The IS&S Landscape Today

The U.S. government has made substantial progress in implementing facilities for responsible information sharing, including substantial government-wide implementation of the priority objectives of the 2012 National Strategy for Information Sharing and Safeguarding (NSISS). Most notably: the NSISS “demands the timely and effective sharing of intelligence and information about threats to our Nation with those who need it, from the President to the police officer on the street.”  The Terrorism-Related  Information Sharing Environment (TR ISE or simply ISE) [1,2] is an integral response by the US Government to the 9/11 Commission’s recommendation to create a trusted information network spanning the whole of government. [3]

 

The scope of the ISE is extremely large. By strategy and policy (the primary focus of efforts to date), and where the ISE has seen its greatest realization, is in the domestic nexus of national security and public safety, where ISE capabilities and frameworks have been championed and put into use [4] by federal, state, local, tribal, and territorial partners. This focus on bridging agency-specific “stovepipes” between levels of government is unique and complementary to other agency-specific and federal community efforts, e.g., the move by the Intelligence Community (IC) to establish their Information Technology Environment, the Department of Homeland Security (DHS) implementation of their Data Framework and related DHS ISE, and Department of Justice (DOJ) and Federal Bureau of Investigation (FBI) efforts to further integrate and modernize their information technology and services portfolios.

 

Progress improving terrorism-related government-wide coordination and collaboration through responsible information sharing has improved the safety and security of the American people.  Fifteen years after 9/11, even as we acknowledge the tremendous collective progress made, much still remains to be done as the terrorism threat continues to morph and the velocity, volume, and variety of technology rapidly expands. Three trends now set the stage for the further evolution of responsible information sharing, including the further development of the ISE.

 

  1. The terrorism-related threat is increasingly distributed and decentralized, and is increasingly indistinguishable from public safety and law enforcement threats from a prevention and response perspective. The original National Criminal Intelligence Sharing Plan, published by DOJ and DHS in consultation with state and local agencies after 9/11, made the connection between homeland security and hometown security. As the emerging threats become more distributed and decentralized, it becomes essential to define a more aggressive approach to risk mitigation that is based on greater involvement of our state and local law enforcement and public safety communities in our national counter-terrorism efforts, and, in particular, as it pertains to countering violent extremism.
  2. While public sector agencies have made great strides to leverage, integrate, and benefit from advances in information technology (IT), the rapid and revolutionary progress that has occurred and continues to occur across multiple fields of private sector research and development (e.g., cloud computing, mobile devices, consumer data collection, and analytics, including advances in artificial intelligence and social media applications) has led to a large gap between state-of-the-art IT capabilities and the extent to which those capabilities are leveraged within the public sector in support of mission applications, including counter-terrorism. Arguably, pressure on public sector budgets, growing costs to maintain legacy infrastructure, and diminished focus have starved investment and are increasing the gap. Public sector agencies have security and privacy constraints, as well as oversight, procurement, and human capital cultures and regimes that resist transformation and adoption of more agile operating models. These gaps are reflected in the public sector’s dependency on legacy operating models and IT infrastructure that is costly, duplicative, and increasingly less effective against an ever-evolving threat. These constraints and challenges make it difficult to engage citizens and private sector players into the kind of collaboration that is essential in developing successful solutions.
  3. The current societal context and associated policies around the use of technology to support national security and public safety missions is evolving. Public criticism of government strategies to collect, analyze, and share information has grown since the unauthorized disclosures by Manning and Snowden that elevated the national discourse about our national information sharing efforts. The policy resolution of this discontent has yet to be realized. More recently, the criticism of government has expanded as a result of the current national discussion around the use of force by and against law enforcement. This dilemma is exacerbated by the relatively piecemeal adoption of technology by agencies, which presents a fragmented landscape of policy, training, transparency, standards and procurement, and accountability that is at odds with the information sharing and safeguarding imperatives laid out by legislation and by the NSISS.
 
Footnotes:
1 The term “terrorism-related” is defined in the Intelligence Reform and Terrorism Prevention Act of 2004, as amended (IRTPA), Section 1016, to include terrorism, homeland security, and weapons of mass destruction spanning the law enforcement, homeland security, intelligence, foreign affairs, and defense communities and crossing federal, state, local, and tribal agencies, private sector partners, and international allies.
2 The ISE is defined in IRTPA as a distributed and decentralized, yet coordinated environment, with protections for privacy and other rights, that connects existing systems and networks with a focus on secure and trusted access and discovery of information. The ISE is defined through a series of attributes that about sharing and safeguarding information.
3 9/11 Commission Report, Chapter 13.3, "Unity of Information in Information Sharing".
4 Core successes include supporting and strengthening engagement and governance between and across federal, state, and local agencies, the maturation and integration of the National Network of Fusion Centers, the Nationwide Suspicious Activity Reporting Initiative, aligning domestic intelligence and information sharing networks dating back to the 1970s (FBI Joint Terrorism Task Forces and Field Intelligence Groups, DHS Intelligence Officers, Regional Information Sharing Systems Centers, High Intensity Drug Trafficking Centers, and Fusion Centers), increasing levels of trusted interoperability across the Nation's Sensitive but Unclassified and Secret networks, establishing privacy policies, and developing and maturing underlying frameworks, standards, and architectures.