The elusive field of cyber intelligence: notes from the educational front

Stephen McCombie, James D. Ramsay, Allon J. Uhlmann

Research output: Contribution to journalArticlepeer-review


While the significance of the cyber domain is clear in intelligence both as an offensive tool and as a vulnerability to be managed, there remains a significant gap between the work of Cybersecurity professionals and Intelligence professionals. Cybersecurity has traditionally focused on operational, technical and defensive measures and used intelligence reactively to better understand the context of a specific effect. By contrast intelligence models tend to be forward leaning, actionable, and focus on an adversary rather than the specific effects an adversary uses at a given time eg (Clark, 2016). Today, Cybersecurity is a dynamic field that includes incident response, policy compliance and risk management - and is still developing its conceptual framework and methodological basis, while intelligence is a far more mature and developed discipline that is struggling to adapt to the risks and opportunities of cyber technology, such as the extremely fast pace of cyber-attacks and the increased complexities of attribution. The US intelligence failure in predicting or effectively responding to the Russian cyber interference in 2016 Presidential elections is an example of this challenge. Better integration of cyber security and intelligence capabilities is critical and inevitable, yet not easily achieved. Integration must proceed at various levels, from the organisational to cultural, conceptual and methodological. Here we focus on the last three. After describing the problematics of integration at state level, we outline the framework for the education of both cyber security and intelligence professionals, and suggest how cultural impediments to integration can be overcome, and how the methodologies and conceptual structures might be integrated and extended. The paper aims to be a roadmap not just for organisations involved in intelligence, but all types of entities which need to deal with the opportunities as well as challenges posed by offensive cyber technology/methods.
Original languageEnglish
Pages (from-to)22-42
Number of pages21
JournalJournal of the Australian Institute of Professional Intelligence Officers
Issue number2
Publication statusPublished - 2019


Dive into the research topics of 'The elusive field of cyber intelligence: notes from the educational front'. Together they form a unique fingerprint.

Cite this