Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

For nine years, thinkers at NASA’s science mission has been inviting software coders and scientists to an annual hackathon aimed at helping out with real-world problems. The program is called Space Apps. This year’s there’s an early, extra edition of Space Apps aimed at, you guessed it, coronavirus. For some details, the acting deputy director of NASA’s Earth Science Division, Dr. Paula Bontempi, joined Federal Drive with Tom Temin.

Interview transcript:

Tom Temin: Dr. Bontempi, good to have you on.

Dr. Paula Bontempi: Thank you so much for having me.

Tom Temin: First of all, give us the big picture of Space Apps, how it all works normally.

Dr. Paula Bontempi: Oh, Space Apps. It is like rolling the most positive energy of groups across the world that want to tackle real world problems into a weekend of craziness. So NASA invites coders, scientists, storytellers, artists, engineering enthusiasts and tinkerers into a virtual hackathon that last 48 hours. We do this every year. It’s usually in October. And in that 48 ours, participants from around the world have virtual teams and they use physical teams and they use Earth observations and other resources of NASA’s to actually try and come up with solutions for those practical world challenges.

Tom Temin: And what are some examples of challenges in the past that you’ve tackled?

Dr. Paula Bontempi: Oh, coming up with a new art or marketing campaign for human exploration in our solar system and beyond cleaning debris and plastics from the world’s oceans, and many, many things like that.

Tom Temin: All right, so this year, normally, this takes place in the fall, but right now you have just launched one, a special Space Apps for COVID-19 and coronavirus. Tell us what’s going on.

Dr. Paula Bontempi: Right. So with our partners, the European Space Agency and the Japanese Aerospace Exploration Agency, ESA and JAXA, respectively, on the 30th and 31st of May, NASA will invite those same groups of space enthusiasts entrepreneurs, storytellers, etc, into a virtual hackathon. And those virtual teams will use Earth observation data from satellites and other resources that the agencies make free and open to the world to address and come up with solutions for issues that are related to the COVID-19 pandemic. And I know this is something that of course is affecting our global communities. So the challenges will have a range of studying the coronavirus and what causes it and it’s spread to actually the impact the virus is having on the earth itself.

Tom Temin: Yes. How can Earth observation data though, really help with something that you can’t see even down here on earth?

Dr. Paula Bontempi: Great question. So one of the things that Earth observation data can be used to address are things like before and after people started quarantining was there a change in something like air quality or water quality and this can be in your backyard, or it can be on a global scale. And one of the things that’s very advantageous of satellites and satellite observations of our Earth is that you not only can look at one area of our planet in a snapshot in space, but you can also look at what those changes are over time. And I call that exploring and the temporal dimension. And what that does is gives you a picture of what some property of the Earth on land in the ocean and the atmosphere for example, look like before the quarantine and after. And what that does, it gives you some insight into perhaps how human practices or just you know what’s going on in Earth’s environment can change and be managed for sustaining resources in the future.

Tom Temin: Well, that’s an angle I hadn’t heard. Is there evidence so far that some Earth observable or satellite observable Earth phenomena have changed as a result of something to do with coronavirus?

Dr. Paula Bontempi: Yes, sir. It is something I think all of the space agencies have been taking a close look at starting with things like air quality. And what’s happened as people shelter in place, there are pollutants in the atmosphere like nitrogen dioxide, for example, which comes from the burning of fossil fuels and things like power plants. And while the drop that we’ve seen from the levels in the atmosphere before the quarantine and after have been dramatic, the research is now underway to see if that’s attributable to something like a change in emissions, versus other things that affect nitrogen dioxide in the atmosphere, like weather patterns and what’s going on in tropospheric and stratospheric or the different levels of the atmosphere. So there are many things that can affect what’s going on in the earth. And we’re just trying to separate out and identify what those changes are related to what’s happening with the virus.

Tom Temin: And in this hackathon, this virtual hackathon that will occur at the end of the month, what is the incentive for people? Is there a challenge grant that they get or what happens?

