Back to the Resource Hub / Back to Links
The links below are organised by the month in which they are published
BOOKS |
Mark M. Lowenthal’s Intelligence: From Secrets to Policy (Tenth Edition) offers a comprehensive, real-world guide to the U.S. intelligence community, its structure, operations, and evolving role in national security policy.
This landmark textbook, now in its tenth edition, remains a foundational resource for students, analysts, and policymakers seeking to understand the complexities of intelligence work. Lowenthal, drawing on over four decades of experience, presents a clear, structured overview of how intelligence is collected, analyzed, and used to inform decisions at the highest levels of government.
The book begins by defining what intelligence is—not just secrets, but information processed to reduce uncertainty for decision-makers. It then traces the historical development of U.S. intelligence, emphasizing its transformation post–World War II and especially after 9/11. Lowenthal outlines the structure of the U.S. intelligence community, detailing the roles of agencies like the CIA, NSA, FBI, and ODNI, and how they coordinate (or sometimes compete) in gathering and interpreting information.
A central theme is the intelligence cycle: planning, collection, processing, analysis, dissemination, and feedback. Lowenthal breaks down the collection disciplines—HUMINT (human intelligence), SIGINT (signals intelligence), IMINT (imagery intelligence), and others—highlighting their strengths, limitations, and ethical implications. He also explores counterintelligence and covert action, explaining how these tools are used to protect national interests and influence foreign affairs.
The book emphasizes the relationship between intelligence and policy, showing how intelligence informs—but does not dictate—policy decisions. It discusses the challenges of oversight and accountability, especially in democratic societies, and the tension between secrecy and transparency.
New to the tenth edition are expanded discussions on cyber intelligence, artificial intelligence, and great power competition, reflecting the shifting global landscape. Lowenthal also updates his analysis of foreign intelligence services, offering comparative insights into how other nations approach intelligence.
Chapters on transnational issues (e.g., terrorism, pandemics, climate change) and ethical dilemmas in intelligence (e.g., surveillance, torture, privacy) encourage readers to think critically about the moral dimensions of intelligence work.
In sum, Intelligence: From Secrets to Policy is a rigorous, accessible, and timely text that equips readers with the tools to understand and evaluate the role of intelligence in shaping national and global security policy.
The Palgrave Handbook on Cyber Diplomacy (2025) offers a comprehensive, multidisciplinary exploration of how diplomacy is evolving in response to the challenges and complexities of cyberspace. It redefines the boundaries of international relations, security, and governance in the digital age.
Edited by George Christou, Wilhelm Vosse, Joe Burton, and Joachim A. Koops, this handbook brings together leading scholars and practitioners to examine the theory and practice of cyber diplomacy. It responds to the growing need for nuanced understanding of how states, international organizations, and non-state actors negotiate, regulate, and secure the digital domain.
The book begins by framing cyber diplomacy as a response to the emergence of a complex cyber ecosystem—one increasingly shaped by disinformation campaigns, cyberattacks on critical infrastructure, and transnational cybercrime. These threats are not merely technical; they carry profound social, legal, economic, and geopolitical implications. The editors argue that traditional diplomatic tools are insufficient to address these challenges, and new frameworks are needed to manage the intersection of technology and global politics.
Key chapters explore the norms, rules, and institutions that govern cyberspace, including efforts at the United Nations, regional organizations, and multilateral forums. The book highlights the tension between sovereignty and openness, as states seek to assert control over digital infrastructure while preserving the global nature of the internet.
The handbook also delves into cyber capacity-building, confidence-building measures, and international law, showing how diplomacy is used to prevent escalation and promote responsible state behavior. It examines the role of private sector actors, technical communities, and civil society in shaping cyber norms, emphasizing that cyber diplomacy is no longer the exclusive domain of governments.
A standout feature is its multidisciplinary approach, incorporating perspectives from political science, law, computer science, and ethics. It includes case studies on cyber diplomacy in action—from EU cyber strategies to ASEAN cooperation and U.S.–China cyber dialogues—offering practical insights into how diplomacy is conducted in the digital realm.
Ultimately, the handbook argues that cyber diplomacy is reshaping the very nature of diplomacy itself. It is not just about securing cyberspace, but about redefining how states interact, negotiate, and build trust in an interconnected world.
A provocative and interdisciplinary examination of how intelligence oversight functions—or fails—in Western democracies amid growing transnational cooperation and impunity.
The book challenges conventional approaches in intelligence studies, which often treat oversight as a technical or procedural safeguard. Instead, the editors and contributors argue that oversight mechanisms frequently legitimize secret state violence rather than constrain it. Drawing from political sociology, law, and history, the volume reframes oversight as a system that can enable impunity, especially when intelligence agencies operate across borders and within loosely regulated transnational networks.
