While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
Making sense of the mountains of information collected by agencies within the intelligence community has been a major challenge — one made even more significant by the differences in technology and data from agency to agency.
But a steadily maturing program within the community is helping to address some of its most serious challenges. The Intelligence Community Information Technology Enterprise program, commonly known as ICITE (pronounced eyesight), is improving the way agencies handle, store and analyze data.
ICITE was established in 2012 to help agencies share data more freely using common standards and platforms. The program provides a collaborative environment in which analysts can work. No collaborative environment existed in the past, and now the ICITE program has established a common desktop for users to work from, an App Mall from which users can download community applications, and the IC Cloud for data storage.
ICITE completely changes the way data is used and analyzed, says Capt. Lee Scruggs, chief technology officer and acting CIO at the Coast Guard Intelligence agency.
“Adopting ICITE has made us realize that we need to mature how we obtain, curate and share Coast Guard–unique data,” he says. “We’re also working on improving our efforts to standardize data to conform to other platforms, and also to build a Coast Guard data services model that will normalize processes to authorize, obtain and share data.”
SOURCE: Office of the Director of National Intelligence
For Coast Guard Intelligence, this has made it easier to identify possible vulnerabilities as well as to vet and process information requests. “The requests get the rigor they need prior to approval, but a more standardized approach will enable us to better evaluate requests,” says Scruggs.
The program also improves how the community uses metadata, an important boost in the wake of a 2015 legislative change that forced the National Security Agency to obtain legal permission to collect metadata on telephone calls.
“Any time you have good metadata, you can get value from that metadata by correlating it with others,” said NSA Deputy CIO Sally Holcomb during a speech in April.
By pooling data, ICITE allows analysts from disparate agencies to work together to find potential issues and risks. “ICITE takes the next step and puts all of the data in the same place and tags the data so people who have the need for that data can discover and access it,” says Shishu Gupta, deputy CIO at the National Geospatial-Intelligence Agency (NGA). The data is treated as a common resource, allowing users to find mission-relevant information.
For example, Beth Flanagan, ICITE mission lead at NGA, says the agency used data from ICITE to greatly expedite research that linked the Syrian government to an August 2013 chemical weapons attack that killed more than 1,500 people. “The power of ICITE, of integrated intelligence, is reducing the time our analysts hunt and peck for data. It makes it easier for them to interrogate data,” Flanagan said during a presentation at an April security conference.
Intelligence officials say ICITE also has delivered significant improvements in security. From an infrastructure perspective, the program limits the number of IT resources that need to be protected, as well as the number of points where human error can be introduced, Gupta says.
“Do in common what is commonly done — it’s the core tagline of the IT transformation,” Gupta adds. “We want to designate service providers who can build a service one time and make it available to the community.”
These common services include a desktop for ICITE users, which provides standard operations such as email and office systems. NGA also has delivered some enterprise management functions for use throughout the intelligence community.
Cloud-based common enterprise services also allow for layers of security through attribute-based controls and multifactor authentication, says Kyra Fussell, an analyst at Deltek.
“There’s an aim to advance security capabilities as the intelligence community promotes data-sharing by tagging both data and users, ensuring that information is accessible only by the appropriate people,” she explains. “The development of standard network design models will further enhance security by focusing risk management.”
With a designated service provider, the demands on IT staff at individual agencies are reduced. “As we move to a common infrastructure layer like the cloud, we can spend less time running IT equipment and more time writing software that is core to our business.”