Security is always too much, until it's not enough ...



Interoperability, Better Information SharingIn theIntelligence CommunityBrian DisorboSouthwestern CollegeAbstractDateline April 2005, the 9/11 Commission Report is published an effectively smashes the United States Intelligence Community1 (IC) for failing to share critical information leading up to the devastating attacks that took place in New York, Washington D.C. and Pennsylvania at the hands of well-motivated al Qaeda terrorists. The Commission calls for more Congressional oversight, the creation of a Director of National Intelligence and network-based information sharing among other things. Eight years later the IC has responded in kind and has implemented all of the key findings directed at the community by the Commission. This paper will explore the key implementations and positive actions taken by the IC in response to the 9/11 Commission’s findings.The “Commish”The 9/11 Commission report was some 585 pages long and contained a complete overview of what the commission found to be the problems leading up to the violent attacks of September 11, 2001. One of the most glaring issues fell squarely on the shoulders of the 16 agency IC, a pure lack of information sharing. The five recommendations aimed at the intelligence community were:unifying strategic intelligence and operational planning against Islamist terrorists across the foreign-domestic divide with a National Counterterrorism Center; unifying the intelligence community with a new National Intelligence Director; unifying the many participants in the counterterrorism effort and their knowledge in a network-based information-sharing system that transcends traditional governmental boundaries; unifying and strengthening congressional oversight to improve quality and accountability; and strengthening the FBI and homeland defenders.In the context of academia this paper’s focus is on how the intelligence community has implemented the first, second and third recommendations presented by the 9/11 Commission. These changes, while presenting several hurdles and forcing the intelligence community to overcome interagency bias have come to fruition through processes implemented by Office of the Director of National Intelligence, which was created and established in April of 2005 as a direct result of the 9/11 Commission Report.Progression of InteroperabilityAs with any “new” recommendations that affect such a large and diverse group of professionals it seems there have been almost as many steps backwards as there have been forwards, but as with any process there will always be inhibitors and enhancers. In the case of the IC, one of the biggest hurdles to overcome is the organizational loyalty many employees feel towards their employer. As Air Force Major Andrew Green, cited in his Masters Degree dissertation for the United States Air Force, Air Command and Staff College, titled, “It’s Mine! Why the U.S. Intelligence Community Does Not Share Information”, the chief reason for the lack of sharing within the I.C., relates back to the human factor, and outlines the fact “Organizations are social units (or human groupings) deliberately constructed and reconstructed to achieve specific goals” (Major Green, 2005). In layman’s terms, people have a strong sense of organizational loyalty and that loyalty does not lend itself well to sharing. “Moreover, the information/intelligence sharing among various elements of a Combined Joint Special Operations Task Force - which is actually a more difficult case of intelligence dissemination - affects the intelligence process starting with the collection phase. Vanotten (2005) observed that, "anytime people from different cultures come into contact with one another, there is the potential for tension and misunderstanding" (p. 32). He suggested that a psychological premise might slow down the information/intelligence sharing process. Such a premise may arise because of differences between the intelligence cultures of the CJSOTF (Combined Joint Special Operations Task Force) members. Moreover, it may arise because, at times, some CJSOTF members might consider themselves superior to the other members (Negulescu, 2011). I believe these organizational hurdles were simply overcome by events, to wit, IC agency heads forcing a “crashing” of sorts through the use of Joint Task Forces, multi-agency fusion cells and combined/joint intelligence operations centers that typically see several IC, DoD and occasionally state agency employees, working together to analyze, vet, and disseminate critical intelligence to those who have the authority vested to make a decision on whether or not the information is actionable. If it is actionable, all of the analysis/analyst work has been done, and the information can immediately be released to the Director of National Intelligence who will make a decision, in coordination with the head of the originating agency, on whether the intelligence is viable enough to be briefed to the President for possible action. As the interoperability “loop” comes full circle it can be found operating all the way down to the local/state level. “By building trusted relationships and collaborating with SLTT and private sector partners, fusion centers can