelligence agencies in general exist. Lowenthal, in his Intelligence: From secrets to policy describes four reasons intelligence agencies exist: “To avoid strategic surprise; to provide long-term expertise; to support the policy process; and to maintain the secrecy of information, needs and methods.” (Lowenthal, 2012, p. 2) The first three of these, with slight modifications, also apply to the joint planning process at the strategic and operational levels.
The specific activity through which intelligence personnel support the joint planning process is the Joint Intelligence Preparation of the Operational Environment (JIPOE). As the Joint Publication 2-0 explains, “JIPOE is the continuous process through which J-2 manages the analysis and development of products that help the commander and staff understand the complex and interconnected Operational Environment – the composition of the conditions, circumstances, and influences that affect the employment of capabilities that bear on the decisions of the commander.” (Joint Publication 2-0, Joint Intelligence, 2013, p. x) The JIPOE provides regular data, information and knowledge to the planning team in order to inform their planning efforts. In other words, the JIPOE assists the planning team in improving the fit between their planned actions and the desired effects generated in the environment.
The overall flow of this process can be understood through John Boyd’s Observe, Orient, Decide and Act (OODA) loop as described in his presentation The Strategic Game of ? and ?. (Boyd, 1991, p. 21) (See Figure 1)
Intelligence contributes directly to both to the Observation and Feedback components of the decision-making process as described by the OODA loop. The intelligence staff contributes to the planning process by enriching the observations available to the staff, thus increasing the amount and quality of actionable information they have at their disposal to inform decisions, take actions and as indicated in the OODA loop sketch, provide the feedback necessary to assess the measures of effect and performance associated with the action. Intelligence is thus one of the primary carriers of the feedback loops between action and observation and the feed forward of orientation and decision. As Betts points out in his “Analysis, War, and Decision: Why Intelligence Failures are Inevitable,” “Analysis and decision are interactive rather than sequential process.” (Betts, 1978, pp. 66-67) Intelligence is essential in all phases of the joint planning process.


Betts, R. K. (1978). Analysis, War, and Decision: Why Intelligence Failures Are Inevitable. World Politcs, 31(1), 61-89.
Boyd, J. (Producer). (1991, 22 FEB 2011). The Strategic Game of ? and ? [Power Point Presentation PDF file] Retrieved from
Joint Publication 2-0, Joint Intelligence. (2013). Washington, DC.
Lowenthal, M. (2012). Intelligence: From Secrets to Policy (5th ed.). Washington, DC: CQ Press.
Naval Planning NWP 5-01. (2013). Norfolk, VA: Navy Warfare Development Command.

What tasks must commanders take into account to integrate cyberspace capabilities into Joint Operation Planning? What planning considerations must be taken into account?

Cyberspace is a new artificial, global domain in and through which militarily significant effects can be generated by a wide variety of actors (nation states, companies, super empowered individuals, criminal syndicates, terrorist organizations and any other organization with access to the basic technological infrastructure – at the bare minimum a cell phone and internet access. (See Simon for a discussion of the nature of the artificial. (Simon, 1996) The barriers to entry for creating significant cyber domain effects are much lower than those for generating operationally significant effects in the other global commons domains, the maritime, air, and space.

Cyberspace has therefore become an integral part of the operational environment. Commanders must integrate cyberspace capabilities into Joint Operations Planning.[1] The JP 3-12 defines cyberspace as follows:

Cyberspace consists of many different and often overlapping networks, as well as the nodes (any device or logical location with an Internet protocol address or other analogous identifier) on those networks, and the system data (such as routing tables) that support them.

Cyberspace can be described in terms of three layers: physical network, logical network, and cyber-persona. (Joint Chiefs of Staff, 2013, p. vi)


Commanders must be able to integrate cyberspace capabilities in order to both generate effects in and through each of these layers.

Cyberspace and Joint Operational Planning

Cyber operations must include the full range of planning considerations seen in other domain planning. (Joint Chiefs of Staff, 2013, pp. IV-I) However, as JP 3-12 points out, discerning the multiple second, third and so on order effects can be more difficult in cyberspace, due to its globally interconnected nature and the speed of effect transmission, than activity in the maritime, air, and space domains.


However, second and higher order effects in and through cyberspace can be more

difficult to predict, necessitating more branches and sequels in plans. Further, while many elements of cyberspace can be mapped geographically in the physical domains, a full understanding of an adversary’s posture and capabilities in cyberspace involves

understanding the underlying network infrastructure, a clear understanding of what friendly forces or capabilities might be targeted and how, and an understanding of applicable domestic, foreign, and international laws and policy.” (Joint Chiefs of Staff, 2013, pp. IV-I)


Figure 1

As shown in figure 1, planners must take the full range of cyber capabilities and actors into account as they plan to generate effects in and through the cyber domain. The JTF commander has to integrate (indicated by the purple ellipses) cyber capabilities at the national level (the centralized cyber operations) national level intelligence, the cyber capabilities of partners and coalition members, and take into account the potential influence of neutral countries. At the operational level the JTF Commander must also incorporate operational level intelligence. These considerations and capabilities must be integrated with an understanding of own force capabilities and vulnerabilities in the three layers of the cyber domain, the physical network layer, the logical network layer and cyber-persona layer.(Joint Chiefs of Staff, 2013, pp. v-vi) In addition, the legal and policy considerations must be taken into account before the operational functions, such as fires in the example in figure 1, are executed.

The integration of these considerations and capabilities is necessary in order for the Joint Planning Process to enable the commander to accomplish the following:

Effectively integrate cyberspace capabilities

Counter an adversary’s use of cyberspace

Secure mission critical networks

Operate in a degraded environment

Efficiently use limited cyberspace assets

Consolidate operational requirements for cyberspace capabilities(Skelton, 2015, p. 20)


Three specific planning considers are, according to JP 3-12, “Cyberspace-related intelligence requirements, targeting, and DODIN operations.” (Joint Chiefs of Staff, 2013, p. x) The operational planners must work with higher level Cyber Operations authorities in order to meet cyberspace related intelligence requirements, as well as coalition members and other government agencies with cyber intelligence capabilities (such as the NSA). The implications of cyber domain targeting must also be taken into account. This is extremely complex, as issues of dual use, proportionality and legitimacy are still not entirely settled. In addition, the joint planner must protect own DODIN operational capabilities.




Navy. (2013). Naval Planning NWP 5-01. Norfolk, VA: Navy Warfare Development Command.

Simon, Herbert A. (1996). The Sciences of the Artificial (Third ed.). Cambridge: MIT Press.

Skelton, James. (2015). Introduction to Cyberspace Operations. National Defense University.

Staff, Joint Cheifs of. (2011). Joint Publication (JP) 5-0 Joint Operation Planning. Washington DC.

Staff, Joint Chiefs of. (2013). Joint Publication 3-12(R): Cyberspace Operations. Washington, DC.


[1] See (Joint Cheifs of Staff, 2011) for a discussion of planning at the joint operational level. See (Navy, 2013) for discussion of operational planning from a single service perspective.