There are many organizations that have a Command Center, and a Network Operations Center, and a Security Operations Center, and an Information Security Operations Center, and ...Our solution is to combine them into a single SPOC, with a secondary ROC (Remote Operations Center) which serves multiple purposes of:

Continuity of Operations Plan, Surge support, Remote backup, and others.

What the SPOC allows you to do is have a Commander that is in charge of ALL security/law enforcement /legal/physical/ ...and he can easily task any of the teams, or let the teams select their work and run independently. Each of the Deputies under that Commander will be in charge of their own area, be it OSINT, or Forensics, or HUMINT, or other.

An example of something this would allow that you likely do not have at this time is the following scenario: Law enforcement captures a laptop that was placed with a bomb. Whose laptop is it? Well, in our scenario, your forensics guys from law enforcement call in forensics guys from the SOC, and OSINT guys from their division, and go through the wireless access points that the machine was connected to determine patterns of behavior, and trace it back to some profile, or group, or a specific person. Then, if needed, you call in the HUMINT guys to take that information and find the specific person. All of this happens in real time because they are all in the same building, if not on the same floor, if not in the same office. Things like this make dramatic improvements in response time, and getting "left of boom"

As for cost savings, you could have people cross-pollinate and do more than one job. This allows you to have 10 CCIE network guys working in the SPOC instead of 8 in the NOC, 8 in the SOC, 4 in the ISOC, etc. AND that ONE absolute genius expert that you were able to find can help out ALL groups instead of just the single office that s/he works in.

One of the problems that we have found with the current way things are done is that there are too many silos; too many groups working in isolation. This problem is not unique to the US/ Canadian Government, or Commercial, or foreign governments. Whether it is due to a need for separation because of classification of work, or because of legal / regulation requirements, or other, almost all organizations work in this manner.

Putting the various silos under one roof working on joint problems with a guy at the top with the trust to break through those barriers and encourage the groups to work together, but also have the authority to remove or fire those that do not participate fully.