gather and share the information necessary to pursue and disrupt activities that may be indicators of, or potential precursors to, terrorist activity. With timely, accurate information on potential terrorist threats, fusion centers can directly contribute to and inform investigations initiated and conducted by federal entities, such as the Joint Terrorism Task Forces led by the Federal Bureau of Investigation” CITATION DepND \l 1033 (Department of Homeland Security, N.D.) While looking over the DHS’s, Fusion Center Success Stories webpage I noted that the information involving the fusion cells never outwardly named the intelligence community proper as information was being relayed up or down the fusion cell chain, but the articles do make mention of particular IC agencies that were instrumental in information being passed/acted upon. Of note were mentions of the Bureau of Alcohol Tobacco and Firearms (Department of Justice) and the Federal Bureau of Investigation. While these agencies were not on the “front lines” of the arrests the information they collected and passed down the chain and relayed further up the chain were absolutely critical in seeing justice done on those attempting to utilize improvised explosive devices at a Colorado shopping mall.Have “LAN” Will TravelIn my current position with U.S. Special Operations Command I work across six separate LANs on any give day. That means I have six separate passwords, six separate e-mail accounts, and six different ways to connect to the Internet. The classification of the LANs range from UNCLASSIFIED all the up to what I call the high side LANs these include a SECRET//NOFORN (No Foreigners), SECRET//SPECIAL ACCESS REQUIRED//ALTERNATIVE COMPENSATORY CONTROL MEASURES, TOP SECRET//SENSITIVE COMPARTMENTED INFORMATION, AND TOP SECRET//SENSITIVE COMPARTMENTED INFORMATION//SPECIAL ACCESS REQUIRED//ALTERNATIVE COMPENSATORY CONTROL MEASURES (protocol calls for the overall classifications to be spelled out in all caps), and one additional LAN. I feel it’s important to illustrate this point because no less than five years ago I only had two LANs to work across and those were UNCLASSIFIED and SECRET. In today’s operating environment the sharing of information has improved vastly at the behest of the Director of National Intelligence who was charged by Congress to, “Ensure that timely and objective national intelligence is provided to the President, the heads of departments and agencies of the executive branch; the Chairman of the Joint Chiefs of Staff and senior military commanders” CITATION Off \l 1033 (Office of the Director of National Intelligence, N.D.). In other words, if it’s important enough to tell the President, the DNI is the guy that is going to do it. In addition to keeping the President, heads of departments and agencies of the executive branch; the Chairman of the Joint Chiefs and other senior military commanders informed the DNIs other charges include, “Establish objectives and priorities for collection, analysis, production, and dissemination of national intelligenceEnsure maximum availability of and access to intelligence information within the Intelligence CommunityDevelop and ensure the execution of an annual budget for the National Intelligence program (NIP) based on budget proposals provided by IC component organizationsOversee coordination of relationships with the intelligence or security services of foreign governments and international organizationsEnsure the most accurate analysis of intelligence is derived from all sources to support national security needsDevelop personnel policies and programs to enhance the capacity for joint operations and to facilitate staffing of community management functionsOversee the development and implementation of a program management plan for acquisition of major systems, doing so jointly with the Secretary of Defense for DoD programs, that includes cost, schedule, and performance goals and program milestone criteria” CITATION Off \l 1033 (Office of the Director of National Intelligence, N.D.)Of those criteria listed the one that stands out to me, or perhaps the most germane in the context of this paper is the fourth bullet. The Director of National Intelligence has been charged to ensure the most accurate analysis of intelligence is derived from ALL sources to support national security needs. This means having each of the 16 agencies working together in a manner that encourages information sharing. While the DNI is responsible for coordinating the actions and up-channeling information into the stratosphere of government the Intelligence Community Information Sharing Executive has the chief responsibility of, “Defining appropriate mechanisms for developing information sharing relationships.Enhancing capabilities to correlate and disambiguate large volumes of information.Enhancing capabilities to easily and quickly search and access all information for which a user is authorized.Implementing a standard trusted identity and access management capability.Deploying phased enhancements to processes and technology tools to actively track user activities, trigger suspicious trends, and provide continuous assurance that data remains accessible and protected.Incorporating information sharing material