Time
3 hours 1 minute
Difficulty
Advanced
CEU/CPE
3

Video Transcription

00:04
another area of concern
00:06
when, as I was giving some examples in the last section
00:10
of appealing to consensus appealing to authority
00:14
confirmation bias, a lot of these things are
00:19
somehow related
00:21
to this idea of analysis of competing hypotheses
00:25
trying to figure out which of these conclusions is actually the correct one. Which of these possible outcomes might be the correct one on the C I. A dot gov website, they provide eight high level steps
00:40
to hopefully deal with this problem of competing hypotheses.
00:45
1st 1 is to find all the hypotheses that are being considered
00:49
and then do Cem Cem brainstorming or some kind of focus group type analysis.
00:55
You could do some simple voting, even let's see a show of hands for for the first hypothesis and so on and so on.
01:03
You might have to go through several rounds of that process to get it down to the last two or the last three, depending on how many you have to pick from
01:12
in order to organize the approach,
01:15
there should also be some notes taken as to what are the arguments and evidence for each of these hypotheses that appears to be
01:25
the most probable correct one.
01:27
You could then prepare Matrix. As it says here, I can have my, uh, hypothesis across about this is across the top and evidence down the side.
01:38
And then I could populate that with all the different supporting arguments and supporting evidence that
01:45
that has appears to be related to
01:48
these final few choices. As the process continues, there will be some expectation that that there will be some manipulation or fine tuning
01:59
of
02:00
the evidence or arguments, because after some additional consideration, someone might decide Well, this
02:06
doesn't really belong here. It's not really proving the point that it purports to prove.
02:12
So as you start to refine the Matrix, you can start to add things and remove things in order to make it more accurate and Maur
02:20
correct from a logical point of view
02:22
or even a diagnostic value
02:24
moving on to the last four steps, we can see that you would have some kind of conclusion that could be formed based on this refined matrix,
02:36
and at that point there should be some effort to try to disprove
02:40
the hypothesis. Trying to take the opposite side of the argument toe, look for holes to look for errors and thinking, logical fallacies, biases
02:50
that we discussed in the previous section. You should all be useful tactics at this point to use
02:58
to do some refer the refining further filtering of those things, which may have been incorrectly
03:04
added to this matrix to begin with,
03:07
then you want to look at the evidence in a even closer manner interruptus to find out. Is there any pattern of a few select pieces of evidence causing the conclusion to be reached?
03:23
Maybe that's not enough data to work with.
03:28
Maybe there's Maur announces that could be done or
03:31
even a repeat of earlier steps
03:34
in order to discover if there was a problem with the workflow or with the thinking that got to this point in the process.
03:44
Any information that leads to a conclusion that could be interpreted in more than one way should also be very suspect.
03:53
Certainly there are going to be different conclusions reached by different people because they each have their own opinions and so on. But
04:00
if the conclusions are reached from a point of logic,
04:03
then they should be consistent.
04:05
Ideally
04:09
now the conclusions could be reported and we could rank them by probability or likelihood,
04:16
as we saw with the um
04:19
in the last module, there are expectations of
04:24
near certainties somewhere in the middle of something that's probable, maybe a 50 50 chance, something that's impossible or not very probable.
04:31
And you could use a scale like this in order to
04:34
expand on the value of this exercise.
04:40
And then the last point is looking for other
04:43
pieces of information that could be researched further
04:47
and could provide some help for future activity. So let's go ahead and look at the C I A website and see what they have out here for you to work with. It's actually a pretty detailed document on their website,
05:04
showing 14 chapters worth of information
05:09
on how to sort through these different competing hypotheses
05:14
in a methodical way in a way that's repeatable to some extent.
05:21
So we see the steps that I was talking about earlier,
05:26
looking at all the hypotheses to be considered
05:28
doing some brainstorming, moving on to making arguments
05:32
with some sort of significant evidence, being prepared, create the matrix
05:38
to organize this information
05:41
and even give some examples like Will Iraq retaliate for US bombing of his intelligence headquarters.
05:46
You could certainly look at this kind of analysis and populate your matrix with the different pieces of information to come to some sort of preliminary conclusion.
05:56
Then you do the refinement
05:58
and trying to be ruthless about getting rid of anything that does not support
06:02
the conclusion. Anything that's appear appears to be superfluous.
06:06
Then you might come up with your tentative conclusions and take the opposite tactic of trying to disprove as a way to strengthen the assumptions that have been reached up to this point.
06:19
Then you look at whether the conclusions are reached by certain critical piece of evidence versus an overall
06:27
agreement of the evidence that's been presented.
06:30
This helps to get rid of anomalies. Let's say
06:33
now you think about probability
06:36
by signing different waiting's to, uh, the things that are most likely that the true answer something that might be in the middle of something might be at the other end, where it's not very likely.
06:47
And then finally, you come up with your milestones for future observations and research.
06:54
So it's pretty good information to think about,
06:56
and it's definitely worth spending some of your time on this

Up Next

Advanced Cyber Threat Intelligence

The Cyber Threat Intelligence (CTI) course is taught by Cybrary SME, Dean Pompilio. It consists of 12 modules and provides a comprehensive introduction to CTI. The subject is an important one, and in addition to discussing tactics and methods, quite a bit of focus is placed on operational matters including the various CTI analyst roles.

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions
Instructor