Intelligence does not have an unambiguous definition. According to Sherman Kent (1949), intelligence consists of knowledge, the organization that produces knowledge, and the activities of this organization. In the Finnish Ministry of Defence report from 2015 ”Guidelines for Finnish Intelligence Legislation”, the task of intelligence was defined as information collection aimed for increased understanding of changes, threats, and opportunities. With intelligence analysis, intelligence organizations produce early-stage information that enables proactive measures and preparedness. The definition emphasizes two aspects: intelligence must predict future developments, and these predictions must be actionable enough for mitigating threats and utilizing opportunities.
The task of strategic intelligence is relatively clear, but we are on the threshold of a paradigm shift—or perhaps have already crossed it. The main reason for the change is the digitalization of societies, which has led to an exponential growth of information, faster information dissemination and routinely used artificial intelligence. As a result, national intelligence services do not have exclusive rights to strategic intelligence. Digitalization enables intelligence as a business, as well as the collection and analysis of information as a leisure activity. Although some key intelligence systems are still exclusively used by intelligence services, practically anyone can collect or purchase information from open sources and analyze it, with the help of artificial intelligence, if necessary. Even national intelligence services engage in such activities. As a result, digitalization has brought new, more visible actors to the field of intelligence. Intelligence services have been encouraged to open their activities. The availability of open-source information has supported this increased transparency.
Digitalization has created new intelligence actors, but the more significant change has taken place in the operational environment. Beyond the traditional domains of land, sea, air, and space, nowadays cyber, information and cognitive domains have emerged as new types of environments. These emerging domains enable the use of novel and adaptable tools for influencing societies. Therefore, current buzzwords include e.g. hybrid influence, information warfare, and cognitive security. The key development is that warfare, or just hostile influence are no longer dichotomy; between war and peace exist several different levels. After Russia’s annexation of Crimea in 2014, we have not been in a state of peace, but neither are we at war—at least not from the perspective of the traditional definition of war. However, our societies are constantly subjected to hostile actions, especially in these new domains.
The main task of intelligence is to anticipate future developments and support decision-making regarding appropriate own actions. In the traditional domains of land, sea and air, development of a threat usually requires time and different types of force preparations. Ideally, strategic intelligence can identify these preparations, have ample time to monitor the development and ultimately provide an early warning for decision-makers when the threat reaches a certain level. Assessing future developments and providing early warnings are no easy tasks, but capable intelligence has prerequisites for success. The time a threat takes to develop also provides an opportunity to manage or even prevent undesired development through one´s own actions. Intelligence has a substantial role in supporting proactive decision-making and operations.
However, in cyber and information domains, we have largely accepted a position where we do not anticipate but merely react to the threats. Clearly, these domains are significantly more challenging than the traditional ones. Situational awareness or predictive intelligence analysis cannot be executed solely by intelligence services. Private enterprises and the third sector have a key role. However, instead of trying to fix the problem, we have elevated resilience as an additional buzzword. When discussing hybrid threats, politicians regularly repeat the phrase ”we must be prepared for everything,” even though a simple thought experiment makes it clear that it is not possible to prepare for everything, even if we had unlimited resources. Resilience is an important part of any kind of defense, but it cannot be the first line of defense. It is the last lock when everything else has failed.
The problem is significant. Currently, we are unable to establish a comprehensive situational awareness in the cyber domain, even less so in the information or cognitive domains. Therefore, we do not have the strategic intelligence capability to predict hostile cyber, or information operations directed at us, nor the ability to support own proactive decision-making regarding countermeasures. This stems in part from the absence of mandated authorities and their capabilities, the heterogeneity of actors, and the tendency to interpret these emerging domains as separate entities, shaped by the currently popular buzzwords. The cyber and information domains should be considered as a whole, and preferably together with the traditional domains. An emerging threat in a domain may be detected for the first time in another domain. Russia’s large-scale attack on Ukraine in 2022 was observable in the information and cyber domains long before Russia began military deployment to the Ukrainian border.
Intelligence should be collected and analyzed from all domains. Ideally, situational awareness and predictive strategic intelligence analysis are carried out in cooperation with various actors. The key buzzword at the time of writing might be multidomain operations. Until another buzzword surpasses it – hopefully it is multidomain strategic intelligence.
Jyrki Isokangas
Colonel (ret.), M.Sc. (cybersecurity), University Teacher
University of Jyväskylä
Finland
jyrki.t.isokangas@jyu.fi
Photo Petteri Kivimäki