into new and existing training and other relevant programs” CITATION Off \l 1033 (Office of the Director of National Intelligence, N.D.).To that end I can affirm the Intelligence Community has undoubtedly squared their shoulders and they took responsibility and ownership of a robust Internet system that allows information sharing across all 16 agencies of the intelligence community. Working on a system like JWICS, or the Joint Worldwide Intelligence Communications System, I can say that I can find the information I need, or simply want, by going to the responsible agency website. For instance, if I wanted to get a map of the United States I would go to the National Reconnaissance Organization’s webpage and perform a search. If I wanted information on a particular terrorist network I could go to the FBI webpage and search. As a security professional the feature I appreciate the most about using the high side LANs is that the information that is there for “public” consumption (I say public consumption because users must have a minimum TOP SECRET//SCI security clearance to get an account) is very general information, it is classified, but general. In order to get information on specifics, say the currently operational capabilities of a country’s army, users must request access to the agency’s information. That request is vetted through the requestor’s supervisor and internally through the agency and the requestor’s security clearance and accesses are verified before permissions are granted, and access is never guaranteed, there also has to be a valid need to know.Furthering the information-sharing environment is the advent, acceptance and installation of secure video-teleconferencing (VTC) equipment. Whereas prior to the VTC being accepted travel was a must in order to have conferences and meetings. The VTC saves taxpayers money while allowing information to be freely exchanged in a multi-agency collaborative environment. Another advantage to utilizing the VTC is the fact that it expedites the dissemination of information throughout the entire intelligence community. Prior to the use of high side LANs, and VTCs the options of disseminating information were fairly limited. There were Secure Telephone Units, Or STUs (pronounced “stew”), and secure cabling services and of course the use of the Defense Courier Service. I’ve used the STU series of telephone and found there to be more time spent asking the person to repeat what they just said, a horrible echoing effect or a plain, old fashioned dropped call than actual information being shared. It was great technology for its time and did help information flow but nowhere close to effectively as today’s technology allows. In this particular case I submit that todays technology allows for real time sharing of information, which was a major finding of the 9/11 Commission Report.To take it a step further having the ability to send classified slides over secure e-mail ensures the information reaches end users and deepens the collaborative effort. I believe that this ultimately lends itself well to fostering a true sense of community within the intelligence community and lends itself well to not just the agency accomplishing its mission, but ties directly back to the ODNI and Intelligence Community Information Sharing Executive accomplishing their respective charges.Pushing ReciprocityI recently finished a weeklong course hosted by the Office of the Director of Nation Intelligence titled, “ICD 705/Lifecycle of a SCIF” (ICD = Intelligence Community Directive). The class was designed and instructed to teach participants about the complete lifecycle of a Sensitive Compartmented Information Facility (SCIF, pronounced Skiff) and was heavily focused on the utilization of joint SCIFs. For me it was an obvious departure from the days of agencies acting to fiercely protect their information and when a Co-use Agreement was put in place only after the highest levels of management at each agency finished a 12-round heavyweight fight with each other. The tides are obviously changing for the better within the community as more of a “communal” approach is being taken to the information being produced by these highly skilled agencies. By communal I mean the community, pushed by the ODNI, and backed by the Under Secretary of Defense (Intelligence) Dr. Vickers, is pushing for better reciprocity with respect to personnel security clearances throughout the DoD and IC, which is the first step in the information sharing chain. Bottom line is that the IC has been granted the authority to complete security clearance investigation and adjudication separately from the process the DoD uses, and previously did not accept DoD personnel security clearances through a reciprocal process. With the current initiatives underway the IC, within the last 8-12 months has begun using a system of reciprocity to vet DoD employees.As I mentioned, the first step in the sharing process is the acceptance the personnel security clearances. With that piece figured out the next step comes in the form of sharing space. Joint facilities are slowly becoming a reality and as more joint facilities spring up I have a feeling that the information sharing process will begin to really come to fruition. In the