The intelligence and defense communities overhaul IT to embrace data sharing, the cloud, and enterprise business processes
In 2005, soldiers in war-torn Iraq reported spending 90 percent of their time fighting for data and only 10 percent of their time fighting the enemy. To address this issue, Dr. Stephen Cambone, then under secretary of defense for intelligence, approached Gen. Keith Alexander, at the time the Army’s deputy chief of staff for intelligence, and asked him to synchronize intelligence and operational data. As a result, Joint Intelligence Operations Center (JIOC)-Iraq was funded and fielded in about six months, according to Lynn Schnurr, former Army chief information officer for intelligence and now a vice president with General Dynamics Information Technology.
“There were stovepipes and the data was not being shared,” Schnurr said. “We were hearing from commanders the data had so much latency—48 to 72 hours—that they couldn’t do anything with it. We knew we had to develop a system that would not only get them the data in as near real-time as possible but that could make it available to decision-makers. It was a very early on achievement in showing how intelligence integration can and needs to be done.”
A decade later, both the intelligence and defense communities are implementing massive information technology upgrades that will facilitate data sharing among analysts not only across intelligence agencies or services, but also between intelligence agencies and the armed services. Originally perceived by many as programs or contract vehicles, the Intelligence Community Information Technology Enterprise (IC ITE), the Department of Defense’s (DoD) Joint Information Environment (JIE), and the Defense Intelligence Information Enterprise (DI2E)—the unifying construct that bridges IC ITE and JIE—are much more. They are large-scale initiatives with the common threads of upgrading IT infrastructure, sharing data and services, and redefining cultural and business processes to ultimately achieve unprecedented efficiencies and make integration a way of life for U.S. analysts.
“It is in the interest of national security to ensure that we enable the widest possible access to and the best possible use of data we possess,” said Dr. Raymond Cook, chief information officer (CIO) for the Office of the Director of National Intelligence (ODNI). “We are at a point in time where we can achieve these goals with unprecedented efficiency and security controls.”
All three initiatives—IC ITE, JIE, and DI2E, need to be interoperable for success, according to Cathy Johnston, director of digital transformation and operationalizing IC ITE with the Defense Intelligence Agency (DIA). As a combat support agency, DIA is critical in supporting the tactical edge, Johnston said.
“As we execute IC ITE we are in constant contact with USD(I) and the DoD CIO to make sure we remain interoperable and standards get identified,” Johnston said, adding that the ultimate goal is to support strategic, operational, and tactical users “from the White House to the 7th fleet.”
While IC ITE is focused on integrating classified data repositories and workflow across the Intelligence Community (IC), JIE’s mission is much larger in scope, centered on IT upgrades at the secret and unclassified levels for the entire DoD. JIE extends far beyond intelligence to include logistics, force application, operations, medical, and more.
DI2E leaders were pursuing goals of common DoD and IC specifications and capabilities before the emergence of IC ITE and JIE. DI2E’s common framework of standards, processes, technologies, and reference implementations enable the sharing of data, web services, and applications across the defense intelligence community. Today, the Office of the Under Secretary of Defense for Intelligence USD(I) is leveraging DI2E governance and processes to ensure IC ITE and JIE can connect to meet defense intelligence needs.
“All of the different initiatives and environments are important,” said Jack Jones, director of intelligence, surveillance, and reconnaissance (ISR) infrastructure with USD(I). “IC ITE, JIE, and DI2E all have to succeed.”
Laying the Foundation
For intelligence integration to come to fruition, a strong IT infrastructure must first be laid. The following outlines the foundational elements of IC ITE, JIE, and DI2E.
“IC ITE is an enabler for our analysts and users to do their jobs faster and better and easier than they were able to in the past,” said Doug McGovern, CIO and director of IT services with the National Geospatial-Intelligence Agency (NGA). “It’s the foundation for which the community can operate at a faster pace and answer the key intelligence questions that face us today.”
