The Cyber Edge Home Page

  • Increased adversarial threats, combined with a growing demand for intelligence, is driving the Defense Intelligence Agency’s effort in providing advanced tools to the military’s intelligence officers worldwide. Credit: Shutterstock/Gorodenkoff
     Increased adversarial threats, combined with a growing demand for intelligence, is driving the Defense Intelligence Agency’s effort in providing advanced tools to the military’s intelligence officers worldwide. Credit: Shutterstock/Gorodenkoff

Integration of Intelligence Tools Is Key to Military Readiness

The Cyber Edge
September 1, 2019
By Kimberly Underwood
E-mail About the Author

The DIA’s chief information security officer is working to meet demand amid a technological revolution.

Trusted intelligence is needed in an era in which the United States is facing growing threats. The military and other entities in the intelligence community rely on the U.S. Defense Intelligence Agency to provide not only actionable intelligence but also the platforms or information technology systems that enable intelligence gathering, processing and analysis. To meet the increasing demand for intelligence, the Defense Intelligence Agency, known as the DIA, has distributed part of its workforce to the various U.S. military commands that it supports. This global deployment has altered the role of the DIA, explains Jean Schaffer, the agency’s chief information security officer (CISO) and chief of Cyber and Enterprise Operations.

“Over the years, the DIA has become much more of an integration partner for the Defense Department community,” Schaffer says. “Our role is to make sure that we understand the requirements that have been given to us and actually provide those solutions back, because at the end of the day, a large portion of DIA provides their IT [information technology], whether it be the infrastructure, the network portion, applications or the systems that the commands use for their intelligence.”

And while the Defense Department’s chief information officer is primarily focused on providing technology and information systems at the Secret classification and below, the DIA, as a partner to the intelligence community (IC), is providing a large portion of the defense intelligence environment and information technology above the Secret level, in what is often referred to as Department of Defense Intelligence Information System (DODIIS) services.

“Our core mission is our networks, our desktops, our video, our collaboration services, all of that backend that everyone relies on us for, to drive their mission,” Schaffer states. “That is the IT that we provide, which is vital in producing intelligence. And we continue to see an increase in demand for our services. [Our users] want better technologies, and they want those technologies to be able to do additional things for them.”

The DIA is the executive agent for the Joint Worldwide Intelligence Communications System, known as JWICS, the Top Secret, Sensitive Compartmented Information (TS-SCI) wide area network that connects all of Defense Department and the intelligence community, including the CIA and the FBI. “So anyone operating in that classification vein usually rides on JWICS,” she offers.

The agency is facing an increased demand for making sure that JWICS is at the right places around the world, the CISO/cyber chief states. “It’s both an accessibility to JWICS, as well as making sure that it’s available and it’s secure and it’s meeting all of the needs to carry the intelligence data to our global footprint,” she notes.

The agency’s role also is to ensure the cybersecurity of the DODIIS environment. Here, Schaffer confirms that providing cyber protections “requires great coordination amongst our cyber cells.” In addition, the DIA is the executive agent for the Intelligence Community Security Coordination Center (IC-SCC), an element of the Department of Homeland Security’s Enhance Shared Situational Awareness (ESSA) effort. “That Security Coordination Center really is where we’re bringing cybersecurity across the IC community,” she says. “It’s what we’re seeing, sharing information back and forth, and making sure we are doing things from a corporate view rather than just an isolated look at our own infrastructure.”

Throughout the military, the DIA also supports the information technology needs of intelligence directorate leaders, known as J-2s. Currently, the agency is working to improve intelligence processing through automation and artificial intelligence, Schaffer shares. “Some of the things that we’re working with the J-2s is how would you automate collateral damage estimates, or automate adversary readiness estimates, or how would you take advantage of machine learning,” she notes. “[It is] to be able to do a certain level of processing and then actually do human analysis after we’ve gotten some of the basics done.”

One major effort that the DIA is pursuing, which will support the J-2s, as well as the intelligence community as a whole, is the so-called MARS program, or the Machine-assisted Analytic Rapid-repository System, which will replace the agency’s primary intelligence platform, the Modernized Integrated Database, known as MIDB, which is more than 20 years old. “The whole purpose of MARS is to take the consumption of all of those data sources and figure out how to automate it, automatically analyze it and turn it into the information and intelligence that our consumers need,” the CISO/cyber chief offers.

Initial system prototyping for MARS will begin later this year and continue into 2020. “The actual full production is probably several years out,” she confirms. While DIA’s CISO office is playing a role in the program, the agency’s analytics group is leading the effort, with Terry Busch, MARS technical director, at the helm. “They’re prototyping different technologies to try to figure out what the final answer will be,” she says.

The DIA also is looking to leverage automation against cyber threats. “We used to worry about only nation-state actors,” Schaffer states. “Today, the threat environment has changed, and there’s many more people who are developing exploits and malware and Trojan horses.” Here, automation can help with “some of those normal, rudimentary, lower-level threats and allow us to focus our cybersecurity defensive postures on making sure our humans worry about those higher-level threats,” she stresses.

Schaffer admits, however, that it is a challenge to maintain advancements in a rapidly evolving technological environment. “We have to keep pace with the technology that’s being developed across the IT enterprise worldwide,” she emphasizes. “We need to make sure that we are able to bring in new technologies, adapt them to our user’s needs and continue to secure them at the level that’s required, so that our customers actually can use it painlessly and intuitively, and that the technology is adapted to their needs.”

To evaluate technologies, the DIA relies on several laboratories, as well as partnering with the industry. The agency’s annual conference, DODIIS Worldwide—the 2019 event was held in Tampa, Florida, last month—“is primarily a venue that we get together across the government,” Schaffer explains. “But really it is to bring in our industry partners and be able to explain to them our upcoming challenges and what we need them to try to help us figure out for the future, so that we can make sure we’re keeping pace and meeting the needs at the same time.”

As for areas in which the commercial sector can assist the DIA’s CISO office, Schaffer points to the areas the DIA is currently working on: artificial intelligence, machine learning and automation. “We often look at ourselves as like a Fortune 50 company,” she states. “It’s just that our mission area is intelligence. But the same automation, artificial intelligence, machine learning that all of the big corporations are looking for help with … are the exact same things we’re looking for from industry, which is why the DIA finds it very important to have good relationships with our industry partners, because we leverage each other to actually move the nation forward in all of our endeavors, whether it be critical infrastructure or specifically the intelligence portion.”

The CISO/cyber chief reminds the industry that the intelligence community has slightly more unique requirements than the private sector, and that requires a balance. “We want to make sure we’re laying that out so the industry can address those requirements as well as commercial requirements,” she notes. “At the same time, we don’t want diverse baselines. We want to use the industry products, and they’re the greatest innovators.”

As for goals, the office of the CISO will continue to support the DIA chief information officer’s vision of being a preferred partner provider. “What we’re really focusing on over the next fiscal year is to make sure we are driving customer centricity into everything that we produce from a service point of view,” Schaffer shares. “We want to make sure that we can actually deliver data to the point of need for our consumers. We want to optimize our core missions … and we really want to equip our workforce to make sure that we’re continuing to increase their skill levels as well as bring in new government talent with the right skills to continue to move us forward.

“We will continue to need the great partnerships that we’re getting from our industry, and we need to make sure we’re continuing to provide those IT services, so we can make sure we’re meeting the intelligence needs [with which] we’ve been tasked,” she says.

Enjoyed this article? SUBSCRIBE NOW to keep the content flowing.


Share Your Thoughts: