Insights From 10 Years of an Intelligence Forum

The threats and risks to our cyber and national security from adversaries large and small have heightened over the last 10 years. China is making strides to be the world’s superpower, judging from its agenda that discounts the rule of international law. Russia’s unlawful re-invasion of Ukraine in February 2022 and threats to use nuclear weapons persist, while Iran and North Korea continue to pose a threat to the United States and its allies.

While the operations of these four nations have shifted over the last decade, intelligence leaders 10 years ago identified these countries as posing the largest threat to U.S. national security—a fact that remains true today.

For the last 10 years, AFCEA International and the Intelligence and National Security Alliance have annually co-hosted the Intelligence & National Security Summit, or INSS, an unclassified two-day forum that brings together top intelligence leaders and industry officials to discuss concerns and solutions for the intelligence community.

In 2016, leaders fretted over escalating threats posed by Russia, China, Iran and North Korea, as well as from terrorism and mounting vulnerabilities in the cyber realm. At the time, CIA officials also said Syria raised some of the most complex issues that the agency had faced.

Fifteen years after terrorists conducted the 9/11 attacks, intelligence leaders also saw the shift of terrorist organizations to exploit the lack of safeguards in the digital world. John Carlin, then the assistant attorney general for national security at the Justice Department, warned, “They're targeting our kids.”

James Comey, the director of the FBI at the time, balanced security and privacy concerns, worries driven by the increasing need for law enforcement to access private networks and devices following the rise in cyber and other digitally based crimes, with the need to protect citizens’ rights to privacy. Security and privacy were not mutually exclusive, he said. Technology was moving the nation to a place where huge swaths of the population would have absolute privacy—at a huge cost to law enforcement. And the FBI faced what he called the “going dark” phenomenon, defined as law enforcement having the legal authority to intercept and access communications and information pursuant to court orders but lacking the technical ability to do so.

In 2014, intelligence leaders called for a greater level of information sharing among government and industry to confront cyber threats. Ron Carback, the former defense intelligence officer for cyber at the Defense Intelligence Agency, emphasized in 2014 that cyber intelligence sharing was important at the intrusion level as well as at the strategic level. And although the 2018 creation of the Cybersecurity and Infrastructure Security Agency has advanced government/industry sharing of cyber intelligence, the need for greater sharing remains in 2023.

Naturally, the field of cyber intelligence was more nascent 10 years ago. At the time, Tom Conway, then-director of federal business development at FireEye, emphasized that organizations must look at cyber intelligence strategically and develop it as a tradecraft. When an intruder penetrates an organization, defenders must examine why the adversary chose their group, with analysts determining an “adversary’s shopping list.”  The community also called for “a guild” in cyber intelligence to help analysts determine what defenders do and how they do it.

"'Know thyself' is very important," said Lance Dubsky, the former chief information security officer for the National Geospatial-Intelligence Agency. Describing it as foundational, he added, "If you don't, you can't really do anything with the cyber intelligence you consume. You can't really consume, and you can't really act on that cyber intelligence."

Present-day cyber attacks have only gotten more sophisticated, automated and prevalent, with every sector and government entity facing persistent cyber threats, spurring the need for more cyber intelligence.

A decade ago, the field of defense intelligence saw the lines between domestic intelligence and foreign intelligence withering, impacting areas of operation and types of intelligence products. At the time, Rear Adm. Paul Becker, USN, director for intelligence (J-2), the Joint Staff, warned that the military needed to shift its traditional need for strategic intelligence at its center and operational intelligence at the edge of its force and instead move intelligence strategy to the edge.

He also warned that with China, U.S. decision-makers needed to understand that country’s strategy better, and that while the United States had a glut of information about China, analysts could not put it together effectively. Adm. Becker’s 2014 call for a new wave of great thinkers—such as those who parsed Soviet activities during the Cold War to produce a similar picture about China’s intentions—still is needed today.

Five years ago, leaders identified the four major challenges confronting the U.S. intelligence community as economics, crime, terrorism and technology, according to then-Director of National Intelligence Dan Coats. The growing demand for economic intelligence has national security applications, he said, also noting that the intelligence community needed to posture itself to face the problem of transnational organized crime. And while by 2018, groups such as ISIS had lost virtually all the territory they used to control, they mounted the ability to strike against Western assets. To combat all of these types of challenges, the intelligence community needed a more efficient collection and analysis cycle of intelligence to enable a revolutionary step forward, Coats said.

As was true five years ago, North Korea’s nuclear weapons and ballistic missiles continue to threaten the United States and all its allies in the Pacific region.

Moreover, the development of biological weapons under the guise of biomedical research, discussed by Coats in 2018, remains a dangerous and growing threat.