Under IC ITE, ODNI tasked specific intelligence agencies with fielding designated capabilities for the entire IC. NGA and DIA, charged to develop the IC Common Desktop, have to date delivered more than 56,000 new desktops across the two agencies. They are now in phase two of the effort, which will deploy the common desktop to the rest of the community. The new desktop provides a uniform interface and enables analysts at any agency to communicate and exchange information.
The cornerstone of JIE is standing up Joint Regional Security Stacks (JRSS). The JRSS, one of which is up and running at Joint Base San Antonio, will improve network security and increase the DoD’s capacity for collecting, storing, and sharing Big Data among services and with the IC.
“These stacks have a large capacity for bringing in and processing Big Data,” Johnston said. “If you can bring in Big Data and get it processed and made accessible to the community you will achieve better operational capabilities out to the COCOMS, military, and the IC.”
Another JIE goal is the installation of a number of Multiprotocol Label Switching (MPLS) routers, several of which are already operational, said Roger Thorstenson, director of strategy and integration for the deputy CIO for information enterprise with the office of the DoD CIO. The new routers will reduce the chances of data being stalled or lost as a result of high volume or congestion.
“All efforts are underway today and most capabilities we anticipate will be in place by end of FY 2019,” Thorstenson said.
The cloud is also a critical element of the new enterprise environments. Under IC ITE, the Central Intelligence Agency (CIA) has established IC Commercial Cloud Services (C2S) through Amazon. Meanwhile, the National Security Agency (NSA) has stood up an early implementation of the IC’s classified Government Cloud, or GovCloud. The classified cloud will scale over time as more data sets, analytic tools, mission workflows, and users are added.
“We need to think more in terms of what I call ‘cloud complementary,’” said Andrew Hallman, director of the CIA’s new Digital Innovation Directorate. “We have within the IC thought of these as either/or … But you may have, for example, an app in C2S that needs to leverage the data that’s in GovCloud. We need to think of this as a holistic—almost a hybrid—cloud.”
NGA was the first agency to share some of its core capabilities in C2S with its Geospatial Visualization Services and Map of the World, according to McGovern.
“That underlying, foundational information can be consumed by anybody on the network with the proper credentials,” McGovern said.
Under JIE, the DoD has granted provisional authorization to several industry members allowing them to compete to provide DoD cloud services, according to Thorstenson.
“There’s a lot of opportunity for industry to participate in putting in place cloud solutions to help meet the Department’s computing and storage needs,” Thorstenson said, adding interested industry members should seek provisional authorization.
In addition to GovCloud, NSA is tasked with oversight of the IC Applications Mall. In June, the agency launched the next-generation mall—an upgrade of the first version launched in 2013. As of December 2015, the mall had approximately 235 apps and 3,165 unique monthly users. The mall has two components: a hosting environment where agencies can upload and download apps; and a development environment that allows the IC developer community to swap code. As of December, the developer environment had 6,500 users.
“[The mall] is about software reuse,” said Michael McNamee, NSA’s chief of system engineering. “If one organization develops software it’s then made available to the rest of the community.”
These efficiencies also extend to security, according to NSA Deputy CIO Sally Holcomb.
“If an agency has worked through software assurance, having someone else be able to use [that same software] to save on time and security is also a win,” she said.
Similarly, the DI2E community can access the DI2E Developers Environment, which offers the ability to provision virtual machines to support development, integration, and testing. The environment currently hosts 280 collaborative projects across 60 programs and supports more than 3,100 users.
“The services can all come into the development environment and test their own capabilities to make sure they work with standards,” Jones said. “And then they can establish technical protocols below the standards level to make sure things actually work.”
DI2E also offers a storefront for app exchange.
“So SOCOM can take the DCGS integration backbone, make it better using a new app—it still fits standards—post it on there, and someone else can come in and adopt that capability for free,” Jones continued, offering an example. “There’s no integration costs, no buying anything … That’s the goal. Adopt before we purchase anything.”
An Enterprise Approach
This enterprise business model is a common thread shared by IC ITE, JIE, and DI2E, according to Kevin Meiners, assistant director of national intelligence for acquisition, technology, and facilities with ODNI.
