recommended reading

How the CIA's Cloud Puts Fresh Tech at Analysts' Fingertips

Gil C/Shutterstock.com

The classified cloud computing infrastructure delivered two and a half years ago by Amazon Web Services to the CIA continues to pay dividends for the intelligence community. AWS' newest service—a classified marketplace for applications—is exponentially reducing the time it takes to bring new software into the IC.

“This is a game-changer for us,” CIA Chief Information Officer John Edwards told Nextgov. “Things that used to take us months take us minutes.”

For the 17 agencies that comprise the IC, time is critical. Before AWS launched the IC Marketplace for the CIA in April, it could take “nine to 12 months to bring in a new application,” Edwards said.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The classified marketplace for applications is similar to AWS’ public marketplace. Applications required market surveys, a contract or purchasing vehicle, and testing time. The process left analysts and data scientists waiting—and generally using outdated technologies compared to leading industry counterparts.

“We’d spend tens of millions of dollars and still be six or seven years behind where everyone else is in the commercial world,” Edwards said. “These guys are driving us to operate at their speed. We need to not act like the government, but more like commercial [companies], and operate at the speed of mission and not the speed of government.”

A recent demonstration of the IC Marketplace to the CIA’s top three officials left them impressed, Edwards said. In less than 3 minutes, an analyst sat down, downloaded a DevOps workspace and application from the marketplace and populated the environment with data. That kind of speed matters in national security.

The marketplace allows analysts, data scientists and developers to quickly select tools for specific problems or use the try-before-you-buy feature from AWS’ public marketplace. Software licensing typically precludes this kind of agility—an issue the Government Accountability Office has repeatedly identified as costing the government billions—with acquisition officials handcuffed by costly upfront agreements. No agency wants to be left short on licenses, so acquisition officials sometimes overestimate how many to purchase, potentially resulting in overspending millions of dollars.

Users can spin up approved applications in the C2S cloud to deal with specific mission needs, and if they don’t work, “blow up that instance and download another application," Edwards said.

The intelligence agency is only billed for storage and compute used, which skirts the problematic nature of estimating how many licenses of a software product to purchase. That frees up analysts and others to “play” around in the C2S environment, testing applications and preparing for whatever mission needs might arise.

“Once you have that [application], it works with my mission data, and it solves a problem,” Edwards said. “I can lease that for as long as I want, and use for as little or long as I want to. I can buy exactly what I need, for exactly as long as I need it.”

Edwards echoed peers at the CIA in saying the cloud infrastructure opened the doors to software offerings from startups and other companies that previously felt the government too burdensome a customer to pursue. Companies are busting down the virtual door trying to get their offerings before the CIA now because there’s an easy way for them to do it.

That’s also one of the big challenges, Edwards said. While AWS’ public marketplace has 3,500 commercial applications, the IC Marketplace only has 72. Both AWS and the IC vet applications, looking for things like foreign ownership in companies. Edwards said while the CIA is “tweaking the process to make it faster,” resource hurdles exist.

“Some of that is resources, and we’ll apply more to processes, but you can only do so much,” Edwards said.

Nonetheless, 200 applications are in the IC Marketplace pipeline at some stage of vetting, prioritized “based on their bang for the buck” to the IC. The CIA is striving for commercial parity, but it’s only interested in applications “with relevance to the intelligence community,” Edwards said. That means big data, analytics and geospatial applications have the inside track.

Transactions are handled by the IC Marketplace, and the IC pays through the original 10-year C2S contract, initially valued at $600 million for a classified cloud computing infrastructure. Because that contract has options for additional services like the IC Marketplace, it’s likely the value will increase over time.

Edwards said the C2S contract is “not so much about savings of dollars, but more about the impact to mission.” He estimated there would indeed be dollar savings over time—by less use of costly internal data centers, for example—but said the CIA’s partnership with AWS better positions itself to deal with the fiscal realities of today.

At the same time, budgets have decreased, mission demand has increased, so innovation that improves agility and speed-to-market are very real ways the CIA is trying to balance between those stark realities.

“As demand goes up and budgets go down, we’re still meeting mission demand,” Edwards said. “It’s allowing us to absolutely operate within those two lines.”

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.