10 Challenges Undermining Your Protective Intelligence Program


Protective intelligence means different things to every organization. A protective intelligence program somewhere out there only consists of a log book of suspicious events, and in other instances, it consists of a sophisticated digital platform that catalogues information, analyzes datasets for patterns, and spits out immediate reports.

Our goal in this article is to provide a broad examination of the challenges that face all protective intelligence programs.

Protective intelligence challenges can be divided into two categories, although they aren’t perfectly distinct and mutually exclusive. Category One includes all of the challenges that are inherent in the process of an organization carrying out the sequential steps of the intelligence cycle: Planning & Direction, Collection, Storage, Analysis, Production, Dissemination, and Feedback. Category Two includes all of the challenges that fall outside of the intelligence cycle, but influence inputs and outputs of the overall program.

Category One

#1 Planning & Direction

If protective intelligence is the process of identifying, assessing, and mitigating threats, then heavy consideration needs to be given to the planner’s Risk Vulnerability Threat Assessment (RVTA). A faulty or poorly conducted RVTA will provide a substandard foundation for the protective intelligence program to be built upon. The RVTA ought to highlight those threats that that are especially likely, potentially impactful, and facilitated by present vulnerabilities. Those threats can be used as a basis for focusing the finite resources of the protective intelligence program, for maximum efficiency.

Questions for Consideration

  1. Does the protective intelligence program have a clear focus, and do individual team members understand their role in supporting the overall protective intelligence mission?
  2. Is the program grounded by a sound Risk Vulnerability Threat Assessment?
  3. Are individual intelligence issues clearly defined (problem definition + scope) for analysts to succeed?
#2 Collection

Data collection is supported by security team members in the field, static security posts, counter-surveillance operations, open source/closed source intelligence investigations, and more. Once an organization’s most relevant threats are outlined, it is easy to identify what information needs to be collected in regard to these specific threats. For example, if you have assessed the threat of inappropriate pursuers contacting the CEO at his office, as being high, then you could identify specific information sets that would be highly relevant to you (such as the campus’ suspicious vehicle log, license plate information, incidents of trespassing, etc.).

Questions for Consideration

  1. What types of information are critical to anticipate and mitigate the specific threats that have been assessed as “high?”
  2. Is information collection guided by a systematic methodology?
  3. How, at what frequency, from who/where will is information collected?
  4. Have investigators received adequate training in assessing potentially violent individuals—simply stated, do they know what indicators are most relevant to search for?
#3 Storage

Data storage is a fundamental part of protective intelligence. Reassess and reevaluate are the name of the game when it comes to threat assessment investigations. Making accurate assessments over time, without the ability to retrieve data, would be nearly impossible.

Questions for Consideration

  1. How is information stored, categorized, and retrieved?
  2. Who is authorized access to the information, and does everyone that needs access, have access?
  3. Are there special considerations for the storage of information that will potentially be used in court?
  4. How is information protected?
  5. What are the weaknesses of that particular method of information storage?
#4 Analysis

“What does it mean?” That’s the question that intelligence analysts seek to answer, by breaking down complex problems into digestible components.

Questions for Consideration

  1. Which team members have appropriate training to support accurate judgements based on the current threat assessment (or other) literature?
  2. Is there an internal system/process within the organization for assessing recurring intelligence issues?
  3. At what temporal intervals are specific intelligence problems reassessed (Example: auditing records, reassessing persons of interest, reassessing travel risk, etc.)
  4. Is the work environment conducive to quality analytical judgements?
  5. Are current technologies being used to augment analysts’ collection & analysis?
#5 Production

The final form that protective intelligence takes is dependent on organizational standards and most importantly, the consumer’s preferences. The corporate officers are unlikely to read the 30 page report prepared by the analyst for the security manager, just as the security staff at the parking lot entrance don’t care much for 30 page reports.

Questions for Consideration

  1. Is there a standard format within the organization for intelligence reports (BOLO profiles, threat assessment investigations, background investigations, etc.?
  2. Are analysts following industry best practices in terms of substance, structure, and presentation of their written products?
#6 Dissemination

Once the final product has been reviewed and it meets the standard of the security manager, it is ready to be delivered all of the appropriate staff.

Questions for Consideration

  1. Who needs to be informed?
  2. What barriers exist to inter-organizational information sharing, and how can these be overcome when safety and security depend on it? (Example: corporate headquarters vs regional offices vs family office)
  3. (Post dissemination) what policies are in place in terms of information security and protective sensitive information?
#7 Feedback

Developing (and retaining) quality analysts depends more on this stage of the cycle than anywhere else. Adequate feedback on the analyst’s work ensures improved future reports in terms of value to the end user (security manager or corporate officers) and overall quality.

Questions for Consideration

  1. What assessments merit feedback from the consumer?
  2. How is success/failure and improvement evaluated by the consumer?
  3. Does the consumer clearly demonstrate how future intelligence products can be improved at the various stages of the process?

Category Two

#8 Organizational Challenges

Organizational challenges can take many forms. Most are familiar with fighting to secure the resources they need to adequately serve the organization: hiring qualified personnel ($), acquiring the necessary technology/tools/IT support, and keeping personnel trained with regular participation in professional development programs. A secondary challenge may be selling the benefits of a protective intelligence program to reluctant executives or to the company’s board of directors. Lastly, it could be that the security program’s toughest challenge is getting cooperation from inter-organizational groups (Example: is the security staff at the corporate office communicating relevant information to the protective intelligence staff?).

#9 Analysts

Of course, analysts are part of the intelligence cycle, but they have significant influence at each stage, and this merits extra deliberation.

Questions for Consideration

  • How are analysts trained and developed?
  • Are analysts attached or detached from the day to day security operations, and how does that influence the quality of the analysis?
  • What measures are in place to account and correct for cognitive biases of the analyst?
  • How do overseers and analysts avoid analyst-burnout?
#10 Case Management

Depending on organizational structure, the management of individual cases will vary by the people involved, time/energy committed, and urgency of the issue.

Questions for Consideration

  • What case load can a single analyst adequately support?
  • Do analysts receive assistance/support from other security staff?
  • What standards are used to evaluate the continued assessment or closure of a particular case?

That’s our initial examination of the broad set of challenges facing the security industry on the micro and macro levels. Readers can easily use this as a guide to challenge and improve current practices in their organizations.