“The ‘E’ in IC ITE is critical to helping people understand what IC ITE is,” Meiners said. “It’s an enterprise look.”
The three-legged stool of IC ITE is comprised of efficiency, integration, and security. To achieve efficiency will require IC ITE infrastructure and services be managed and provided as a single enterprise. C2S is a prime example of this, according to Cook.
“[C2S is] an entirely new way of thinking about how IT is procured and used,” Cook said. “It’s service-based. So just as you would do in the unclassified, commercial world, we’re saying to Amazon, ‘you own and manage the cloud and we’re going to pay you by the minute.’ … You pay for only what you use and you only buy what you need.”
Such enterprise business processes require novel contracting and service provider approaches that allow the IC as a whole to directly leverage services provided by one agency. For example, NGA is only charged by the minute for its analysts’ use of the CIA-acquired C2S rather than purchasing licenses for every one of its analysts or standing up its own, proprietary cloud. Not only does this model facilitate data sharing but also the sharing of efficiencies in the form of time and money.
“We’re trying to translate those enterprise license agreements into our various contracts so no matter who you are in the IC you can log in and benefit from that service without having to have your own licensing agreement,” Meiners said.
Kevin West, USD(I)’s deputy director for ISR infrastructure, said a major challenge to implementing DI2E as a “globalized enterprise” is outdated security accreditation policies. Current security accreditation policies are written to accredit an entire system as opposed to an enterprise and need to be changed, he said.
“An enterprise approach is very different than a systems approach to doing accreditation,” West said. “So we have to take a look at those things from a resource and accountability perspective because we manage almost everything programmatically that way. The [DoD] as a whole has begun to do that, but we still have a long way to go.”
Thorstenson said DoD is looking to industry for help establishing JIE enterprise license agreements.
“Help us get in place hardware and software and service delivery initiatives that enable us to leverage the Department’s buying power rather than doing things on an individual component basis,” Thorstenson said.
McGovern said industry should take note the IC would no longer “be doing business in the same old way.”
“Our acquisition contracts are being structured to support agile development efforts where we can very quickly build a little, test a little, operate a little, and then learn from that and be putting capabilities on the floor in days or weeks,” he said.
Freeing the Data
In addition to embracing enterprise business processes, the intelligence and defense communities are looking to industry to help create the standards necessary to integrate data and the flexible solutions to unleash it.
Meiners is asking industry to “move up the stack,” describing new IT infrastructure such as common desktops and cloud environments as now being commodities.
“Those kinds of things are taken care of for us,” Meiners said. “Software-as-a-service is at the top of the stack. That’s what we need more of.”
Cook added the IC is also looking to industry to help provide the personnel at the top of the stack—the data scientists who know how to manipulate software-as-a-service for intelligence.
Hallman noted freeing data from apps as a major challenge facing IC ITE, but one necessary for scaling in a Big Data environment. He cited a need to re-engineer existing apps to free data and to be mindful of keeping data free from apps during acquisition and development.
“For the strongest competing intelligence officers of the future, industry will have to get used to the concept of apps that are not binding the data to those apps,” Hallman said. “Apps that can get meaning out of a variety of data as it’s generated. New data sets will appear faster than industry can produce the apps.”
In the IC of the future, he predicts intelligence officers will drive the evolution of industry much faster than they do now, fostering competition by determining the best of breed apps that offer the most value.
Johnston echoed Hallman, and said she seeks industry solutions to conjoin “unlike, unusual data sets in ways not combined before.” She added the result would be data that is IC-specific rather than tied to an agency or mission.
“When you collect data, you can’t possibly imagine all the potential applications for that data,” Johnston said.
Identifying the proper open standards is also key to data sharing, according to Jones.
“Open standards are thrown around a lot, but if you don’t document what is actually happening and then test it, sometimes something that’s open standards doesn’t work with something else that’s also open standards,” Jones said.