out years of this new joint information sharing environment it seems that the only natural outcome can be, even if by default, a more natural, comfortable environment of free flowing information. Think about it like this, there are two people from different agencies working on similar mission sets sitting 10 feet away from each other, holding the same security clearances, and one stumbles upon something that can help his fellow SCIF-mate out. Is he really not going to share? I don’t think so. “Mike McConnell, has made a strong statement to all intelligence professionals with his direction that it is not enough to share intelligence: There is a responsibility to provide it” CITATION Arm07 \l 1033 (Armed Forces Communications and Electronics Association, 2007). I’m not sure there that there is a more compelling way to say it!Fiscally Speaking of Course...Why now? Why the sudden urge, some twelve years after the September 11th attacks is the Intelligence Community finally moving towards a more robust sharing infrastructure? I have a sneaking suspicion that it is a combination of the push from above, but perhaps more compelling is the crunch every government organization is feeling with the Sequestration measures that are being forced upon them. The bottom line is that the bottom line is shifting and agencies are feeling the impact of budgets being slashed across the board along with the employee base.It makes more sense now more than ever to begin accepting security clearances seeing as how the average cost of a security clearance is somewhere in the neighborhood of $3,000 per person. Multiply that by the number of personnel an agency will clear in a year and add in the number of people they refuse to accept and have to vet themselves due to no reciprocity and the bill can tally up fast. Now, add to the expense the cost of a brand new SCIF constructed to the ICD 705 standard and that cost multiplies exponentially. Construction of a SCIF is a pricey venture no matter the size of the facility due to the enhanced security features contained therein. Depending on the location there can be multiple layers of drywall, soundproof batting, and #9-10 gauge expanded metal in the walls, solid core doors, high security locks, a complete intrusion detection system, security containers, specialized ductwork, unique requirements for radio frequency emanation mitigation and A LOT of specialized communications equipment that needs to be installed. A moderately sized SCIF in the National Capitol Region could cost an agency upwards of $500,000 or more depending on location. Remember, SCI information is directly related to the national intelligence mission so there is a premium for adversaries to attempt to collect against whatever is being processed within the facility. To mitigate the collection threat there are technical security countermeasures that need to be put in place such as a faraday cage or completely “wrapping” the facility in RF-Foil. It all adds up.The “new” way of thinking is that if an agency needs a SCIF built in Los Angeles, the first step in the process is seeing if another agency already has a SCIF in the vicinity. If another agency is already established security elements will reach out and enquire about retaining space or paying for a modification to the already established SCIF. It is a two birds – one stone scenario in that the seeking the agency doesn’t have to pay for a brand new SCIF and the gaining agency inherits more space that they need not pay for. Further it enhances information sharing due to the close proximity of being in the same space.While each agency has a different mission they all have a common goal in place and that is the protection of the homeland. For example, the Central Intelligence Agency's mission is: “Collecting information that reveals the plans, intentions and capabilities of our adversaries and provides the basis for decision and action.Producing timely analysis that provides insight, warning and opportunity to the President and decision makers charged with protecting and advancing America’s interests.Conducting covert action at the direction of the President to preempt threats or achieve US policy objectives” CITATION Cen13 \l 1033 (Central Intelligence Agency, 2013).and the National Reconnaissance Organization’s mission is simply, “Innovative Overhead Intelligence Systems for National Security” CITATION NatND \l 1033 (National Reconnaissance Organization, N.D.), the missions, at some point interlace as information from NRO is inevitably requested by almost every agency within the IC. ConclusionIt was President Kennedy that said, “Change is the law of life. And those who look only to the past or present are certain to miss the future.” I believe the Intelligence Community and Department of Defense really have no choice now than to look at the future and truly embrace the change that has already started occurring. As this paper flowed from the findings of the 9/11 Commission Report into Interoperability, the creation of high side LANs, Reciprocity and the current fiscal crisis, it is apparent that the changes underway, and those leading the changes need to remain steadfast and mission focused. No machine as big as the Intelligence Community or Department of