At the CIA, the Directorate of Digital Innovation is recruiting cyber operations officers who can gather intelligence data from adversarial systems using advanced tools, techniques and tradecraft. The agency is also partnering with cloud computing and infrastructure platform providers – including Amazon, Google, Oracle, Microsoft and IBM – to boost its artificial intelligence initiatives.
The National Geospatial-Intelligence Agency (NGA) depends upon the AI-powered Source Maritime Automated Processing System (SMAPS) to structure unstructured data from ships so analysts can more rapidly and accurately interpret information about potential hazards at sea.
Across the board within the Intelligence Community (IC), agencies deploy AI, machine learning and additional tools to monitor for threatening activity on social media, track human activity and better process and translate speech-to-text taken from conversations in more than 90 different languages, among other needs.
These and additional developments illustrate how data is playing an increasingly critical role in IC operations and mission support – with complex analytics now as ingrained into the culture as clandestine meetings. To counter our adversaries’ use of these tools, leadership is looking to enhance and standardize its approaches: The IC Data Strategy 2023-2025 establishes a path for agencies to leverage data so they can “operate, collaborate and communicate securely and at the speed of mission” while respecting both laws and values.
“In this hyper-connected, data-driven digital world, the intelligence challenges we face are much more complex and interconnected than ever before,” the strategy states. “[Technology advancements] are making it more difficult for government entities to anticipate the need for, acquire and manage these capabilities at the same pace that our adversaries and the global community are able to integrate them into their systems … It is no longer just about the volume of data, it is about who can collect, access, exploit and gain actionable insight the fastest, as they will have the decision and intelligence advantage.”
In response to the challenges, the strategy then introduces four primary focus areas for capability improvements. We will present them here, along with recommended best practices to help achieve them:
Perform end-to-end management to reduce the time of secure data flow
Best practice: Agency decision-makers and their teams spend too much time attempting to catalog their data, and then set policies for it. But teams don’t spend enough time developing ways to safely share data and then maximize its value – quickly.
Chief data officers and other digital leaders must make it clear that the cataloging of data amounts to simply a starting point. The next, critical step is getting IC teams to make data accessible and sharable – and secure. Their strategy has to readily enable teams to get to this second stage swiftly.
Deliver data interoperability and analytics at speed and scale
Best practice: Outdated security policies are keeping teams from achieving this, by creating time-consuming roadblocks to ready access. Digital leaders must replace these with systems and practices based upon an attribute-based access control (ABAC) model.
ABAC allows for dynamic access decisions through combining user, for example clearance level, location, certifications, and data attributes. Coupled with data-use agreements and activity logging, authorized users proceed without security-based bottlenecks/friction while avoiding new risks for their agencies. ABAC is based upon user and data attributes for security, determining who should have access to what and then authorizing them in real-time.
Advance all partnerships for continued digital and data innovation
Best practice: Too often, decision-makers and their teams – whether within international governments, private industry or academia – are determined to accumulate massive volumes of data, and then lord over their private, digital fiefdoms without sharing lessons learned which would benefit all.
We need to recognize that we are all in this fight together against cyber criminals. By creating a coalition of allies everywhere to share our combined knowledge, our capability for maximizing the protected use of data will have no limit. The IC, for instance, has learned much about gathering threat intelligence and disrupting malicious activity. We must do more to take advantage of such knowledge for the greater, global good.
Transform the IC workforce to be more data-driven
Best practice: We have to build a workforce that is skilled at using data to best inform decisions. Today’s young people rank the fields of science, technology, engineering and mathematics (STEM) as their top career choice, with many of them seeking to work for the CIA, FBI and other IC/Justice/Homeland Security agencies. We should help them get to where they want to go, by funding early-phase STEM education programs everywhere.
If history has taught us anything in the past quarter-century, it’s that our adversaries are quite willing and able to share resources and insights to exploit data faster and more effectively than ever. The IC Data Strategy brings the potential to empower us with the same formidable force, in the interest of “recognizing, discovering and sharing data to enable mission value and actionable intelligence,” as the strategy states.
We can only do so, however, if we dispense with constrictive systems and policies and work together to adapt tools and practices which are designed for the modern digital age. Immediate and secure access, global partnerships and a commitment to early talent development will greatly benefit our collective community. We should get started on this now.
Chris Brown is Chief Technology Officer at Immuta, whose data security platform provides sensitive data discovery, security and access control to the intelligence community.