recommended reading

CIA Live: Spy Agency Holds Public Summit

CIA Director John Brennan

CIA Director John Brennan // Carolyn Kaster/AP

In the first public conference given by the CIA, the agency's head defended the practice of surveilling cyberspace for threats, but questioned the extent to which potent tracking capabilities should be applied. 

“If we are to understand the world we cover and to provide our policymakers with the intelligence that they expect, if not demand, we must immerse ourselves in that frontier and adjust our tradecraft accordingly," CIA Director John Brennan said at the event held Wednesday. "In developing powerful tools to meet this challenge, CIA and the community partners face a question that may be unprecedented in our history: If we possess an extraordinary technical capability and are legally authorized to use it, should we necessarily do so?"

Cyberspace presents difficulties for intelligence analysts because it has no power structure, he said. 

"The problem is much more than cyberattacks per se; it is also about the technologies that make it possible to study bomb-making on the Internet, to case a target remotely, and to coordinate among far-flung associates in order to carry out a sophisticated attack," Brennan said. "Aided by the cyber domain, individuals in small groups, not only nation states, now have the power to sow enormous destruction -- greatly expanding the number of threats that our government must monitor to keep our nation safe."

The daylong conference came on the heels of the CIA's jaunt into the domains of Twitter and Facebook on Friday. The agency's first tweet -- "We can neither confirm nor deny that this is our first tweet" -- had been retweeted about 300,000 times as of Wednesday afternoon. And the agency has more than 600,000 followers so far. 

Brennan said the cat-and-mouse game of following bad actors covertly online poses a threat to the intelligence workforce.

"Digital footprints may enable us to track down a suspected terrorist, but they may leave our officers vulnerable as well," he said. "Websites and digital platforms can shed light on the practices of despotic regimes, but they can also be used to inspire violence against our citizens and interests."

Wednesday's event took place at Georgetown University and also was live streamed over the Internet. 

During Brennan's 30-minute speech, he also emphasized the importance of continuing to collect intelligence in a society now loaded with big data. 

"I can assure you that CIA still provides information and analysis that social media, news organizations and our foreign intelligence partners simply cannot," he said. "A key reason is the type of information our agency collects, not just intelligence but human intelligence."

He added: "At their best, human sources go beyond the dry facts of an issue and help discern the intent of an adversary…We must focus our efforts on uncovering secrets that only human sources can acquire: those that are typically locked inside the inner circle of an adversary." 

Threatwatch Alert

Network intrusion / Spear-phishing

Researchers: Bank-Targeting Malware Sales Rise in Dark Web Markets

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.