How The CIA Is Making Sense Of Big Data

For decades, the CIA’s spying strategy remained relatively unchanged, perhaps reflected best in the fact that last year’s creation of a Directorate for Digital Innovation was the first new directorate within the spy agency in more than 50 years.

Helmed by Deputy Director Andrew Hallman, the new entity is a result of big data, the technological explosion of connectivity and data among devices, sensors and people, and the CIA’s wish to make sense of it all.

In a rare public appearance at Tuesday’s Cloudera Federal Forum, which was hosted by the custom events unit of Nextgov's parent company, Government Executive Media Group, Hallman said the CIA’s old information collection strategies couldn’t “withstand the accelerating rate of information” produced globally or “keep pace with policymakers’ more rapid need to make decisions.” In short, the CIA wants to be more predictive and less reactive.

“We are developing policy approaches that affect outcomes instead of becoming reactionary,” Hallman said. “We’re not here to chase the news.”

With the CIA’s technology backbone, including a cloud computing environment built by Amazon Web Services and other unique capabilities, now fully in place, Hallman said the spy agency is “taking next steps” to solidify its strategy around harnessing this explosion of information.

Big data technologies allow analysts to piece together the “digital exhaust” of adversaries, Hallman said. And even “small fragments” represent major opportunities. Analysts can use disparate data and accompanying analytic capabilities to put together a puzzle, even if all the pieces are spread randomly over the kitchen table.

“The whole can be pieced together from fragments,” Hallman said.

Hallman said the directorate is focused on three ideas: “Optimizing the CIA’s underlying digital ecosystem; establishing sound data management principles; and making data useful to increasingly sophisticated consumers.”

These ideas, he said, represent not only a major technical change to the agency’s operations, but a cultural transformation as well. An increased emphasis on data requires a reduction in old bureaucratic and management policies – allowing the agency to get out of the way of itself and its analysts, who act as stewards of the intelligence community’s greatest asset.

Optimizing the digital ecosystem requires a “decentralized governance process with just enough high-level guidance to operationalize,” Hallman said. “Information is the currency of the realm in the intelligence world, and we want all our analysts to have (currency) in their pockets.”

If the CIA has rebuilt its technology infrastructure, the next step is “rewiring its organizational neural pathways” to ensure, for example, that the kinds of lapses in information sharing that preceded 9/11 don’t reoccur. He’s put an emphasis on rapid dynamic teaming, or digitally networked teams, which collaborate in real-time “to storm vexing problems” when strange trends emerge or data suggests “subtle shifts or discontinuities.”

The emphasis is not only on sharing information with the CIA and other agencies within the IC, but “making the data useful to increasingly sophisticated consumers," Hallman added.

“Given the complexity of national security challenges we face today, we have to optimize not only technology but our officers’ minds,” he said. “We are developing policy approaches that affect the outcomes instead of becoming reactionary.”

NextGov: http://bit.ly/1pZy40b

« Who Is The Cybersecurity Guy In Your Organisation?
Cognitive Computing Market Forecast To Be Worth $31Billion In 3 Years »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

L3Harris United Kingdom

L3Harris United Kingdom

L3Harris UK (formerly L3 TRL Technology) designs and delivers advanced electronic warfare and cyber security solutions for the protection of people, infrastructure and assets.

ThreatConnect

ThreatConnect

ThreatConnect is an enterprise threat intelligence platform by Cyber Squared bridging incident response, defense, and threat analysis for InfoSec & DFIR teams.

Applause

Applause

Applause provides real-world software testing for functionality, usability, accessibility, load, localization and security.

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium was created to encourage use-inspired research, training and technology awareness in cybersecurity.

FIRST Conference

FIRST Conference

Annual conference organised by the Forum of Incident Response and Security Teams (FIRST), a recognized global leader in computer incident response.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

Falanx Cyber

Falanx Cyber

Falanx Cyber provides enterprise-class cyber security services and solutions. We deliver end-to-end cyber capabilities, either as specific engagements or as fully-managed services.

Exatel

Exatel

Exatel is Poland’s leading provider of ICT security services.

National Accreditation Agency of Ukraine (NAAU)

National Accreditation Agency of Ukraine (NAAU)

NAAU is the national accreditation body for Ukraine. The directory of members provides details of organisations offering certification services for ISO 27001.

PeckShield

PeckShield

PeckShield is a blockchain security company which aims to elevate the security, privacy, and usability of entire blockchain ecosystem by offering top-notch, industry-leading services and products.

Technology Law Alliance (TLA)

Technology Law Alliance (TLA)

Technology Law Alliance is a specialist IT law firm focussed on the fields of technology, outsourcing and e-commerce.

NanoVMs

NanoVMs

NanoVMs is the industry's only unikernel platform available today. NanoVMs runs your applications as secure, isolated virtual machines faster than bare metal installs.

Traceable

Traceable

Traceable was founded to protect applications from next-generation attacks.

SecOps Group

SecOps Group

SecOps Group is a boutique cybersecurity consultancy helping enterprises identify & eliminate security risks on a continuous basis.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.

NuKuDo

NuKuDo

NukuDo redefine the boundaries of cybersecurity talent development. We are dedicated to cultivating top-tier professionals equipped to tackle the complex challenges of cybersecurity.