Defense have the ability to turn on a dime, the important thing to remember is that the changes are happening now and will continue, no matter how cumbersome, to come full circle.Perhaps the most important aspect of this transformation of the Intelligence Community is for it’s leaders to not only recognize, but also embrace the fact the Cold War is over. The mentality of the Russians crashing through Europe and sending their “Russian Bear” bombers over the pole to launch a nuclear attack on the United States needs to change. Leaders need to recognize and more importantly embrace the fact that the employees being hired now are of what I call the “Information Now” generation. These are people that were kids when the technology boom began and they are used to the free flow of information and want collaboration. They are used to getting the answers to whatever they, whenever they want it. They are the ones that embrace “smart” technology and have an innate understanding of how it works. I say the time is now, now is the time for leaders throughout the Government take advantage of this generation and begin learning from them! Why do I propose this in an academic paper? I found it germane to the paper after hearing one of the lecturers at the ICD 705/Lifecycle of a SCIF class tell us that the CIA was having trouble retaining quality employees. The reason? Because the rules governing PEDs (Personal Electronic Devices), prevent the introduction of smart technology, i.e. smartphones and tablets, CD players, MP3/4 players, and the like from entering a SCIF. The bottom line was that the kids CIA was recruiting were leaving and taking jobs elsewhere that didn’t require them to leave their cell phones in their cars or at home. Now, no one understands the “why” better than me, thank you Mr. Snowden. But I will submit that there have got to be workarounds out there somewhere! There’s no harm in putting together a team of Information Technology experts that can figure out ways to disable the video cameras, microphones and still cameras contained in these smart-gadgets so that these kids can have these devices with them. Perhaps the slow growth of information sharing stem’s from the unwillingness of leadership to change with the times. I know I find myself at times having trouble coming to grips with some of the changes coming down the pike. Ultimately, regardless of what happens, I do see a future of robust information sharing at ALL levels of government, to include Federal sharing with both state and local authorities, I know that it’s just a matter of having the right people plugged in to the right positions at the right time to really kick the efforts up to a grandiose level. For better or worse the Intelligence Community is changing and I can’t wait to see where the ride takes us!Figure 1.1 – The Intelligence CommunityFigure 1.1 – The Intelligence CommunityThis is a graphical representation of the Intelligence Community with the DNI at the center. As you can see each agency reports to the DNI and shares a relationship with the other member of the community.References BIBLIOGRAPHY Armed Forces Communications and Electronics Association. (2007). The Need to Share: The U.S. Intelligence Community and Law Enforcement. Armed Forces Communications and Electronics Association. Armed Forces Communications and Electronics Association.Associated Press. (2013, July 10). Justice Dept. and FBI criticized on Boston bombing information sharing. Retrieved August 09, 2013, from Foxnews: Intelligence Agency. (2013, January 10). About CIA. Retrieved November 05, 2013, from CIA Vision, Mission & Values: of Homeland Security. (N.D.). National Network of Fusion Centers. Retrieved November 03, 2013, from State and Major Urban Area Fusion Centers: of National Intelligence. (N.G.). IC Information Sharing Executive. Retrieved August 12, 2013, from Director of National Intelligence: , T. H. (2007). Why Is the Intelligence Community So Difficult to Redesign? Smart Practices, Conflicting Goals, and the Creation of Purpose-Based Organizations. Governance , 20 (3), 401-422.Koblin, A. (2008, August 12). Flight Patterns - Altitudes and types. Retrieved July 22, 2013, from Sandbox: Green, A. W. (2005 July). It's Mine! Why the U.S. Intelligence Community Does Not Share Information. Retrieved 2013 28-July from Air University: Reconnaissance Organization. (N.D.). NRO Vision, Mission, & Values. Retrieved November 06, 2013, from National Reconnaissance Organization: , F. (2011). Intelligence Sharing and Dissemination in Comboned Joint Special Operations. Journal of Defense Resource Management , 2 (2), 99*104.NY Times. (2009, January 22). Text: Statement of Dennis C. Blair. Retrieved July 22, 2013, from NY Times: of the Director of National Intelligence. (N.D.). IC Information Sharing Executive. Retrieved November 06, 2013, from Policy & Strategy: of the Director of National Intelligence. (N.D.). ODNI FAQ. Retrieved November 05, 2013, from Office of the DIrector of National Intelligence: States Congress. (2004 йил 17-December). Public Law 108–458—DEC. 17, 2004. Retrieved 2013 йил 06-August from Intelligence Reform and Terrorism Prevention Act of 2004: *Peer Reviewed/Scholarly Articles ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download