One of the central themes is the concept of raison d’état—the idea that state survival justifies extraordinary measures, even those that violate legal and moral norms. This principle, the book argues, underpins many intelligence practices and is often invoked to shield agencies from scrutiny. Intelligence scandals, rather than curbing power, tend to reinforce it. Agencies portray themselves as stabilizers during crises, using public fear to expand their mandates and evade accountability.
The book also explores how secrecy, organizational loyalty, and mission-driven culture create environments where oversight is not only resisted but actively undermined. For example, Ronja Kniep’s chapter illustrates how Germany’s BND reacted defensively to legal challenges, dismissing claimants as “litigation fools” and mocking international oversight efforts.
Across case studies from the UK, US, France, and broader Europe, the contributors show how oversight bodies are often co-opted or sidelined. Legal frameworks are manipulated, and human rights mechanisms are either ignored or rendered ineffective. Yet, the book doesn’t stop at critique—it also highlights emerging legal innovations and civil society efforts aimed at closing oversight gaps. These include transnational advocacy networks and judicial interventions inspired by anti-torture campaigns.
Ultimately, Intelligence Oversight in Times of Transnational Impunity is a call to rethink how democratic societies monitor their most secretive institutions. It urges scholars, policymakers, and citizens to confront the uncomfortable reality that oversight, as currently practiced, may serve more to protect intelligence agencies than to restrain them. The book is essential reading for anyone interested in the intersection of security, law, and democratic accountability.
Four Shots in the Night: A True Story of Stakeknife, Murder and Justice in Northern Ireland by Henry HemmingA gripping and deeply researched account of one of the most controversial intelligence operations during the Troubles—a period of sectarian conflict in Northern Ireland. At its heart is the 1986 murder of Frank Hegarty, an IRA member turned British informant, whose body was found in broad daylight with tape over his eyes and four bullets in his head.
Hemming reconstructs the events surrounding Hegarty’s death, revealing a tangled web of espionage, betrayal, and state complicity. Hegarty had been recruited by British intelligence to infiltrate the IRA and report on arms movements. His handler was part of the Force Research Unit (FRU), a covert British Army group tasked with running agents inside paramilitary organizations. Hegarty’s intelligence led to the discovery of hidden IRA weapons caches in the Republic of Ireland, but this success came at a cost: his exposure and eventual assassination.
The book’s most explosive claim centers on Freddie Scappaticci, code-named “Stakeknife,” a high-ranking IRA enforcer who secretly worked for British intelligence. Scappaticci led the IRA’s internal security unit—the feared “Nutting Squad”—responsible for identifying and executing informants. Hemming suggests that Scappaticci may have been the very man who ordered or carried out Hegarty’s killing, raising disturbing questions about how far British intelligence was willing to go to protect its assets and manipulate outcomes.
Hemming also explores the political backdrop, including the Anglo-Irish Agreement signed by Margaret Thatcher, which aimed to improve security cooperation between Britain and Ireland. He speculates that Hegarty’s handlers may have deliberately leaked his intelligence to Irish authorities to demonstrate the agreement’s effectiveness—even if it meant sacrificing their own agent.
Using archival material, interviews, and findings from a recent police investigation, Hemming paints a vivid picture of Derry’s tight-knit, secretive community and the broader intelligence war that shaped the endgame of the Troubles. The book challenges the conventional narrative that peace came solely through diplomacy, suggesting instead that spies and informants played a decisive, if morally ambiguous, role.
Four Shots in the Night is both a page-turner and a sobering meditation on justice, loyalty, and the hidden costs of counterinsurgency. It raises urgent questions about accountability and the ethical boundaries of state power in times of conflict.
NEWS |
British spies are to use the digital shadows of the dark web to recruit informants and allow them to receive secret information from agents in Russia and worldwide, Britain's foreign ministry said. The Secret Intelligence Service, Britain's foreign spy agency known as MI6, is to use a dark web portal called Silent Courier, which will allow people to securely pass on details about illicit activities anywhere in the world, or offer their own services.
"Today we're asking those with sensitive information on global instability, international terrorism or hostile state intelligence activity to contact MI6 securely online," MI6 chief Richard Moore will say when he formally announces the plans in a speech in Istanbul. "Our virtual door is open to you," Moore, who has previously called on Tussians to spy, opens new tab for Britain, will say.
MI6, which was established in 1909 but not officially acknowledged until the 1990s, usually operates in the shadows, and only its head - known as "C" - is a publicly named member of the service.
