recommended reading

Intelligence Community Backs Off Information Sharing


A recent solicitation issued by the Defense Intelligence Agency suggests the intelligence community has started to back away from developing a common technology architecture to foster information sharing -- a concept officials touted in February prior to revelations that National Security Agency contractor Edward Snowden was leaking top secret information to the press.

The Intelligence and National Security Alliance, a government and industry group, released a white paper on Feb. 11 based on input for development of a new intelligence community IT environment based on input from the chief information officers of the 16 intelligence agencies. It emphasized a common environment to enhance information sharing.

The paper, titled “Doing in Common What is Commonly Done,” said the intelligence community has  embarked on “a significant IT transformation . . . [which] focuses on enabling greater integration, information sharing, and information safeguarding through a common IC IT approach that proposes to improve mission and business processes, and substantially reduce costs.”

The paper quoted Neill Tipton, director of information sharing for the undersecretary of Defense for intelligence, who bemoaned the lack of common systems, a situation that made it difficult to share critical information in a combat environment. “You sit at a headquarters and you’ve got NSA guys on their NSA net, the NGA guys on the NGA net, the CIA’s on its own network. They’re all doing the same mission, supporting the same commander and working at the same objectives. But their idea of sharing data is sending emails to each other across their different networks. When we can roll into a theater of operations and bring in a single network to provide intel support to that theater, that will be success.”

The grand information sharing vision seems to have taken a back seat to security in the wake of the leaks by Snowden, which started in May and continue today. The Defense Intelligence Agency, in a request for information to industry released July 8, said the intelligence community plans to develop a common desktop environment that will support the use of shared services, such as VoIP phone calls and video. But the solicitation notes that DIA also is exploring an alternative, known as a desktop services model, that “allows agency users to remain in their native agency system domain and reach out to an IC DTE domain to gain access to common services.”

Steven Aftergood, director for the government secrecy project at the Federation of American Scientists, said this “implies reduced information sharing.”

Bernie Skoch, a retired Air Force brigadier general with extensive security experience, said, “Recent high profile cases of apparent human intelligence compromise will significantly shape any information sharing acquisitions for a very long time. Industry today can deliver a perfectly secure system, but it would be useless in sharing information. Or they can deliver the ideal information sharing platform, but it would likely be less than perfectly secure.  So the challenge continues to be finding the balance between information access and security, and I have yet to see a system that does both perfectly.”

The February white paper said the Office of the Director of National Intelligence plans to reduce the budgets of intelligence agencies over the next decade, and “leaders expect to reap a significant portion of their savings in information technology efficiencies.”

The white paper estimated that IT accounts for 25 percent -- $13 billion -- of the requested budget of $52.2 billion for the National Intelligence Program in 2014.

Aftergood said that the intelligence community will not realize the savings it anticipates from a common IT environment if the intelligence agencies embrace the option of continuing to operate in their own domains.

Skoch said the biggest challenge the intelligence community faces in development of a common environment also goes back to funding. “The program office absolutely must demonstrate that the solution it is pursuing will not only meet the requirements of the IC as a whole, but that it will respect the equities of all the players and at the same time deliver best value for their shrinking resource slices,” Skoch said.

“That won't be easy,” he said. “And if they fail, you can bet the operational necessities of the individual agencies will trump any call for an enterprise transformative strategy.”

(Image via wavebreakmedia/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.