By: Dan Gill, Praescient Analytics Consultant and Former IC Analyst
As a young intelligence analyst I was introduced to a number of different tools. Some of them, like M3 and MPS, were designed to make parsing through message traffic easier. Others (TAC, HOT-R) were formatted to help me search through large databases and find different files (images, documents, reports, etc.) that were pertinent to my mission. By far the most intriguing tool I was introduced to was i2 Analyst’s Notebook (ANB), now owned by IBM. It allowed me to take information I had gathered from the other systems and visualize it all in one place. This was valuable for an inexperienced analyst like me because often I did not understand what kind of data and networks I was dealing with until I could see it combined together in a single tool. After some training, I started to understand how integral this tool could become in my day-to-day work.
At its inception, ANB was a new and improved corkboard, a digitized improvement on the old school string-and-tack diagrams investigators used to visualize large networks. Although physically diagramming the connections between pieces of evidence (mugshots, surveillance photos) using string was and still is effective, it became much too time consuming as cases grew to encompass large networks with hundreds or thousands of individual nodes. ANB offered analysts a streamlined method for network diagramming (without broadcasting the analyst’s obsession to the entire office).
Image Credit: Esquire
ANB has grown and matured since those early days in step with advances in tradecraft and technology. IBM’s current i2 ANB offerings encompasses many new capabilities such as the Find Connected Networks button to uncover new network linkages, and social media and cyber iconology for more modern analysis. ANB also showcases a host of new workflows such as sophisticated anti-money laundering and geospatial analysis plugins. Another major piece of ANB’s growth is the introduction of Enterprise Insight Analysis (EIA), souped up server-backed all-in-one analysis platform. EIA features ANB as its frontend interface, but also has the ability to tap into virtually any external database needed to allow analysts to search for and import data into the system and manipulate it in ways that were unheard of 20+ years ago when the original ANB made its debut.
EIA is a powerful platform that allows analysts to accomplish a variety of missions at the enterprise level, whether it is forensic financial analysis, cyber threat detection, social network analysis or targeting. Although the full EIA platform contains a number of advanced capabilities, ANB remains the basis for analysis. This makes it easier for senior analysis to train new blood in the intelligence field, as there are decades of experience in how to best leverage the power of ANB. After all, there is a reason why 90% of all intelligence and law enforcement organizations use ANB today.
As I’ve matured as an analyst, so too has my understanding of which tools are right for the job. New software is released constantly that can allow me to find answers faster and with more accuracy than would have been the case ten years ago. But just because a tool is new and powerful does not mean it will be successfully deployed within organizations. Many intelligence analysts are already on the verge of information overload, and introducing a bevy of new tools can easily backfire as analysts revert to old tools they already know. That is what makes IBM’s EIA offering so exciting for me. I can look forward to frequent new plugins and capability enhancements, but I can be confident that the front end interface – ANB – which my teams know and love – will always remain the platform centerpiece.
Read about our Summer 2017 ANB training classes and sign up here!