With asymmetric threats on the rise worldwide, the Intelligence Community (IC) agrees: the ability to confront these threats comes down to data. Resilience will develop not just from capturing or generating data, but sharing, analyzing, and applying it to give everyone—from decision makers to front-line warfighters—the most current and accurate information. This message was central to the 2019 Department of Defense Intelligence Information System (DoDIIS) Conference, where experts from across DoD, industry, civilian government, and academia came together to share strategies for meeting the next generation of national security challenges.
The IC has come a long way in breaking down stovepipes in the way of actively sharing information. Still, according to Tim Smith, sr. director – DoD, civilian, government and FSI for SolarWinds, “These agencies have walls by design, so the question is, how do you connect the dots?” Reid Diehl, who focuses on the needs of COCOMs for SolarWinds, added that those stovepiped data centers likely have redundant information, requiring significant effort to validate it all.
Smith said panelists at the event’s CIO roundtable kept coming back to the impact of the sheer volume of data they deal with. Newer technologies, such as artificial intelligence (AI), are actively being looked at to sift through, as Smith says, “not mountains, but mountain ranges of data.”
A recurring theme at the annual IC gathering was, not surprisingly, security. The IC is a security-driven culture, and the ongoing issue of insider threats came up from several attendees. For many in the IT arena, the answer is once again driven by data, in this case data analytics, to understand, as Diehl described, “someone touching from point A to point Z and everywhere in between.”
Diehl and Sandra Trumbull, federal business development at SolarWinds, said attendees showed a keen interest in going beyond network monitoring to delving into metrics and management capable of enhancing security, such as extensive access rights management. The seemingly obvious place to start, Smith said, is with the people who manage Active Directory. But ultimately, he said, responsibility may lie elsewhere: “We think it’s more often the security manager, the audit manager, or the person responsible for governance.”
IT modernization underlies many of the conversations about how to combat asymmetric threats and become more resilient. DoDIIS reflected the interest in technology to go beyond meeting a standard to improve mission outcomes. Diehl said the general impression given is the IC is several years behind industry in adopting more enabling technologies. A major concern is the limitation on accreditations for solutions. “If, for example, the CIA was accredited for a modernization effort, why can’t another agency use reciprocity to accredit the same solution?” Diehl asked. Another limiting factor, Trumbull added, is the consistent reduction in FTE rates at IC agencies, putting stress on budgets for high-level SMEs. Modernization can provide some relief here, as automating basic tasks relieves the need to find and hire experts at every level.
The cloud was a much-discussed topic, since cloud resources have been in use for several years now. With this perspective, several speakers and attendees at the conference expressed the need to look at cloud technologies holistically—does it always make sense in terms of cost and capability?
Smith described one speaker who said there’s value in having “the server where you want to do data analysis three feet away, as opposed to 3,000 miles away.” Geography matters, he said, adding that with stovepiped, air-gapped networks, it may not be practical to post certain data in the cloud, depending on the mission. But everyone agreed these are still the early days of cloud adoption for the government, and the long-term benefits and costs are yet to be seen.
Smith noted representation from across all the military and civilian intelligence agencies. But alongside them were high-level participants from the Navy, Coast Guard, and Air Force, as well as the State Department and the FAA. The interest in finding IT management solutions among government agencies of every description shows the urgency to manage the data leading to greater resilience and responsiveness, along with the wealth of resources being applied to the challenge.