Information is needed to make decisions. The higher the quality of the collected information and the more comprehensive the information, the more sound the decision.
Information needs refer to any general or specific subject for which a state or local agency has a continuing need for intelligence (GAO 2010).
They are also defined as: insights needed to manage objectives, goals, risks, and problems [ISO/IEC 2007].
It is important to make sure that information needs are articulated, clarified, assigned, and fulfilled, using intelligence processes in a timely manner.
In cyber security, information needs are primarily focused on threat, vulnerability, consequences, warning, and countermeasures.
To adequately assess cyber threats, information is needed for a comprehensive analysis.
In some cases, during the course of the analytic process, critical information may be missing that prevents a complete and accurate assessment of the issue.
Such gap or unanswered question related to the threat triggers an intelligence requirement process/information need.
In order to ensure the efficiency of the intelligence collection process, the information collection process needs to be focused so that specific information needs are fulfilled.
Some procedures that can enhance the process of information needs collection and processing (FBI 2003):
Identify, prioritize, and address state and local information needs.
Share intelligence, analytical techniques, and tools.
Timely distribution of appropriate intelligence.
Seek feedback concerning the effectiveness of the support.
Typically, based on time information needs can be divided into three categories (ISAO 2016):
Immediate-Information needs that concern actions to defend against or respond to new threats, vulnerabilities, or incidents as soon as possible.
Tactical-Information needs that concern decisions on how to best deploy an organization’s existing resources against the change in situational awareness.
Strategic-Information needs that concern making plans and decisions on the efforts and resources needed to address emerging or future threat environments.