North Korea is rapidly expanding its illicit IT worker scheme beyond the U.S. tech sector, successfully obtaining interviews and potentially employment at companies in dozens of industries across the world. Cybersecurity giant Okta published a report outlining its continuing research \into the IT worker campaign, which has seen North Korea illegally place thousands of its citizens in high-paying roles at U.S. companies to circumvent sanctions and earn millions of dollars for Pyongyang’s military.
Using fake IDs or stolen documents, North Korea initially focused on getting its citizens hired at cryptocurrency companies and other blockchain-related firms. Before long, most Fortune 500 companies had interviewed or hired a North Korean IT worker.
Okta said their new research into the scheme revealed that North Korea has honed its skills on U.S.-based companies and has expanded into dozens of different countries and industries.
The findings suggest North Korea is evolving its campaign to include effectively any remote roles that fall within the general scope of their scheme. As long as the application, interview process and work can be done remotely, North Korean workers will attempt to apply for it, Okta researchers claimed.
The impacted industries now include finance, healthcare, government and professional services — with the information and technology sector only accounting for about half of the targeted entities. Organizations outside of the U.S. now represent about 27% of all targeted entities.
Okta used internal and external sources to track more than 130 identities operated by North Korean facilitators and workers. These identities were linked to over 6,500 initial job interviews across more than 5,000 distinct companies up until mid-2025.
Australia’s legislative watchdog for intrusive spying and policing powers has called out deficiencies in safeguards for “special cybercrime powers used by the Australian Federal Police and Australian Criminal Intelligence Commission” in a wake-up call for how cops crack down and obtain evidence relating to digital criminality.
As the line between state-backed interference, theft and coercion in the digital real continues to become increasingly blurred – the expulsion of Iranian diplomats from Australia accused of using criminal networks to pursue local social unrest being a case in point – the role of federal law enforcement in national security operations has again come under the spotlight.
“The Monitor found the powers, that allow agencies to takeover online accounts, disrupt data and conduct broad network surveillance are needed but that the current system for issuing warrants is not fit for the demands of modern, covert, highly intrusive and technology-dependent police powers,” the Independent National Security Legislation Monitor (INSLM) said in a statement this week.
The statement issued by INSLM Jake Blight effectively puts law enforcement agencies using the extensive intrusive cyber powers on notice that they will either have to seek to authorisation for their activities clarified under law or potentially face legal challenges to their current activities.
It’s no small academic point either given recent revelation that for-hire criminal networks have been harnessed to conduct attacks on ethnic and faith communities in an effort to mask the true origin of hostile actions.
The ransomware ecosystem continues to splinter, with new gangs proliferating in the wake of law enforcement takedowns that have scattered affiliates and prompted criminal rebrands.
Observers have raised alarms about the explosion of new groups this year. MalwareBytes tracked 41 newcomers between July 2024 and June 2025, with more than 60 total ransomware gangs operating at once for the first time since they began tracking the data.
Researchers at the company attributed an increase in overall ransomware attacks to the growth in active groups, which has doubled over the last three years.
ARTICLES |
This article explores the vital collaboration between government intelligence agencies and the private technology sector in fostering innovation to address evolving technological needs. Traditional procurement models designed for mature technologies often fail to meet the dynamic requirements of emerging technologies. Drawing on technology readiness levels, our proposed approach stresses early and sustained engagement between public agencies and private entities to identify, support and guide the development of critical technologies. Drawing on examples from France, the Netherlands and the United States, our research emphasizes the need for adaptive frameworks to balance the risks and opportunities presented by emerging technologies while safeguarding national security and sovereignty.
At the 2025 Artificial Intelligence (AI) Action Summit in Paris, Helsing, a defence-focused AI company based in Germany, and Mistral AI, a leading French startup, revealed a strategic partnership to develop advanced AI models for defence applications. This collaboration aims to enhance situational awareness and decision-making in complex operational environments. While the partnership was primarily driven by the companies themselves, it aligns with broader governmental efforts to strengthen European defence capabilities through integration of cutting-edge AI technologies. Intelligence agencies are increasingly relying on private sector innovation to identify, develop, and adopt emerging technologies. Public-private collaboration not only helps maintain their competitive edge but also creates new opportunities to shape technological trajectories, accelerate capability development, and access expertise beyond the state’s traditional reach.
This article addresses the challenge of fostering collaboration between government intelligence agencies and the private technology sector. Private companies and civilian research establishments are driving the rapid development of digital technology. As a result, it is neither feasible nor practical for government agencies to research and develop advanced digital solutions on their own. Non-governmental actors are essential partners, not just for technology procurement, but also for the exchange of expertise and joint research and development efforts.
