JD

Critical Thinking Tools for Insider Threat Analysts

Critical Thinking Tools for Insider Threat Analysts

Problem Restatement

  • Purpose: A method for examining a problem from diverse perspectives.
  • Steps:
    1. Paraphrase: Rephrase the problem in your own words.
    2. 180 Degrees: Invert the problem, viewing it from the opposite angle.
    3. Broaden the Focus: Contextualize the problem within a larger framework.
    4. Redirect the Focus: Intentionally and consciously shift the central focus.
    5. Make a Decision or Document Results: Conclude the process by making a choice or recording the findings.

Pros-Cons-Fixes

  • Purpose: To counteract negative biases by initially focusing on the positive aspects of a situation or option.
  • Steps:
    1. List all Pros: Enumerate all the advantages.
    2. List all Cons: Enumerate all the disadvantages.
    3. Review and Consolidate Cons: Merge similar cons and eliminate redundant ones.
    4. Neutralize Cons: Address and mitigate as many disadvantages as possible.
    5. Compare Pros and Remaining Cons: Evaluate the pros against the unneutralized cons for all available options.
    6. Pick one option: Select the most suitable option.

Divergent/Convergent Thinking

  • Purpose: A brainstorming methodology that fosters idea generation without immediate judgment, allowing ideas to build on one another. These ideas are then clustered and refined to identify the most promising ones.
  • Divergent Thinking (Brainstorming): All ideas are encouraged and accepted.
    • Rules for Divergent Thinking:
      • The greater the number of ideas, the better.
      • Encourage building upon existing ideas.
      • All ideas, regardless of initial perceived quality, are accepted.
      • Refrain from evaluating ideas during this phase.
      • This technique should be employed at every stage of problem-solving.
  • Convergent Thinking: The process of selecting a single, most viable idea from a generated list of ideas.

Chronologies/Timelines

  • Purpose: Provides a structured method for examining information, aligning with the human instinct to identify cause-and-effect relationships. They are crucial for understanding the context in which events unfold.
  • Steps:
    1. List Relevant Events and Dates: Begin by listing dates, followed by their corresponding events.
    2. Construct a Chronology: Organize the events sequentially, crossing them off the initial list as they are incorporated into the chronology.
    3. Make a Decision or Document Results: Conclude with a decision or a record of the findings.

Causal Flow Diagram

  • Purpose: To delineate a system's components and their interactions, focusing on cause-and-effect relationships. It facilitates the analysis of how these relationships behave as an integrated system.
  • Steps:
    1. Identify Major Factors: Pinpoint the primary elements within the system.
    2. Identify Cause-and-Effect Relationships: Determine which factors influence others.
    3. Characterize Relationships: Classify each relationship as either direct (A increases, B increases) or inverse (A increases, B decreases).
    4. Diagram Relationships: Visually represent these relationships in a diagram.
    5. Make a Decision: Conclude the analysis with a decision.

Matrix

  • Purpose: A tool that enables the separation of problem elements, categorization of information, comparison of different types of information, comparison of similar types of information, and the identification of correlations. A matrix organizes information in a grid format, utilizing as many cells as required for the analysis.
  • Use a Matrix to:
    • Separate distinct elements of a problem.
    • Categorize information based on its type.
    • Compare various types of information against each other.
    • Compare information of the same type.
    • Discern patterns and relationships among the information.

Scenario/Decision Tree

  • Purpose: A graphical representation illustrating choices and potential outcomes at different junctures within alternative sequences or chains of events. Each distinct sequence constitutes a separate scenario.
  • Steps:
    1. Identify the Problem: Clearly define the central issue.
    2. Identify Major Factors/Issues: Determine the key decisions and events that need to be addressed in the analysis.
    3. Identify Alternatives: For each major factor or issue, list all possible alternative paths or outcomes.
    4. Construct a Tree: Diagrammatically portray all significant alternative scenarios.
    5. Make a Decision or Document Results: Conclude by making a choice or recording the process and findings.

Weighted Ranking

  • Purpose: To systematically compare, evaluate, and select among multiple alternatives by assigning weighted values.
  • Steps:
    1. List Major Criteria: Enumerate all significant criteria relevant for ranking.
    2. Pair-Rank Criteria: Compare each criterion against every other criterion (e.g., first vs. second, first vs. third, etc.).
    3. Select and Weight Top Criteria: Choose the top several criteria and assign them percentile weights such that their sum equals 1.0.
    4. Construct Weighted Ranking Matrix: Create a matrix and input the items to be ranked, the selected criteria, and their respective weights.
    5. Pair-Rank Items by Criterion: For each criterion, pair-rank all the items, recording the number of