Friday, February 25, 2011

Intelligence blind spots, failures and excuses

Twelve days ago at this blog, I said the U.S. intelligence community’s failure to predict the pan-Arab democratic rebellion was evidence of our common, human reluctance to recognize tipping points.

The ongoing public discussion about these events invites us to consider also how blind spots and cognitive biases can lead to intelligence failures in any field, including law firm intelligence work.

Today’s New York Times offers a panel of six Sunday morning intelligence quarterbacks who trot out some reasons why the U.S. intelligence community failed to predict the pan-Arab democratic movement and its recent tipping point. Their reasons for this failure and their other comments about intelligence blind spots include some I find useful to ponder about my own work in law firm CI and a few I find merely comical:

1. The intelligence community has failed to appreciate the power of social networking.

2. The intelligence community roots out analysts with good instincts.

3. The intelligence community punishes and silences those who say the unpopular.

4. Specialists find it difficult to see broader trends.

5. Immediate challenges crowd out long-range thinking.

6. Intelligence based on inputs from those in the seat of power will fail to appreciate the power of those forces that oppose seated power.

7. Some changes, no matter how large, do not require a new or immediate response.

8. It is unwise to focus only on events in those spaces where we have invested the most; events in other spaces may affect us as much or more so.

9. A single, dramatic event can quickly convert widespread, dormant awareness into widespread, sympathetic action.

10. Foreseeing events is much easier than predicting when those events will happen.

11. Intelligence never has and cannot forecast revolutions.

12. The President did not tell the intelligence community to focus on the possibility of a pan-Arab rebellion.

Yes, intelligence work is difficult. But the New York Times panelists do little more than describe some of the many blind spots that all high-end intelligence units are expected to understand and navigate. In fact, blind spots are an old and dangerous enemy to intelligence workers.

Richards (Dick) Heuer, the legendary CIA analyst, described in the now out-of-print Psychology of Intelligence several dozen biases that afflict intelligence analysts. This book’s central tenet is that “people tend to see what they expect to see, and new information is typically assimilated to existing beliefs.” Ibid. p.153.

Although Heuer learned his craft within the CIA, the insights he shares in his 1999 classic are universally relevant to business intelligence workers, including those of us who work in and for law firms. We law firm intelligence workers don’t have to predict political revolutions. But we are expected to identify and forecast many forces and movements that will affect the prospects of individual clients, client industries, labor forces, technologies, and other factors that, in turn, will affect our firms’ own prospects.

Although our blinders and biases cannot excuse intelligence failures, when failures do occur we must try to appreciate how our blinders and biases kept us from doing a better job, to reduce their negative impact in future assignments.

We can also learn from others’ intelligence successes and failures. Stay tuned.

Sunday, February 20, 2011

This is not what I meant by law firm competitive intelligence


I have long considered, lectured and written about law firm competitive intelligence from the perspective of CI prepared and used in service to the firm’s goals as a business entity. However, CI can also be conducted by law firms and its vendors in service to its clients’ goals. Today’s post addresses that use of CI by law firms.

This post also addresses the counterintelligence challenges of a post-Wikileaks world, where law firms and their vendors can be targeted by disgruntled employees, hackers and social engineers. Today’s professional culture encourages us to communicate via email, texting and social media, which are so familiar we forget they are susceptible to revelation – on purpose and through carelessness, through both legal and illegal means. Even sophisticated people ignore these dangers, as today’s post illustrates.

The events described below read like they were lifted from Stieg Larson’s “The Girl with the Dragon Tattoo” novel series. However, they were all reported during the past two weeks by the Financial Times, The New York Times, The Washington Post, The Observer, American Lawyer Media, Wired, Salon and dozens of other publications, blogs, online chat rooms and message boards.

I apologize if I have failed to insert the word “allegedly” everywhere it should appear in the following severely summarized account. Therefore, I hereby stipulate it has been alleged that …

What has been reported?

Last fall Hunton & Williams invited three data security companies (HBGary Federal, Palantir Technologies and Berico Technologies) to work with the firm to prepare a joint new business pitch for the U.S. Chamber of Commerce, a firm client. This pitch related to some of the Chamber’s political initiatives and investigations and handling of its antagonists.

H&W also invited the same three security companies to help prepare a second new business pitch for Bank of America, also a firm client. This pitch related to a BoA internal investigation into documents that Wikileaks had obtained, possibly from one or more BoA insiders, and threatened to publish on the Internet.

As these events were unfolding, HBGary Federal’s CEO, Aaron Barr, wanted to strengthen his street cred to support the H&W and other business development efforts HBGary Federal was involved in.