Scholarship on public-private collaboration in the defence and security sector tends to focus on procurement – the process of acquiring goods or services from external vendors.However, the pace and complexity of technological development is increasingly pushing both public and private organizations to collaborate more broadly with external partners, particularly in identifying opportunities and conducting research and development.This shift raises several questions about how intelligence agencies can communicate their needs to external partners, guide and co-develop solutions, and eventually implement them. This article, therefore, seeks to answer a key question: how can government intelligence agencies collaborate with the private sector to meet their technological needs? To answer this question the article surveys a range of ways in which Western intelligence communities have sought to liaise with the private sector to enable their digital transformation.
Advances in artificial intelligence (AI)–assisted protein engineering are enabling breakthroughs in the life sciences but also introduce new biosecurity challenges. Synthesis of nucleic acids is a choke point in AI-assisted protein engineering pipelines. Thus, an important focus for efforts to enhance biosecurity given AI-enabled capabilities is bolstering methods used by nucleic acid synthesis providers to screen orders. We evaluated the ability of open-source AI-powered protein design software to create variants of proteins of concern that could evade detection by the biosecurity screening tools used by nucleic acid synthesis providers, identifying a vulnerability where AI-redesigned sequences could not be detected reliably by current tools. In response, we developed and deployed patches, greatly improving detection rates of synthetic homologs more likely to retain wild type–like function.
Large scale drug production and distribution organizations (DTOs) are businesses. As such they face many of the same challenges faced by legal businesses, such as the creation of new drugs, supply chain issues, and identifying new markets. The legal business world is finding creative ways to meet those challenges utilizing artificial intelligence (AI). This discussion uses a horizon scan methodology to suggest how current and anticipated applications of AI in the legal business world might be adapted by large-scale illicit drug trafficking organizations. The focus in this discussion is on its potential application for the largest organizations that control the mass production and transnational distribution of illicit drugs.
Transnational drug production and distribution organizations are businesses. Successful drug organizations adopt the strategies employed by legal businesses (Wainwright Citation2016). These include such things as managing employees, using public relations to tamp down public opposition, setting up franchises, and ordering online. Quinones (Citation2015) likened one operation to businesses that deliver pizza, including just-in-time home delivery and follow-up calls to measure customer satisfaction. If legal businesses improve their operations by adopting AI, it is only a matter of time until illicit drug operations are likely to follow their lead. This paper suggests what that might look like, but first it is helpful to have a brief description of AI.
The professional intelligence officer’s toolkit includes a range of heuristics, methods, tools, and techniques for intelligence production. Many of these are borrowed from other disciplines, underpinning the richness of modern intelligence tradecraft. However, this tradecraft — especially analytic tradecraft — has tended to emphasise methods, tools, and techniques, over heuristics that often arise from hard-won experience. To add further complexity, these four terms are often blurred or used interchangeably, but they carry distinct meanings.
Heuristics are informal cognitive shortcuts or ‘rules of thumb’ analysts use to simplify complex problems and make judgments quickly, but they are prone to cognitive biases. Methods offer more systematic approaches or overarching frameworks used to structure the entire analytic process from start to finish. They provide discipline and consistency, ensuring the intelligence production process itself is sound and defensible. Tools are instruments or platforms (manual or digital) that support or enable intelligence production by managing data, visualising patterns, or running models. For example, i2 Analyst’s Notebook for visualisation, or statistical software for trend modelling. Tools extend human capacity by processing large volumes of data or presenting it in digestible form. Finally, techniques offer specific procedural steps or processes applied within intelligence production; for example, the many available structured analytic techniques (SAT).
at Russia will struggle to resolve – even as it rather successfully adapts other elements of its military and intelligence – its roots are deep.
REPORT |
Modernisation is at the core of the mission of the Chinese Communist Party (CCP) to change the People’s Republic of China (PRC), and beyond—to ‘set off a wave of modernisation in the Global South,’ as China’s paramount leader Xi Jinping has urged. This is all about party control. This naturally incorporates the party’s military arm: the People’s Liberation Army (PLA).
Xi has stressed that it means accelerating the PLA’s development into ‘a world-class army’ capable of seizing and holding down Taiwan, which in recent decades the party has insisted is an integral part of the PRC, even though the PRC has never ruled it. But while Xi has provided the PLA with cutting-edge weaponry, many signs point to his lack of confidence in the process so far of modernising its top personnel—of moulding them into fully responsive cogs in the great CCP machine.