Jones added that international partners are a growing part of the global ISR enterprise, calling for the U.S. to have “a global standard by which we integrate and share data with those partners as well.”
To help test and define standards, the DI2E camp invites industry to DI2E Plugfest, an annual demonstration of DI2E advancements.
“We need industry’s help in identifying potential solutions that would fit well into an open systems architecture approach,” West said. “Plugfest is an opportunity for us to explain the approach to industry and for industry to demonstrate to the Department how they fit into and can help us in establishing the DI2E enterprise.”
The fourth annual Plugfest will be held in Fairfax, Va., in June.
As the foundations for IC ITE and JIE are being laid, the next step is to determine how mission users will leverage the new environments. FY 2016 is “the year of mission adoption,” for IC ITE according to Cook, who is building an adoption road map with all of the U.S. intelligence agencies.
That’s where the IC ITE Mission User Group (The MUG)—co-chaired by Hallman and Johnston—is paramount. The purpose of the MUG, which includes mission and thought leaders from across the IC, is to be the voice of mission as well as to determine and test what the new operating model for intelligence analysts will look like once IC ITE is fully implemented. The MUG ensures stovepipes are not being recreated in the cloud and is empowered to rethink and optimize mission for an IC-whole business process, according to Johnston.
“The MUG led to the realization that laying technical infrastructure is an excellent and necessary first step, but is insufficient to meet mission user needs,” Johnston said. “We also need connectivity across search, discover, and geospatial mapping, for example.”
The MUG helps identify common needs and an executive agent to provide them to the entire IC. Since inception, it brought to light the need for basic geospatial services and designated NGA to provide them.
Another essential role of the MUG is to create a close-knit team of mission and IT experts.
“We can deliver [IT] services all day long, but without mission driving what those services really need to do they might miss the mark,” Cook said.
In some MUG sessions, mission users demonstrate their challenges on screen in front of IT experts.
“IT is for mission,” Meiners said. “Once you see a user doing their job and how difficult it sometimes can be, it really helps IT folks better understand what they need to do.”
Meiners added that the MUG, rather than making generalized policy recommendations, works to pinpoint a specific policy, interface control document, or other spec that might hinder data sharing.
In 2016, the MUG will take on real-world intelligence challenges to push IC ITE to its limits and determine where more services need to be stood up or existing services should be modified. Meiners and Cook are hopeful the challenges will help the analyst workforce realize the tangible benefits of integration.
Likewise, Thorstenson said demonstrable success would help boost the culture shift needed to drive adoption of JIE.
“The challenge is measuring and understanding success, especially when you look at the operational effects,” Thorstenson said. “It’s rather difficult to measure in the near term. You see those over a period of time, but it’s not something that’s immediately obvious.”
Thorstenson added the DoD CIO is collaborating with USD(I) to gain efficiencies and facilitate interoperability between IC ITE and JIE. Working to ensure the two architectures can connect is the DI2E Council—the DI2E governing body—a tiered, structured activity consisting of senior experts from across the DoD and IC.
The council is examining IC ITE and JIE to determine which elements need to work across both environments, and help both communities take an “adopt, buy, create” acquisition approach and embrace enterprise services.
“We work with the DoD CIO folks leading JIE and the ODNI CIO leading IC ITE to work the technical solutions, to get the appropriate documentation, and then to the maximum extent possible reuse capabilities and make them available to the community as a whole,” West said.
But for JIE and IC ITE to align, the cloud architecture on both sides must be integrated technically at the interface level to enable data movement between the top secret IC ITE system and secret and unclassified DoD systems.
“When you get to a brigade level you have JWICS there, but when you get to the battalion level and below you see less and less instantiation of JWICS,” Schnurr said.
Adopting common standards for things such as identity access and management, content search and discovery, and cross-domain services will help facilitate IC to DoD data sharing, according to ODNI.
Jones said it’s also essential to ensure the Distributed Common Ground System (DCGS), the biggest weapon system within the DI2E framework, can interface with the IT standards set for IC ITE and integrate with JIE at the operational level.
