Homeland Security Activities Pushing Information Sharing Advancements

While significant advances have been made since September 11, 2001, more work is necessary to achieve cooperation among law enforcement agencies, concluded a panel moderated by Sheriff Edmund M. Sexton, assistant secretary, state and local law enforcement, Department of Homeland Security (DHS).

The complexity of multilevel collaboration necessitates more than just a technical solution.

Reliable federal and state homeland security coordination hinges on information sharing, interoperability, governance and trust. But achieving the right mix of these elements among governments, law enforcement agencies and the private sector presents both cultural and technical challenges.

Many government and industry leaders charged with addressing these challenges shared their knowledge during AFCEA’s Homeland Security 2.0 conference, which was held in February. Their insight and discussions spanned the spectrum from incorporating new capabilities to leveraging existing technologies to recognizing and addressing cultural challenges taking place in government.

The Obama administration has brought a new focus on information sharing, noted Sheriff Edmund M. Sexton, assistant secretary for state and local law enforcement, Department of Homeland Security (DHS). Significant progress has been made in this area since September 11, 2001, but information sharing is still not where it should be. Nevertheless, the new administration must resist the temptation to reset the process entirely, advised the panel of experts Sexton led in a fireside chat format.

A number of initiatives are underway within the DHS to enhance security by making more information available and easing the added workload associated with information sharing. Consideration of cross-boundary and cross-domain challenges to effective information sharing and collaboration is an important part of these efforts.

Darren Ash, deputy executive director for corporate management at the Nuclear Regulatory Commission, noted that many of these hurdles are being overcome by more cross-agency exercises, improved security at nuclear power plants and by enhancements in cyber and physical security. Ash noted that because of the Energy Policy Act of 2005, reactors constructed in the future will all feature upgraded security measures.

Intelligence Community Directive 501 drives members of the intelligence community to become the stewards—not the guardians—of information, concluded panelists (l-r) Richard Wilhelm, vice president, Booz Allen Hamilton; Vance Hitch, chief information officer, Department of Justice; Dr. Carter Morris, chief of staff, intelligence and analysis, DHS; and Dr. Prescott Winter, associate deputy director of national intelligence for information integration, Office of the Director of National Intelligence.

The Nationwide Health Information Network currently under construction will enable officials to access medical records during an emergency. Vish Sankaran, program director, federal health architecture, Office of the National Coordinator, Department of Health and Human Services, explained that the ability to move health information is a critical government function. During crises, easily accessible health data enables government agencies to know where, when and what type of assistance to deploy. The Nationwide Health Information Network is not technical, however, according to Sankaran. It is a trust model and a series of standards.

A large amount of health data about the general population already is available through agencies that regularly collect it, such as Medicare, shared Dr. Clark Smith, executive for programs and technology, office of the program manager, Information Sharing Environment, Office of the Director of National Intelligence. “If we work with DHS particularly in the data area—the national information exchange model—and create a health domain that has some consistency, we can build out our database. This gives us a nationwide situational awareness of the medical situation in the United States,” he explained. Some of this information gathering can be done now, but it still is not possible to determine if a specific health issue is national or local. Such a detailed view can only be achieved by overlaying the data, he added.

Another information sharing effort underway strives to determine U.S. resident and citizenship status. Gregory Smith, associate director, National Security and Record Verification (NSRV) directorate, U.S. Citizenship and Immigration Service (US CIS), explained that records digitization is the first step that can lead to a more secure nation. Digitization facilitates information and record sharing and is a tool for analysis, he explained. To date, the US CIS has digitized more than 750,000 files.

E-Verify is a capability now used by more than 300 U.S. government agencies. According to Gerri Ratliff, the NSRV deputy associate director, the automated immigration status verification system has helped to reduce unauthorized employment numbers, minimized verification-related discrimination, eased the burden on employers and improved protection of civil liberties and employees’ privacy. She noted that currently 96.1 percent of all workers in the country are authorized either instantly or within 24 hours through E-Verify. She added that it is likely that a federal mandate soon will require companies with government contracts to use E-Verify to validate the legal status of employees working on federal projects.

Information sharing through activities such as these continues to improve, but a large part of advancing the collaborative capability is the need for enhanced interoperability. Different systems must process a variety of data types on various networks and at numerous levels.

One way to improve interoperability is to make the 800-megahertz band exclusive to law enforcement, suggested Lee Baca, sheriff of Los Angeles County, California. He noted that if first responders had the necessary bandwidth, they would be able to flesh out interoperability on a variety of frequencies. “We need a place to reside in the technology world,” he advised.

