The Intelligience Community Information Technology Enterprise program has reshaped how intelligence agencies share information, says Coast Guard Capt. Lee Scruggs.

Jul 22 2016
Security

The Intelligence Community Is Sharing More Data, and Making IT More Secure

The intelligence community’s ICITE program has forged a standardized platform for technology and data.
by

Karen J. Bannan is a freelance writer and editor who has written for a variety of publications including The New York Times, The Wall Street Journal, Time and CIO.

Making sense of the mountains of information collected by agencies within the intelligence community has been a major challenge — one made even more significant by the differences in technology and data from agency to agency.

But a steadily maturing program within the community is helping to address some of its most serious challenges. The Intelligence Community Information Technology Enterprise program, commonly known as ICITE (pronounced eyesight), is improving the way agencies handle, store and analyze data.

ICITE was established in 2012 to help agencies share data more freely using common standards and platforms. The program provides a collaborative environment in which analysts can work. No collaborative environment existed in the past, and now the ICITE program has established a common desktop for users to work from, an App Mall from which users can download community applications, and the IC Cloud for data storage.

Improving How Data is Collected and Shared 

ICITE completely changes the way data is used and analyzed, says Capt. Lee Scruggs, chief technology officer and acting CIO at the Coast Guard Intelligence agency.

“Adopting ICITE has made us realize that we need to mature how we obtain, curate and share Coast Guard–unique data,” he says. “We’re also working on improving our efforts to standardize data to conform to other platforms, and also to build a Coast Guard data services model that will normalize processes to authorize, obtain and share data.”


SOURCE: Office of the Director of National Intelligence

For Coast Guard Intelligence, this has made it easier to identify possible vulnerabilities as well as to vet and process information requests. “The requests get the rigor they need prior to approval, but a more standardized approach will enable us to better evaluate requests,” says Scruggs.

Helping Analysts Get to Data Faster 

The program also improves how the community uses metadata, an important boost in the wake of a 2015 legislative change that forced the National Security Agency to obtain legal permission to collect metadata on telephone calls.

“Any time you have good metadata, you can get value from that metadata by correlating it with others,” said NSA Deputy CIO Sally Holcomb during a speech in April.

By pooling data, ICITE allows analysts from disparate agencies to work together to find potential issues and risks. “ICITE takes the next step and puts all of the data in the same place and tags the data so people who have the need for that data can discover and access it,” says Shishu Gupta, deputy CIO at the National Geospatial-Intelligence Agency (NGA). The data is treated as a common resource, allowing users to find mission-relevant information.

For example, Beth Flanagan, ICITE mission lead at NGA, says the agency used data from ICITE to greatly expedite research that linked the Syrian government to an August 2013 chemical weapons attack that killed more than 1,500 people. “The power of ICITE, of integrated intelligence, is reducing the time our analysts hunt and peck for data. It makes it easier for them to interrogate data,” Flanagan said during a presentation at an April security conference.

Making IT More Secure 

Intelligence officials say ICITE also has delivered significant improvements in security. From an infrastructure perspective, the program limits the number of IT resources that need to be protected, as well as the number of points where human error can be introduced, Gupta says.

“Do in common what is commonly done — it’s the core tagline of the IT transformation,” Gupta adds. “We want to designate service providers who can build a service one time and make it available to the community.”

These common services include a desktop for ICITE users, which provides standard operations such as email and office systems. NGA also has delivered some enterprise management functions for use throughout the intelligence community.

Cloud-based common enterprise services also allow for layers of security through attribute-based controls and multifactor authentication, says Kyra Fussell, an analyst at Deltek.

“There’s an aim to advance security capabilities as the intelligence community promotes data-sharing by tagging both data and users, ensuring that information is accessible only by the appropriate people,” she explains. “The development of standard network design models will further enhance security by focusing risk management.”

With a designated service provider, the demands on IT staff at individual agencies are reduced. “As we move to a common infrastructure layer like the cloud, we can spend less time running IT equipment and more time writing software that is core to our business.”

Cultural Change Can Be a Stumbling Block 

Since its establishment, the Intelligence Community Information Technology Enterprise has faced many obstacles. One of the toughest, says David Shedd, former acting director of the Defense Intelligence Agency, has been dealing with the changes the program has required in contracting and culture.

These challenges affected not only intelligence agencies but also the vendors and service providers they work with, as well as the lawmakers who fund them. ICITE intends to break down data silos and offer a broader range of capabilities to organizations, but this goal requires agencies to break through barriers that have grown over time.

“The biggest stumbling block is culture — the resistance of change,” Shedd explains. “And it’s not just what people don’t want to do. There’s a whole new architecture of contract design necessary. Now you have the contracts of a software vendor or a consulting firm and they say, ‘I have a contract with NSA. Why would I provide services to the DIA, CIA and NGA for free? We want individual contracts.’ ”

There is good news, however. Agencies are making progress, Shedd says, in dealing with issues that have arisen between vendors and service providers.

Brad Howell

More On

Related Stories

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now