Response to the following discussions from classmates (X4) with approximately 150 words or more each. Include a reference to each response. Be thoughtful and insightful and it must demonstrate critical thinking and analysis.

Thomas, Doneus, Marty, Eugene

1. I would say that in my own words of defining data. Is that data is raw unstructured or unorganized facts. You can even say bits and pieces. Data becomes information when this data is processed or structured into something meaningful to the person structuring the data. Analysis of the collected information is then processed into intelligence that can be shared with others.

An example I will discuss is a local threat assessment. In order to start working on a local threat assessment, intelligence subject matter experts will need to collect those bits and pieces of raw data with its purpose or intent to identify the local treats to the local area. This is then reorganized or again structured into information. Information that is useful to the intent. The intelligence experts will then move into the next phase which is assessing the information for its credibility and reliability.

The information is also analyzed for the purpose it is intended for and is it useful. All of this is formulated into a local threat assessment to identify the local threats to the area. The intelligence is now a tool that is disseminated down to lower levels and used to help build mitigating options.

Another example is criminal statistics being formulated into a monthly or quarterly report. The purpose of the criminal report is to give the so what followed by some detailed analysis on certain crime trends with the who, what, when, where, and how. In order to build a reliable criminal report. The person will again need to collect that data, structure and organize into criminal information. After all of the organizing, take all of the information and assess.

From this point analyze and build useful criminal intelligence. Thus, becoming useful to learn from.
I would say that news reports conduct this process of transitioning raw data into information and then into intelligence. Now the reliability of today's news don't ask me if it's reliable or even credible. Other examples of transitioning this process is an economic report or scientific findings such as the recent findings about possible alien life around one of Saturn's moons.

2. The relationship of data, information, and intelligence is something that can be fairly easy and at the same time somewhat complex. Anytime we approach a problem set whether it be business related, medical, or even military, we must always analyze problem sets and determine the best course of action.

The way this is conducted is almost always based upon history or information that is available. That information however is not always readily available in its relative state. The end product in which a majority of decisions are based would be built upon intelligence gathered criteria. The millionaire question, however is how do we get to that end state.

In order to reach an end state, we must first have a foundation. This foundation is what is known as the data (Radvanosky & McDougall, 2013). Data simply the raw numbers and facts that are available for any given topic.

For example, when dealing with the medical profession data is the simply the numbers and results of any given test. This data is useless unless it is turned into information. Information is what gives the context or meaning to the data. Words and numbers do not have a meaning until it is turned into information. The process in which this occurs is simply applying that data to a specific problem set or hypothesis.

Based upon the previous example, this medical data results could be applied to a specific person or a specific test which would then be given context and turned into information. Another way to turn data into information is simply by linking a data set together to provide relative information. For example, there are multiple weather satellites collecting data at any given time. This data is likely useless until it is paired with other data to provide a relative picture of what might occur, which becomes useful information (Radvanosky & McDougall, 2013).

Once we have processed data into information we can then utilize this information to make these decisions as previously mentioned. Information, although useful, cannot provide decision making results until it is applied in an intelligence platform. Turning this information into intelligence could be as simple as applying to the topic at hand or determining the so what behind this information and how it could impact certain decisions.

The process of information to intelligence is likely the most difficult stage. Determining why this information is important is what makes the difference between information and intelligence. That information we gathered based upon medical data must now be applied to experience and a specific problem in orer to determine what the course of action might be to solve a problem. Same thing goes for the additional example associated with weather.

Weather information is useless unless we convert this information into intelligence and apply to historical examples of similar weather information and patterns to make informed decisions on what a storm front might do. This is the most common example of data, information, and intelligence conversion. Applying this weather intelligence in a way that is useful to emergency managers to determine where assets should be concentrated to best deal with any given weather system.

3. Prior to the explosion of the internet, organizations were forced to store information on local servers and networks. As the internet became popular, so did the options for organizations to employ cloud services to manage information through outsourcing. The cloud is an internet based medium that provides information storage outside of local networks.

The cloud acts as an amplifier to the distribution and sharing of information because it makes information accessible to more people and different prospectives. This is significant progress to testing data and ensuring that all personal biases have been eliminated.

However, it also introduced new threats to sensitive information and intelligence. "The most significant security-relevant trend in business computing is currently the move to -cloud infrastructures (p. 22). Organizations mitigate the risks by requiring security checks and "need to know" to access parts of the cloud. The problem is that most organizations see more benefits than risks when it comes to using the cloud.

When considering the cloud as a concealed conduit, it encourages information sharing because it is so effortless. While this allows information to be shared easily, it also opens the door to information being transferred to unintended mediums. This is still information sharing, just not the kind that organizations want.

Concealed conduits are a vulnerable part of the cloud. A concealed conduit may not gain access to a system, but may be able to steal information that is passed across the cloud. This can refer to the lack of proper security of the information or the exploitation of the cloud by a competitor to steal information (Radvanovsky & McDougall, 2013). Any organization that uses the cloud to store or share information must understand the risks involved and take the appropriate precautions to ensure the protection of all intelligence it contains.

4. There are three elements discussed within the text in which the cloud acts as an amplifier to information sharing and distribution. "The first is that data is held in such a way that it is accessible across a broader community" (Radvanovsky & McDougall, 2013, p. 53). In theory, but not feasible, data that is located on a cloud could be accessed by everyone.

Second, using a cloud's computing power; data would be subjected to several processes of analysis and organization on the way to becoming information. Third, the cloud formatted information would be more accessible and available in different stages of production instead of just a final product.

Many organizations have shifted over time from storing and managing their own information on local infrastructure to a network-based organization utilizing third-party suppliers entirely for information storage and management. During the time these organizations controlled their own data locally, they had to apply procedural and security controls in order to keep their data safe. Switching to using a third-party shifted that responsibility to the third-party.

"As a result, outside networks needed to be certified against certain criteria, and a risk management decision was made through the accreditation process" (Radvanovsky & McDougall, 2013, p. 54). Cloud based computing and storage amplifies this principle of third-party utilization. It is important for organizations to assess the third-party and conduct risk analysis of the process and capabilities to ensure the cloud provides the needed services and protection levels needed.

Utilizing a concealed conduit using cloud storage and processing is important to those involved in protection and assurance. There are many aspects that need examined when evaluating the use of a cloud. The infrastructure used by the organization should be separate from hostile or competitive individuals or organizations.

The information should be partitioned to protect it from outside intervention. The cloud should utilize the proper level of protection to ensure only those who have permissions to access the material are able. If copies of the information are made, they should have the same level of protection as the original. Processes need to be in place to validate the current access roster matches those individuals identified by the client.

There are two types of concealed conduit that may exist and the difference is whether an accredited body can detect them. "In cases where there is an appropriately conducted threat and risk assessment, inspection, and other forms of checks, the conduit may be fairly apparent to the accrediting body" (Radvanovsky & McDougall, 2013, p. 56). The second type of conduit may be there but, undetectable.

The latter may occur when criteria have not been met, there is a lack of expertise, full assessment not being completed, not accepted technical reports, or over-reliance on documentation such as certificates. "It is this latter element that poses the most significant risk to those looking at the issue of cloud computing" (Radvanovsky & McDougall, 2013, p. 57). While steps may be taken to address vulnerabilities, such as mitigation and detection, if they are not acted upon it leaves the organization and the entire system vulnerable.