THE INTELLIGENCE CYCLE 

 

The intelligence cycle is driven by the organization’s needs as defined by its Critical Intelligence Requirements (CIR) and Priority Intelligence Requirements (PIR). Intelligence requirements have to be defined in a formal process that is the result of a rigorous and formalized risk assessment and needs analysis. The protection of own information and its appropriate classification, access rights and policies regarding appropriate use, is an integral part of information management within the enterprise. 

 

Detailed and specific actionable intelligence, designed and produced to support Company’s operations, is essential to maintain situational awareness and reduce ambiguity about the presence and nature of external threats, their capability, and intent, and enable fact-based rational decision-making. 

Production of intelligence to specified critical information requirements (CIR) and priority information requirements (PIR) in the form of custom-made reports, available when and where needed, is essential for an enterprise to remain agile, competitive and profitable, while intrinsically safe, secure, and resilient. 

In the current, increasingly complex and interconnected world, timely and accurate information on the operational environment, and the presence of threat actors and their capabilities and intent to act on organization’s vulnerabilities, is essential for the organization to maintain awareness of the world around and to be able to respond appropriately. 
The industry’s fast pace development in all geographical and functional areas of operations requires a systematic approach to intelligence planning, collection, collation, analysis, reporting, dissemination, and evaluation. 

The emphasis of the pharmaceutical industry on compliance obligations in terms of limiting information collection to pharmacovigilance purposes and other compliance functions only addresses one category of threat rather than the whole spectrum. Whilst the risk of compliance failure is indeed important, other threats need to be included in the intelligence cycle as well. 

Appropriate assessment of vulnerabilities and threats involves intimate knowledge of own operations, the operational environment, its geography, infrastructure, culture, language as well applicable legal standards and enforcement as practiced. Intelligence requirements have to be defined in a formal process that is the result of a rigorous and formalized risk assessment and needs analysis.

Planning and Direction: In the planning stage, critical and priority information requirements of the organization have to be established based on internal vulnerability assessment, locally present threats, and operational needs of the enterprise. A holistic approach to intelligence direction and planning ensures that evolving needs of the organization are periodically reviewed and the intelligence cycle is adjusted as appropriate to reflect the operational environment in a timely, accurate and cost-effective manner.

 

Collection represents the systematic screening of defined sources as specified in the intelligence plan. This includes legal and regulatory intelligence, information published by the government, law enforcement and public health agencies, commercially produced market watch and industry reports, specialized databases, registries and scientific libraries, relevant publication activity on the Internet, and social media.

 

Verification of the information and assessment of the credibility of source occurs at this stage. Processing and exploitation are the conversion of raw data into a usable and understandable form. This step requires highly trained specialized personnel and sophisticated equipment, especially if large datasets are involved.

 

Assessment of quality of the material included and documentation of information excluded from assessment essential for evaluation and quality management of the final product. Especially information from the Internet and social media can be voluminous while lacking the necessary attributes of a credible and verifiable content.

 

Analysis and production mean the integration, evaluation, analysis, and preparation of the processed information for inclusion into applicable finished products. Available information needs to be prioritized against known requirements and synthesized into a finished, actionable intelligence. The voluminous material of doubtful value and origin can be important for its potential impact on perception by customers and patients, and potential reputational risks. Scientific studies are a special category that is usually processed separately. However, rigorous assessment of the quality of evidence published studies provide is still not consistently practiced across the industry sector.

 

Dissemination of intelligence reports across the enterprise in a timely and controlled manner enables people in key functions to act on the information received. Access rights and sharing rules have to be practicable and realistic and have to be communicated in a clear and unambiguous manner. Consumers’ feedback and insight are essential to adjustment to the organization’s requirements.

 

Evaluation of feedback from consumers provides essential information for the improvement of every step in the intelligence cycle. Evaluation helps assess current and new information, recognize weak areas, and identify potential new threats. Feedback is incorporated into the next intelligence cycle.

 

Counterintelligence: Protection of own information is an integral part of information management within the enterprise. Attempts to exploit employees, contractors and associates for knowledge, insight, access, and contacts occur by a variety of means, from conferences and job interviews to email and online phishing campaigns. Threat actors range from organized crime to espionage.

 

The Human factor is the most vulnerable element and port of entry in most cyber attacks. Inappropriate disclosures can have serious consequences for the enterprise.

​

• Sensitive information, if disclosed would damage corporate operations and/or prestige at the local level.

• Protected information, if disclosed would cause serious damage to corporate operations across a country.

• Guarded information, if disclosed would cause exceptional damage to the design and intentions of the corporation through the potential loss of pending litigation, market share, technology, or competitive advantage.

 

Additionally, disclosure will diminish both the prestige and economic viability of the enterprise by providing cause for class action litigation or government action.