While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
The days of Kremlinologists at the Central Intelligence Agency poring over black-and-white photos of Soviet leaders for hints as to activity in Moscow are long gone. A generation after the end of the Cold War, the CIA has finally embraced the digital world, and agency leaders see the relatively new Directorate of Digital Innovation (DDI) as their best way to address the new world of cybersecurity threats.
The DDI, which the CIA launched in the fall of 2015, was the spy agency’s first new directorate since 1963. The DDI is charged with infusing digital and cyber capabilities throughout the CIA and overseeing the career development of the agency’s digital and cyber experts. Additionally, the DDI is also responsible for making sure the CIA’s digital technology keeps pace with rapid technology innovations and cybersecurity trends.
CIA Director John Brennan said during a July 13 event at the Brookings Institution in Washington that if the agency wants “to excel in the wired world, the digital domain must be part of every aspect of our mission,” according to FCW.
“It means that our analysts must be able to quickly process and analyze enormous volumes of data,” Brennan said. “And it means that our IT experts must be able to harden our networks against intrusion and better protect our very important and sensitive sources and methods.”
Sean Roche, the CIA’s associate deputy director for digital innovation, told Bloomberg News last month that in today’s world, “people are putting all their thoughts, their conversations, their movements, their ideas into this digital stream,” and that the CIA should take advantage of this change in behavior, but not become overwhelmed by it.
Roche, speaking from the Aspen Security Forum in Colorado, told Bloomberg that Russia, China, Iran and North Korea are among the fiercest cyber adversaries of the United States. “They’re targeting data of all forms,” he said, referring to their quest for intellectual property and sensitive information that could help those countries achieve national aims. In other instances, Roche said, the cyberattacks are just “plain-old thuggery” aimed at causing disruption.
At the Brookings event, Brennan said that cyberattacks and advances in technology have made it possible for “adversaries to sabotage vital infrastructure without ever landing an agent on our shores,” and noted that DDI “is deeply involved in our efforts to defend against foreign cyberattacks.”
The Internet of Things is also changing how CIA officers and specialists do their work. With more devices generating data that becomes easily accessible to agency analysts, IT experts need to ensure that the CIA isn’t also collecting malware or exposing itself to new vulnerabilities.
“As we put together our information technology architecture, we need to make sure that we are trying to optimize … both objectives” of accessibility and security, Roche said. Aiding in those tasks is the Intelligence Community Information Technology Enterprise program, commonly known as ICITE (pronounced eye-sight). The program is improving the way U.S. intelligence agencies handle, store and analyze data, and is designed to help them share information more freely using common standards and platforms.
However, DDI is also taking the lead on improving cybersecurity for the CIA. As Bloomberg reports, some of DDI’s “responsibilities include updating the agency’s older systems, which aren’t compatible with current technology and in some cases can’t even accommodate encryption. The directorate also combined those handling the agency’s information technology and internet systems with the team that monitors global cyberthreats.”
“We get very good insights into what the cyber actors are doing and we stop them before they get to our door,” Roche told Bloomberg.