Technology can provide the necessary connectivity for successful information sharing, but the challenge does not end there. Solid leadership is required to modify the culture and gradually bring about change in organizations, and this is where governance enters the formula. Policy guidelines must demonstrate that information sharing is the standard way to conduct business. Information that is not shared should be the exception, said Vance Hitch, chief information officer for the Department of Justice. “We need a Google for cops and a Google for intelligence agents,” he maintained.

Cloud computing offers much promise to helping the DHS meet its information sharing needs, but questions of how to federate clouds and how to provide security as the clouds communicate with each other still exist, according to Margie Graves, the deputy chief information officer at the DHS.

The DHS must manage its own internal governance issues. Because it represents the merging of 22 agencies, the department continues to manage and sort out issues relating from its creation. According to Margie Graves, the deputy chief information officer at the DHS, the goal is to provide central governance with distributed execution. This process is being made possible by replacing individual agencies’ stovepiped information technology architectures with enterprise solutions, she said.

The DHS also must continue to embrace new technologies even while it works on its own governance issues. Graves explained that the department is closely tracking cloud computing as a major future trend. Cloud computing allows organizations to scale up or down their information technology capabilities while reducing their data center footprints. But part of the challenge of the new technology is how to federate clouds and provide security as the clouds communicate with each other, she said. 

Event participants chimed in with other developments that could aid the DHS. Among these new applications are social networking technologies that enhance internal information sharing. One option is to use social networking as a training tool. Sandy Peavy, chief information officer, FederalLawEnforcementTrainingCenter at the DHS, said that her organization is striving to provide the right type of training, in person or online, any time and any place.

Challenges also must be addressed even after information is shared, conference participants agreed. For example, the tactics to deal with collected intelligence information can be as important as the data itself. “There is no federal government 911 center,” said Robert Riegle, the DHS director of state and local operations for fusion centers. Riegle reiterated that local responders must understand the context of the information because they may very well be the ones to mitigate an event. In addition, knowing the source of intelligence information often is as important as the data itself. However, those in charge of event mitigation often do not have the resources to access information down to the context level because it is often classified material.

The intelligence and law enforcement agencies might see some needed change through Intelligence Community Directive 501. The governance and framework for implementing Directive 501 are being established, explained Dr. Prescott Winter, associate deputy director of national intelligence for information integration, Office of the Director of National Intelligence. By June 1, 2009, all documentation in the national intelligence library will be discoverable and accessible, he said. The directive makes intelligence community members the stewards—not the guardians—of information.

Exactly how this directive affects the intelligence elements of the DHS is still being sorted out. The directive applies to organizations within the intelligence community, but the DHS intelligence groups share most of their data with state and local organizations and the private sector. If information has an intelligence value, then the directive applies, but conference participants questioned who ultimately decides if the information has intelligence value.

Even with good interoperability and governance supporting information sharing initiatives, much ultimately will depend on trust. No matter how good the information is, if the source does not trust the people on the other end, any advantage is lost. Trust must exist among those sharing information with each other for collaboration purposes, but trust also must exist among the community and the law enforcement personnel and first responders serving there. In spite of all the threat-response monitoring, tips from the community can be the most valuable. But this level of information sharing only happens with trust, and that trust must grow at the local level.

Trust also is a central element for critical infrastructure protection. Because the majority of the nation’s infrastructure is privately owned, information sharing must occur between the government and private industry. Some steps toward joint information sharing have been taken since September 11, but much remains to be done, explained Robert Dix Jr., a Juniper Networks executive and a member of the Partnership for Critical Infrastructure Security.

Dix divided the elements of critical infrastructure protection into the “good, bad and ugly.” He suggested that the good part is that progress has been made in government and industry infrastructure protection. But the bad, he contended, is that this relationship is bogged down with too many reporting requirements. There is a lack of understanding of critical infrastructure’s role—electricity, information technology, cybersecurity and communications—across government and industry. There also is a corresponding lack of knowledge of where the collaborative touch points need to be. The ugly part is that the owners of the infrastructure are not included in the planning and execution of national preparedness exercises. He explained that this omission creates a false sense of security.

Besides the continuing threat of well-financed and well-equipped cyber and terrorist adversaries attacking infrastructure, the current financial crisis also is raising new concerns, Dix shared. He noted that the infrastructure could become more vulnerable if industry reduces its investment in security efforts and if companies as well as state and local governments make tradeoffs due to tight budgets.