Intelligence acquisition methods in cyber domain : examining the circumstantial applicability of cyber intelligence acquisition methods using a hierarchical model

Phenomena in cyber domain, especially threats to security and privacy, have proven an increasingly heated topic addressed by different writers and scholars at an increasing pace – both nationally and internationally. However little public research has been done on the subject of cyber intelligence. The main research question of the thesis was: To what extent is the applicability of cyber intelligence acquisition methods circumstantial? The study was conducted in sequential a manner, starting with defining the concept of intelligence in cyber domain and identifying its key attributes, followed by identifying the range of intelligence methods in cyber domain, criteria influencing their applicability, and types of operatives utilizing cyber intelligence. The methods and criteria were refined into a hierarchical model. The existing conceptions of cyber intelligence were mapped through an extensive literature study on a wide variety of sources. The established understanding was further developed through 15 semi-structured interviews with experts of different backgrounds, whose wide range of points of view proved to substantially enhance the perspective on the subject. Four of the interviewed experts participated in a relatively extensive survey based on the constructed hierarchical model on cyber intelligence that was formulated in to an AHP hierarchy and executed in the Expert Choice Comparion online application. It was concluded that Intelligence in cyber domain is an endorsing, cross-cutting intelligence discipline that adds value to all aspects of conventional intelligence and furthermore that it bears a substantial amount of characteristic traits – both advantageous and disadvantageous – and furthermore that the applicability of cyber intelligence methods is partly circumstantially limited.

New threats - old routines : bureaucratic adaptability in the security policy environment

Within the framework of state security policy, the focus of this dissertation are the relations between how new security threats are perceived and the policy planning and bureaucratic implementation that are designed to address them. In addition, this thesis explores and studies some of the inertias that might exist in the core of the state apparatus as it addresses new threats and how these could be better managed. The dissertation is built on five thematic and interrelated articles highlighting different aspects of when new significant national security threats are detected by different governments until the threats on the policy planning side translate into protective measures within the society. The timeline differs widely between different countries and some key aspects of this process are also studied. One focus concerns mechanisms for adaptability within the Intelligence Community, another on the policy planning process within the Cabinet Offices/National Security Councils and the third focus is on the planning process and how policy is implemented within the bureaucracy. The issue of policy transfer is also analysed, revealing that there is some imitation of innovation within governmental structures and policies, for example within the field of cyber defence. The main findings of the dissertation are that this context has built-in inertias and bureaucratic seams found in most government bureaucratic machineries. As much of the information and planning measures imply security classification of the transparency and internal debate on these issues, alternative assessments become limited. To remedy this situation, the thesis recommends ways to improve the decision-making system in order to streamline the processes involved in making these decisions. Another special focus of the thesis concerns the role of the public policy think tanks in the United States as an instrument of change in the country’s national security decision-making environment, which is viewed from the perspective as being a possible source of new ideas and innovation. The findings in this part are based on unique interviews data on how think tanks become successful and influence the policy debate in a country such as the United States. It appears clearly that in countries such as the United States think tanks smooth the decision making processes, and that this model with some adaptations also might be transferrable to other democratic countries.

Business intelligence – enabling self-service: A case study in a global manufacturing company

Business intelligence (BI) is an information process that includes the activities and applications used to transform business data into valuable business information. Today’s enterprises are collecting detailed data which has increased the available business data drastically. In order to meet changing customer needs and gain competitive advantage businesses try to leverage this information. However, IT departments are struggling to meet the increased amount of reporting needs. Therefore, recent shift in the BI market has been towards empowering business users with self-service BI capabilities. The purpose of this study was to understand how self-service BI could help businesses to meet increased reporting demands. The research problem was approached with an empirical single case study. Qualitative data was gathered with a semi-structured, theme-based interview. The study found out that case company’s BI system was mostly used for group performance reporting. Ad-hoc and business user-driven information needs were mostly fulfilled with self-made tools and manual work. It was felt that necessary business information was not easily available. The concept of self-service BI was perceived to be helpful to meet such reporting needs. However, it was found out that the available data is often too complex for an average user to fully understand. The respondents felt that in order to self-service BI to work, the data has to be simplified and described in a way that it can be understood by the average business user. The results of the study suggest that BI programs struggle in meeting all the information needs of today’s businesses. The concept of self-service BI tries to resolve this problem by allowing users easy self-service access to necessary business information. However, business data is often complex and hard to understand. Self-serviced BI has to overcome this challenge before it can reach its potential benefits.