Monday, October 12, 2009

Hardening of the Arteries

The National Security Agency seems to have won its turf war with the Department of Homeland Security over control of the nation's cyber security efforts.

Lt. Gen. Keith B. Alexander is the director of the National Security Agency, the largest intelligence agency in the government, and with little public fanfare he has been setting up the central nervous system in the government's new campaign to defend cyberspace. The agency historically has not been a front-line guardian of civilian government networks, much less the systems that run privately owned electrical plants, dams and financial systems. But that is changing. Recently, Homeland Security Secretary Janet Napolitano said NSA will provide DHS with "technical assistance" as it carries out its statutory mission to defend civilian networks and coordinate private sector protection.

Homeland Security, with its much smaller and less experienced cyber staff, will depend on Alexander and his crew for the tools, expertise and resources to do the job. "That is the structure of the cyber policy plan that the president announced," Napolitano recently told Wired magazine's Danger Room blog.

Meanwhile, what of the "Cyber Czar" that was supposed to be a part of the administration's plan? The President can't find anyone to take the job, coming as it does with awesome responsibilities and no power whatsoever. (At least Bush found someone to be his Czar, though s'far as I can tell the man didn't actually accomplish anything.)

Despite one government inititive or another, little or nothing has actually been done on the cyber security front in the last twenty years or so. Nothing may continue to be accomplished, but if it's the super-secretive NSA that is doing nothing, at least we won't find out about it.

Meanwhile, the arteries are turning sclerotic again in the intelligence community. The Director of National Intelligence has ordered the shutdown of two online tools used to share intelligence between agencies and civilians.

uGov, an e-mail platform that could be used by analysts throughout the intelligence community, was “one of its earliest efforts at cross-agency collaboration,” Marc Ambinder over at The Atlantic notes. uGov “will be shut down because of security concerns, government officials said.”

(Instead of acting to improve security on this platform, they're just making it impossible for analysts from one agency to consult with analysts from another agency. Brilliant!)

[This] follows reports that another popular analytic platform called “Bridge,” which allows analysts with security clearances to collaborate with people outside the government who have relevant expertise but no clearances, is being killed.

As Michael Tanji put it:

The importance of things like uGov and BRIDGE cannot be understated. New analysts who use tools like Chirp (the IC’s version of Twitter) and Intellipedia are always surprised to hear me talk about how back in the day, if you wanted to collaborate with your peers in another agency, you had to run a deception operation against your own boss. Working with anyone outside your agency was considered disloyal. Working with someone outside the community just wasn’t done (at least not at the functional level in any meaningful way). uGov gave functionality and (more importantly) legitimacy to the idea of working together, whether driven by your own initiative or real-world events . . .

Looking after your agency’s parochial interests is still the fastest and easiest way to get ahead. Buying monster technology solutions from the usual suspects - usually to the detriment of the mission - is easier than going lightweight and cheap (if not free). Working on “joint” projects is still something relegated to ‘those who can be spared’ or those intrepid few who accept that collaboration means disobeying orders.

The most common catastrophic intelligence failures--- Pearl Harbor and 9/11 among them--- were enhanced (if not actually caused) by a failure of agencies to share intelligence. After a brave few years of successful experimentation, the intelligence arteries are hardening again. I hope it doesn't take another catastrophe to wake the government up to the fact that the Group Mind is superior to the Closed Mind.

Labels: , , ,

3 Comments:

Blogger halojones-fan said...

Prove that Twitter is secure against (some attack scenario I just thought up.)

You can't? No Twitter, then.

And note that there is an extremely high standard of security, here. We're talking about people who consider Van Eck phreaking not only plausible, but a basic procedure.

4:13 PM  
Blogger john_appel said...

According to Marc Ambinder of the Atlantic today, uGov got a six month reprieve while the DNI reviews things.

4:33 PM  
Blogger dubjay said...

Well, yeah. You don't want to start loading classified documents onto anything connected to the net. But polling people, particularly experts, particularly experts with access to their own data, what they think of certain events or contingencies, seems to be a worthwhile thing to do.

10:42 PM  

Post a Comment

<< Home