Daily Times

The aftermath of spectacular terror attacks follow a predictable pattern in Pakistan. Once the immediate shock wears off, there is an inevitable media scramble for information about the perpetrators, grief for the victims, and the hunt for security lapses. Security threat alerts are now commonly displayed on the media considering threat alerts issued by law enforcement agencies.

Unfortunately, it is often true that the intelligence community may have had some information about the attackers readily available. However, information about the perpetrators and their insidious plans are often hidden among varying reports, databases, and even open-source outlets, whether it’s news media reports or the social media. If placed together correctly, these bits and pieces of information can tell intelligence analysts much about the attackers, including who they are, how they choose their targets, and, in some cases, their motivations.

However, it is never easy. There may only be snippets fin coherent information, scraps of conversations, and cryptic references that have to be decoded, and that too within the short time frames between terrorist attacks. It is the enduring challenge of intelligence analysts to discover and analyse such information ahead of time, to predict and preempt such an attack. It is always easier to find this information afterward, but it is never easy beforehand.

One of the predictive analysis tools that intelligence analysts have available is threat profiling, which can help organise intelligence information related to different threat groups. This technique is simply a way to help collect relevant information about a group, prioritise analysis, and present the analysis within a common framework so the information can be widely shared and understood.

Threat profiling can often be confused with other forms of analysis. When discussing threat profiling, it is important to acknowledge that the word “profiling” often triggers concern about legality or political correctness. It can sometimes be inaccurately associated with the biased and bigoted thought process known as racial profiling. Threat profiling is not racial profiling — in fact its intent is to combat it.

Rather than making assumptions about a single person or group solely based on race, ethnicity, religion, or skin color, threat profiling looks at an entire set of social demographics and psychographics of a group. It also analyses this in the context of other factors like motivations, leadership, targets, etc. Instead of making generalisations, threat profiling is designed to help identify trends and exceptions equally.

Threat profiling can also be confused with behavioral profiling, a type of psychographic analysis of a single perpetrator used by law enforcement, and made popular and wrongly stereotyped by movies like ‘Silence of the Lambs’ and just about every current crime drama on television now. Where behavioral profiling is conducted on a single individual, threat profiling is designed to help analysts understand entire threat groups whether they are terror cells, gangs, organized crime syndicates, militias, or cyber organisations.

Virtually every piece of information about a group can be organised into a category or component. To create a threat profile, an analyst collects and organises all information related to a particular group into a defined set of components that can be more easily analysed. These could be motivations, goals, demographics, psychographics, leadership, targets, operational methods, sustainment, capabilities, and vulnerabilities.

Using threat profiling to analyse an extremist group is beneficial for several reasons. It helps to organise collection efforts on a certain group. Analysts can take all the information they have on that group, which may seem like disparate pieces of information, and categorise it into one or more components. Organising this information can help analysts prioritise where to start their analytical process.

Such a strategy is particularly beneficial when analysts only want to look towards a specific aspect of the group. Perhaps, most importantly, threat profiling will help establish a common framework of understanding about a group within an intelligence organisation. Often, conducting analysis about a particular threat group is a large-scale effort involving many analysts. Using a common framework as an accepted standard combats duplication of effort. It also helps to identify gaps in analysis among different people working on the effort.

Finally, using a standard threat profile framework will help in the presentation of analysis — whether it is through a briefing, discussion, presentation, or in a published product. This framework can be especially useful when communicating an assessment to those outside of the world of intelligence.

Intelligence analysis can be an extremely complex undertaking. It can be a daunting task to use the scant bits and pieces of information available to understand a threat group and then predict their future actions. Such efforts can lead to broad estimations, misconceptions, leap of logic and flat-out errors in analysis. However, threat profiling is designed to help make the analytical process more manageable, and make the now commonly displayed threat alerts as something beyond mere representations of snippets of information.

The writer is a retired Inspector General of Police (IGP) and former chairperson of the National Counter Terrorism Authority (NACTA)