The intelligence community’s IT modernization lift is more than just a synchronized effort of various stakeholders and service providers delivering technology solutions — it’s about changing the way the intelligence community functions.
This is no easy feat, as the IC tends to dig its heels into operating procedures that vary from agency to agency, ultimately creating barriers to sharing vital information.
“We are learning our lessons from 9/11,” said Charles Rhodes, who works within the Office of the Director of National Intelligence‘s chief information officer unit. Speaking at the 2017 DoDIIS Worldwide Conference in St. Louis, Missouri, in August, he was referencing one of the key determinations from the 9/11 Commission Report — that government agencies did not talk to each other and share information.
The IC’s massive IT modernization effort, known colloquially as IC IT Enterprise (or IC ITE), consists of three primary goals, Rhodes said: increased intelligence integration, enhanced IT safeguards and greater efficiencies.
IC ITE consists of a variety of service providers all working to integrate agencies and data within the IC and the Department of Defense with the means of treating data as an IC asset, which is a key point of departure from previous years where intelligence derived from a particular agency within a specific intel disciple was thought to be owned by that agency, not the broader community.
“To share information, an agency had to sign a memorandum of understanding with each sister agency,” Rhodes said of the pre-IC ITE days, adding that this is not great for national security.
“What IC ITE has enabled is a tremendous opportunity to achieve mission outcomes that would not have been possible with the legacy infrastructure,” Sally Holcomb, deputy CIO at the National Security Agency, said at DoDIIS.
The service providers include:
- Desktop environment: essentially the foundation and starting point of IC ITE that serves as the user-interface portion of IC ITE, which is a joint effort led by the Defense Intelligence Agency and the National Geospatial-Intelligence Agency meant to deliver industry-grade desktop features to IC users.
- Network requirements and engineer service provider: implements new site connectivity through franchised campus-area networks and distributed wide-area network responsibilities led by the National Reconnaissance Office.
- Data services architecture service provider: a joint NSA-CIA venture that provides a set of targeted data-services solutions, as well as management, distribution, conditioning and transport services into the IC cloud throughout the data life cycle.
- Identification, authentication and authorization service provider: securely manages authorized access to information throughout IC ITE services.
- IC cloud: made up of both the commercial cloud services — known as C2S and managed by the CIA — as well as the IC Gov Cloud — managed by NSA — which provides elastic, on-demand utility data and storage services.
- IC applications mall: connects the entire IC, bringing together people and data in one place with an integrated applications marketplace accessible from desktops across the workforce.
- Information transport service provider: share information across the IC and domains with the DoD, U.S. government organizations and allies.
- Enterprise management services provider: provides a consolidated service desk and risk management across the IC ITE service providers.
Getting to unclassified and working with DoD
At the heart of the IC ITE project is allowing analysts and IC employees to get anywhere; and to do that, they need a desktop. They need a system to log into that’s got a cloud behind it that runs email — in this case, SharePoint, said Peder Jungck, intelligence and security sector chief technology officer at BAE Systems, during an interview with C4ISRNET. BAE Systems is the prime contractor for the desktop environment effort.
Acting CIO for ODNI Jennifer Kron said at the DoDIIS conference that for the first several years of ICE ITE, the community focused on the top-secret/secure, compartmentalized information domain and on available services within the U.S., specifically within the Washington metropolitan area.
“But clearly most of our colleges, our customers, our partners don’t live on the TS/SCI fabric within the [Capital] Beltway within D.C.,” she said. “So we need to make sure that the IC ITE service are available on the secret and unclassified levels as well,” and availability without latency out west and overseas, too.
This is especially prudent for DoD partners as, with the exception of the intelligence staff, military operations function at the secret level and many others at the unclassified level.
The second C2S region will launch in November 2017 and will be accessible via the secret network fabric, said Ryon Klotz, a C2S representative. This is in direct response to a mission demand of those DoD IC elements: a cloud-hosting infrastructure to better support the war fighter.
Vickie Paytas, a representative for the data-services architecture, cited during a panel at DoDIIS research into moving services to the secret and unclassified networks as opposed to top secret. While this effort is still in its infancy, the representative said the DoD has data in the cloud through the data-services architecture’s data-ingest management systems, and there’s an effort to work with the DoD to understand what the department needs to get data to the cloud so it’s discoverable.
The DoD is also using some services from the identification, authentication and authorization (IAA) service provider, which helps with information sharing because they get the persistent access control, said Pratiksha Shah, an IAA representative.
IAA offers the capability to tag data in a cloud environment, only allowing it to be viewable by authorized, tagged users enabling secure data information sharing based on user access to the data.
On top of aforementioned efforts, Shah added, there’s support for an expansion of services in which the DoD operates given IAA’s services will eventually be available in the secret and unclassified domain as well.
A representative from the information transport service provider offered a vignette during a panel at the conference on how the provider’s work can unburden the person at the tip of the tactical spear. The representative explained that previously individuals received information sent in the form of a text message that might include several pages. These users might not have the time to read through all that.
Given that a picture is worth a thousand words, now through information transport service capabilities, that tactical user can receive that same information in the form of a picture, enabling them to build their plan right then and there; and they can execute against something without having to figure out what the words mean. Users can now look at pictures or attachments and make decision much faster to build a more coherent and contextual analysis, the representative noted.
Mark Pomerleau is a reporter for C4ISRNET, covering information warfare and cyberspace.