recommended reading

Cloud will change intelligence community's business model

Cloud computing has the power to not only change the way the federal intelligence community manages information technology, but also to fundamentally change agencies' business models, according to a report released Tuesday.

That change will be effective, however, only if intelligence agencies are prepared to modify their own organizational cultures to match the new technology and to learn from similar transitions in the corporate and civilian government spheres, the report from the nonprofit Intelligence and National Security Alliance said.

Most important, the report noted, successfully moving to cloud infrastructure will require shifting the acquisition cycle to enable the Defense Department and intelligence agencies to launch programs in one or two years rather than five years or more.

At its most basic level, the transition to cloud storage and computing means the intelligence community is better able to parse new troves of open source and signals information such as social media posts and cellphone transmissions, experts said during a panel discussion on the report sponsored by INSA and by Nextgov's editorial partner Government Executive magazine.

"Because of the explosion of technology around the world, there's a tremendous amount of insight we can gain into people and cultures that's not through classified sources," said Terry Roberts, executive director of the Carnegie Mellon Software Engineering Institute's Acquisition Support Program and a former deputy director of naval intelligence.

"So it's really about how do you effectively access all of that information and process that information and certify it and blend it with classified sources," she said. "Ten years ago that [open source information] might have been, maybe, 10 percent. Now, I think it's reaching more than 50 percent of the key information that we need to be analyzing and understanding."

Cloud computing also allows users to rapidly expand and contract the amount of computing they use for a particular project, which is a good fit for the process of sifting through open source Web data, much of which involves separating out a little bit of intelligence or a hidden pattern from a huge amount of noise.

On another level, the shift to cloud means intelligence that once was collected agency by agency and the intelligence community historically strived to share more easily can now be stored in shared clouds and accessed across agencies based on credentials, the experts said.

"Now the [National Security Agency] is leading a lot of these cloud substantiations on behalf of the entire intelligence community . . . that's the beauty of this opportunity," Roberts said.

The INSA report described this shift as moving from an "infrastructure-centric" to a "data-centric" business model.

Cloud computing is "not a panacea," said Bob Gourley, founder of Crucial Point, a technology research firm, and an author of the INSA report, echoing a statement by Director of National Intelligence James Clapper.

"For example," the report noted, "when an application uses an entire physical machine or is sized to use multiple dedicated physical machines, then it may not be a good candidate for moving to the cloud."

(Image via Jirsak/

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.