Barr was already hanging out online with members of Anonymous, a highly secretive, loose collective of activists and hackers. He believed he could elevate his sleuthing reputation by analyzing information on internet chat logs, Facebook, Twitter and elsewhere to identify Anonymous’s secretive leaders and key players. Barr planned to describe his unmasking methodology in a presentation at a February 2011 security conference and was able to publicize this presentation in a news story published on February 4, 2011, in the Financial Times.

For a day or so after the February 4 Financial Times story came out, Barr and Anonymous traded online insults. Anonymous then retaliated by hitting HBGary Federal’s corporate network, eventually taking down the company’s site, extracting 70,000 emails and publishing them online. To insult Barr further, Anonymous said their takedown team included a 16-year-old girl who had social engineered an HBGary Federal company IT admin into revealing another HBGary Federal admin’s logins and passwords.

Among the thousands of HBGary Federal emails that Anonymous published were those emails HBGary Federal had exchanged with H&W lawyers while the law firm and three data security companies were preparing the Chamber of Commerce and BoA pitches. Anonymous also uploaded the PowerPoint presentations the three security companies had prepared in consultation with H&W for use prior to or during H&W’s pitches.

Those PowerPoint files described the services the three companies would perform, including investigations and possible actions to be taken against lobbying groups, union employees, journalists and others whose allegiances and interests were counter to those of H&W’s clients. Those actions included developing fake personas, preparing and leaking fake information to H&W clients’ adversaries to discredit them, and discouraging commentary by journalists who are “... established professionals that have a liberal bent, but ultimately most of them if pushed will choose professional preservation over cause, such is the mentality of most business professionals.”

Where do things stand now?

1. HBGary Federal’s web site is still down.

2. Palantir and Berico have apologized for their involvement in these events and severed all ties with HBGary Federal. Palantir also suspended the 26-year-old engineer who worked on the PowerPoint presentations.

3. The Chamber of Commerce denied hiring any of the three companies or H&W.

4. Bank of America said they have never seen the presentation described in the emails, have never evaluated it, and have no interest in it.

5. H&W has refused to comment.

6. Some of those named as the Chamber’s adversaries in the hacked emails and PowerPoint files have announced their intention to file ethics charges next week with the DC bar association against three of H&W’s lawyers.

Lessons learned?

Whether the activities allegedly contemplated in the HBGary Federal hacked emails and PowerPoint files were competitive intelligence or corporate espionage or worse, they violated the Society of Competitive Intelligence Professionals’ Code of Ethics. As I have said many times before, including here, law firm competitive intelligence workers should all read that brief code of ethics, take its seven elements to heart and agree to abide by it. I now recommend that lawyers do so, too.

These events also have sobering implications for law firms’ own network security challenges. If a data security firm can be hacked and all its emails and attachments posted online, how well would most law firm networks stand up to such an assault? And if the firm’s network were breached in this way, what would be the costs to the firm and its clients and prospects? This law firm counterintelligence challenge requires not only technological safeguards, but also full recognition that lawyers and law firm employees are just as susceptible as anyone else to social engineering.

I have no doubt that everyone associated with this dog’s breakfast wishes it had never happened. Some blame the mess on security carelessness. Others see the leaked emails and PowerPoint files as evidence of ethical lapses and possibly criminal intent.

Optimistically, I view these events as an opportunity to remind ourselves, once again, of the ethical limits of competitive intelligence activities. Above all professions and industries, lawyers and law firms cannot be ignorant of or ignore these ethical limits.

Monday, February 14, 2011

Our Reluctance to Recognize Tipping Points

“The past is the best predictor of the future” is one of humankind’s most reliable decision-making aids. It’s a highly useful heuristic, except when it collides with sudden changes in the status quo – what we popularly call tipping points and which can be biological, political, cultural, technological or emotional.

Today’s New York Times offers a compelling review of the two-year pan-Arab youth movement culminating in the 18-day revolution that unseated the 30-year reign of Egyptian President Hosni Mubarak. The revolution’s outcome was a tipping point that formal intelligence channels didn’t predict. “…[T]he American intelligence community and Israel’s intelligence services had estimated that the risk to President Mubarak was low – less than 20 percent ….” But according to the Times, President Obama interpreted the information differently and acted in accordance with his own analysis of events.

Nothing goes up forever, and nothing goes down forever. A straight, uninterrupted line in any direction will fail to predict the future. The simple fact that a condition continues and continues will eventually produce new events that lead to a new condition which produces new events that … you get it.

Which leaves intelligence workers with the usual questions: What are the cycles and patterns of change? When will the tipping points happen? How and where and when can we position ourselves to benefit most from events we can never completely control?

These are also some of the most compelling questions for decision makers.