“The part we express to our IC ITE friends is not to forget the Department’s intelligence folks—they especially have to be able to integrate with IC ITE but also with other warfighting domains,” Jones said.
Kim Singleton-Slater, NGA’s DI2E-JIE coordinator, said the agency is being mindful of maintaining this “delicate balance” and applying IC ITE lessons learned to JIE.
“We try to make sure we balance what’s happening in the TS environment so we can leverage it in the secret and unclassified environments because we have customers in all three domains,” she said.
For those still hesitant when it comes to such unprecedented data sharing, Cook explains integration doesn’t mean “everyone gets access to all data.” Rather, he said, it prevents analysts from having to knock on the door of several agencies to obtain the data necessary to carry out their mission. Although it may seem counterintuitive to some, upgraded IT infrastructure actually offers better access control, identity management, and insider threat mitigation, making it easier—or at least less risky—to integrate.
“Everyone that has the need to know and the right credentials is allowed to see data that is tagged similarly,” Cook said.
For the analytic utility of intelligence integration to materialize, subject matter experts unanimously agree culture, not technology, is the most significant obstacle. Both “server huggers”—IT specialists wary of the cloud—and analysts untrusting of data outside of their discipline or agency must get on board with the new paradigm.
NGA has demonstrated its commitment to integration and accelerated by two years its timeline to be “all in” to the IC ITE cloud environment, moving its target date up from end of calendar year 2019 to 2017.
“As we go deeper into deploying capabilities in the community environment, we find it’s not that hard,” McGovern said. “We find it’s actually quite enabling to start having the users involved in shaping what the future capabilities and services need to be.”
David Cacner, NGA’s director of the National System for Geospatial Intelligence (NSG) expeditionary activities, hopes the escalated timeline will boost the culture shifted needed to make intelligence integration a success.
“People are hesitant to change, and I think giving us a goal to work toward will help foster that change,” Cacner said, pointing to a targeting capability NGA recently stood up in C2S for the U.S. Air Force as a forward-leaning example.
“There was a lot of concern from the folks here who said, ‘Well, let’s just stand up a server in our data center,’ and the answer was, ‘No, we’ve been told to go to the cloud, let’s push,’” Cacner recalled. “And we did that exactly. We delivered to the cloud within four months as the Air Force asked us to.”
This is an attitude IC and DoD leadership hopes will continue to spread.
“We are near a tipping point where culturally in the IC we have enough power users and mavens who are starting to explore the capabilities of IC ITE where they can be accelerators for the rest of the workforce,” Hallman said. “We still have a ways to go before the general user can know ‘I can exploit data this way using IC ITE tools.’”
Hallman added that as more young analysts comfortable with data and coding join the workforce, they would continue to drive IC ITE adoption.
Johnston called upon analysts to “put sweat equity in to help reinvent their own world,” encouraging them to break free of agency-specific constraints and to network across the IC. Were IC ITE a house, she said, the foundation has been laid, the frame is standing, and today’s analysts now have the opportunity to wander around inside and determine where the light switches, et cetera, will be located.
According to Jones, intelligence integration is essential to move the analytic community into the future.
“We have to get our arms around IT and communications or else there’s no way we can continue down the path we’re going,” Jones said. “We have to have some standard method for identifying data, for sharing—we can’t pay for multiple licenses multiple times. So all these ideas and the rationale for doing this makes sense.”
Looking ahead five years, leaders foresee a more globally dispersed and deployed, yet better connected community of defense and intelligence analysts than ever before. Johnston envisions innovation being shared across the defense and intelligence communities from a vast “data ocean.” Cook anticipates diverse analytic communities of experts studying the same intelligence issue will naturally materialize despite organizational units. In all, IC ITE, JIE, and DI2E stand to yield a more powerful intelligence capability for the entire nation and its allies.
Amazon Web Services, Edgybees, Guidehouse, and Whitespace set to take the stage Oct. 6 at the GEOINT 2021 Symposium for the final round of this year's GEOINT Innovative Tradecraft Competition.