That modernising mission matters intensely for the rest of the world—especially for the Indo-Pacific region—because the CCP won’t be satisfied with eating China itself. It’s also working to ensure that far beyond China—and beyond Taiwan, too—global institutions and trends, and regional seas and islands, are made safe for itself. Many governments in the region appear to believe that, despite the PRC’s grey-zone fishing fleets and cyber destabilisation, their nations can continue to enjoy a net-beneficial relationship with the PRC thanks to access to its markets and to its cheap products as long as they don’t compete unfairly.
That view, which is common among Indo-Pacific elites, holds that greater engagement with China will provide insurance against its military ambitions. But China’s global security, development, civilisation and governance initiatives and many other programs and relentless rhetoric reveal that Beijing won’t be satisfied with mere engagement. For the party wishes to advance—through PRC-style modernisation—everywhere. Its capacity to pursue key goals militarily is crucial for the credibility of that pervasive mission.
That means acquiring world-class weaponry, and ‘military–civil fusion’—the enmeshing of military and civilian industries via extensive technology exchanges—which are helping to transform the PLA from a territorial force into a major maritime power.
While it’s commonly understood that conflict-affected landscapes can often act as safe havens for transnational organised crime, little attention is paid to the central role that state actors play. In those areas, criminal networks can operate with impunity, frequently feeding into the conflict and subsistence economy. Those groups exploit law-enforcement gaps and complex territorial control patterns to capitalise on the prevailing disorder. However, in some cases, they find ways to integrate into the wartime economy through close collaboration with state authorities. A recent example of this is the late Assad regime’s dependence on the illegal drug trade, specifically the large-scale production and export of Captagon.
In the Indo-Pacific, Myanmar is emerging as a haven for transnational organised crime outfits. This industry has now grown to such a scale that it poses a significant international threat to countries well beyond the footprint of other elements of the Burmese crisis. Transnational organised crime syndicates now operate and construct large and complex scam centres (Kyar Phyant) and are actively involved in fraud-based scamming, money laundering and human trafficking. Those activities result in substantial costs, not only for the individuals trafficked and those scammed, but also for the social and economic development of the region.
OPINION |
Donald Trump increasingly employs America’s vaunted spy services as the proverbial drunk uses lamp posts: for support rather than illumination. And that presents a huge, albeit slow-moving and often invisible, threat to national security.
If the president and his spy masters keep signaling to spooks, agents, and analysts throughout the so-called intelligence community (IC) that independent, honest, skeptical and apolitical assessments of threats and risks are out, while motivated reasoning and groupthink are in, the best people will leave and the worst will rise. Confidence in the IC’s processes and output will decline, and allied countries will share less information. Attention will go to whatever preoccupies Trump, while other perils are ignored — dangers that, in time, may kill Americans.
The cybersecurity community received a sobering reminder of AI's destructive potential when UK engineering firm Arup fell victim to a sophisticated deepfake attack, losing $25 million to criminals who impersonated company executives in a video call. This incident represents more than an isolated case—it signals the emergence of a new category of precision-targeted fraud that combines psychological manipulation with technological sophistication.
The scale of deepfake-enabled fraud is accelerating at an alarming rate. Financial losses from AI-generated executive impersonations exceeded $200 million in just the first quarter of 2025, with fraudsters now capable of creating convincing voice clones using as little as 20-30 seconds of audio. The accessibility of this technology has democratized sophisticated fraud operations, with voice cloning services readily available on dark web marketplaces and Telegram channels
TALKS, WEBINARS & PRESENTATIONS |
Panelists discuss how artificial intelligence is reshaping the national security landscape and how government and technology leaders can respond to emerging threats, protect critical systems, and manage global competition. This meeting is part of CFR’s Transition 2025 series, which examines the major foreign policy issues confronting the Trump administration.
The Hoover History Lab held a new book talk with Stuart A. Reid: The Lumumba Plot: the Secret History of the CIA and a Cold War Assassination (Knopf, 2023) on October 17, 2023 from 12:00pm - 2:00pm.
United States-African relations have multiple dimensions, and quite a bit of history. One aspect involves coups. Almost immediately after Congo became independent from Belgium in 1960, the CIA station in Leopoldville, the capital, received an order from Washington that Congo’s new leader, Patrice Lumumba, should be removed. Congolese rebels, backed by the CIA, assassinated him. Joseph Mobutu, originally a Lumumba loyalist, eventually seized power, also with U.S. backing. Mobutu’s misrule lasted decades, and wreaked devastation. Stuart Reid has uncovered new documents and new aspects to this episode, which formed part of a larger story of the U.S. in the Cold War in what was then called the Third World
Back to the Resource Hub / Back to Links
The subjects, thoughts, opinions, and information made available in AIPIO Acumen reflect the authors' views, not those of the AIPIO.