Share this:

In Counterintelligence Theory and Practice, Hank Prunckun aims to address the relative lack of theory-driven research and observations when it comes to the study of counterintelligence. Designed as a textbook, this work is a valuable contribution that will be particularly useful to those who are new to the counterintelligence field, writes Courteney J. O’Connor

Counterintelligence Theory and Practice (2nd Edition). Hank Prunckun. Rowman and Littlefield. 2019.

In the preface to the second edition of Counterintelligence: Theory and Practice, Hank Prunckun identifies an issue with which counterintelligence scholars have been concerned for quite some time: the relative lack of subject-matter literature that deals specifically with theory-driven research or observations. This is not a claim, by Prunckun or by this reviewer, that there are no books on or concerning counterintelligence, because there are many. Simply that, comparative to the extant literature in other fields, the literature for counterintelligence is considerably lacking in theoretical developments or application. Prunckun’s text is designed to serve as a foundation for future theoretical work in the area.

The initial chapter of the text concerns the challenges of counterintelligence, and discusses some of the declassified (known) counterintelligence failures. It should be noted that, unlike other scholarship which may limit intelligence studies to those topics that relate only to the state, Prunckun’s work refers also to counterintelligence undertaken by other entities, such as non-state actors and corporations, as well as individuals in certain cases. As context for the rest of the book, this situates the material more in the realm of the practical than the theoretical, but it is educational.

The second chapter discusses what Prunckun identifies as the five fields of counterintelligence: national security; military; law enforcement; business; and private. Within counterintelligence as a discipline, he identifies two sub-disciplines: counterintelligence and counterespionage. While it seems moderately confusing to label one sub-discipline after the umbrella discipline, it does make sense for the future direction of the field. For the purposes of Prunckun’s understanding of counterintelligence (the discipline), counterintelligence (the sub-discipline) is the protection of the agency’s (‘your’) secrets against the opposition, whereas counterespionage is more along the lines of counter-spying (made famous by novels and Hollywood films) and the subversion or deception of opposition agents.

The primary offering of Prunckun’s text is the construction of a theory of counterintelligence that rests upon four tenets and is split into two fields. The tenets are detection; deception; deterrence; and neutralisation. These four tenets belong primarily to two fields: the former two to defensive counterintelligence, and the latter two to offensive counterintelligence. There are, of course, areas where defensive and offensive counterintelligence will overlap by the mere fact that each supports the other and requires some of the same foundations, but from a theoretical as well as a practical standpoint, it is useful to understand the differences between the two fields.

Prunckun identifies and briefly discusses each of the seventeen pillars of defensive counterintelligence that his theory recognises (55-62). These range from executive responsibility and support (overall and functional responsibility of the executive of a security agency or branch), through to defense-in-depth (layered defence and delay mechanisms, or a system of barriers designed to decrease an attacker’s momentum), core hardening and complicity (constructing the strongest barrier around the most important target, and making it difficult enough to penetrate security that more than one person will be required for the attack, thus increasing the chances of detection and defence). Utilising a sports metaphor, Prunckun analogises defensive counterintelligence with the position of the goalkeeper on a pitch: ‘goal keepers are important to sporting teams because they prevent the opponent from scoring.’ He goes on to state that since a team will never win a game without the offensive side, the crucial purpose of defensive counterintelligence then becomes the facilitation of offensive counterintelligence – counterespionage. While an accurate analysis, it could be argued that, continuing the metaphor, even if the offensive side fails to achieve a goal against the opponent, if the defensive side can hold, then a 0-0 draw remains a better outcome than a 0-1 loss.

According to the author, there are three key issues in counterintelligence planning, no matter the entity doing the planning: threat; vulnerability; and risk (66). Threats are either implicit or explicit, projected or delivered by the threat agent and represent the resolve by that agent to inflict harm upon another. The relative threat level of a hostile party can be worked out by evaluating the hostile agent’s desire to inflict harm; the expectation they will succeed; and the knowledge and resources at their disposal to see the threat successfully carried out: threat = (desire + expectation) + (knowledge + resources) (69). The risk of that thing happening is a function of the likelihood (that the threatened action will occur) and the consequence (of that thing occurring). Vulnerability is fairly self-explanatory, but it is a general measure of how vulnerable an entity is to threats and risks.

Following on from this examination, Prunckun states that a counterintelligence plan should address prevention; preparation; response; and recovery (PPRR):

PPRR – develop[s] a plan that does four things: attempts to prevent such an interception (prevention); prepares the agency for such an interception if prevention measures fail (preparedness); guides the agency in the actions it needs to take to respond to an interception that is underway or has occurred (response); and suggests what needs to be done to aid the agency’s client in recovering once the interception incident has passed (recovery) (66).

In this respect, then, counterintelligence is a continuous and forward-looking discipline just as much as a reactionary practice, and this is an important observation: counterintelligence failures receive a lot more press than successes, in large part because of the consequences of those failures. By publicising what went wrong in the way that practitioners react to events, however, it is often underrepresented how many years of planning and conduct are funnelled into the successes that are never heard of.

The second half of the text goes into some detail on various types of defensive and offensive counterintelligence, from personnel and communications security through to deception and neutralisation (counterespionage), before finishing with a chapter on the ethics of counterintelligence. The sections on offensive counterintelligence are well-structured and the ideas within it are stated logically and eloquently, tying in nicely with the theoretical work in the first half of the book. These ‘overview’ chapters are informative, but offer less ‘new’ information than the introductory, theoretical chapters. They are nonetheless worth reviewing for a holistic sense of the text.

Overall, this is an interesting volume and the work on the theory of counterintelligence is a valuable contribution to the field. It was difficult to read in some areas, as the phrasing and sequence of ideas were occasionally confusing, which made the reading experience less enjoyable than it may otherwise have been, It is designed as a textbook and would serve well as such for those who are entering or new to the field of counterintelligence. The study questions and learning activities at the end of every chapter are designed to reinforce the key concepts and terminology of each chapter and are well-constructed. This volume contains several valuable ideas and should be work that counterintelligence scholars become familiar with.

Please read our comments policy before commenting.

Note: This article gives the views of the authors, and not the position of USAPP– American Politics and Policy, nor of the London School of Economics.

Shortened URL for this post:

About the reviewer

Courteney J. O’Connor – The Australian National University
Courteney J. O’Connor is a PhD candidate with the National Security College of The Australian National University. Her research considers the securitisation of cyberspace and the development of cyber counterintelligence policy and practice.