Can a security organization work well without the aid of external intelligence? The answer is a resounding yes. Often security agencies are dependent on government agencies for information. The TSA looks to the FBI’s Terrorist Screening Center to provide the No Fly, Terrorist Watch and Selectee lists, for example. Government-supplied intelligence might concern a possible attack, identify a particular person of interest or a terrorist means of attack. Intel broadcast may be general, or more specific. But whether it concerns the identity of a potential adversary, suspicion indicators or is related to their methods of operation, it is although welcome, by its nature – limited.
A security system which relies solely on this kind of intel is vulnerable. Likewise, a system which relies solely on intelligence it derives on its own can be very effective. The real intelligence exists on the inside and comes from our own internal understanding of the operational environment in which we work and what it takes on the part of an adversary to beat it.
Looked at another way, when someone else is providing you with the intel, it’s hard to know what information you do not have. The intel begets questions including: what’s the larger picture? what pieces if any are missing? what does the intel mean to us, in our particular security context?
How many CIA officers know the detailed, inner workings of a U.S. airport? It makes sense that the folks working within a system know it best. Just as you know best how to infiltrate your own house: where the goods are hidden, the best times of day to attack, which neighbors to avoid and which window has the broken lock.
Externally derived intelligence is supportive and provides an important peripheral ring to a security system. But when we rely too heavily on it and it fails, so too does security fail. The Christmas Bomber is but one example of this.
Creating and maintaining an independent system where we identify the methods of operation on our own results in actionable intel that takes the form of the identities of adversaries and suspicious individuals, of various MOs and suspicion indicators. The information we need to provide excellent security resides within the system itself.