Dr. Paula Bontempi: It’s a really good question. So we are finalizing the details of what we’re tentatively calling an award at the end. But one thing we really like to facilitate among the agencies is to see those winners of the different challenges actually have their proposed solutions and solutions phase transitioned or facilitated into operational use by managers and policy makers out there to better inform them. And so that is something I think all of the agencies feel very strongly about. Not that you just win the challenge, but that we actually adapt the winner solution space for some good use in the future.

Tom Temin: Because the example you gave is that there is an improvement in things less emissions, because people aren’t driving so much, presumably. So what might be solvable here? Because when this whole thing passes to some degree people are going to start driving again.

Dr. Paula Bontempi: Yes. And so it’s very important than, exactly. So it’s very important for the agencies and researchers to understand whether those changes in some aspects of the Earth are driven by, you know, human made practices, like commuting, as you alluded to, or whether they’re naturally driven and teasing those out what the drivers of those changes are for our Earth system. A part of what we want our hackathon participants to think about, right? What can we attribute to natural properties and what’s man need and how can that better inform management moving forward?

Tom Temin: Who knows maybe the virus consumes CO2 and produces oxygen.

Dr. Paula Bontempi: (Laughing) I’m not sure if that’s the case, but it’s quite possible that our clever people participating could identify or learn something about the virus and its spread, and how the environment is facilitating that spread using the space space data. I mean, the sky’s the limit.

Tom Temin: Sure, literally. And with respect to some of the people that are involved, I can understand coders and scientists, but you mentioned storytellers and people like that, artists. Sounds charming, but what can a storyteller do here?

Dr. Paula Bontempi: Oh, that’s a great question. Well, as you know, I mean this global pandemic is affecting everybody, right? And so the hackathon is usually people participate, whether they’re in like kindergarten, we’ve had some that young, straight through, you know, adults and professionals, and everybody has been affected by things like social isolation. And so one of the things we’ve been talking about is whether we can come up with a way or a challenge to allow everybody out there who can pick up a pen and draw a picture, for example, to express what the social isolation And what the hope of finding a solution actually means to them. And we’ve been talking about how to engage the broad community in a way like that, whether it’s through an essay or a piece of art that they create that allows them to express how they feel.

Tom Temin: Alright, then a final question then who decides who the prize winners or awardees or which ideas get chosen for further development?

Dr. Paula Bontempi: Good question. So each of the challenges will have subject matter experts from the agency and its partners, as well as judges who go through every single project that is submitted in response to a challenge and spend time talking about it and select the winners accordingly. And then we post those winners on our website. In the past for Space Apps, we’ve invited those winners to a launch at NASA and certainly we’re working out the details of how that might be possible moving forward with our partners ESA and JAXA.

Tom Temin: Dr. Paula Bontempi is Acting Deputy Director of NASA’s Earth Science Division. Thanks so much for joining me.

Dr. Paula Bontempi: Thank you so much for the opportunity and stay safe everyone.

Read more about the hackathon.

The government, led by the Defense Department, is working overtime to secure the federal supply chain that holds the nation’s sensitive data. That task will continue to become more complicated as technology develops, in and outside of the U.S.

“That’s a very difficult area to tackle … products become more and more global, developed across the globe by multinational companies. Systems have lots of third party software. Open source software is a revolving ingredient with custom software. Same on the hardware side. That’s really hard to understand the pedigree of any system you’re trying to play in your network.” said Chris Kubic, the former chief information security officer of the National Security Agency, on Agency in Focus: Intelligence Community.

For the government, especially in the intelligence community, this means a great deal of trust and teamwork across various components. Areas of the government outside of the Defense Department and IC have to therefore be sure to make cybersecurity a top priority and ensure they have the resources they need to remain constantly prepared for the worst and avoid mistakes that have lead to past breaches, like not applying a patch.

“There’s a tremendous amount of cooperation and coordination that goes on within those communities to share information to work towards improved security for their networks. And that’s important because of the tremendous amount of information that’s shared within the intelligence community that have that trust and confidence across all of the intelligence agency communities that you know,” said Kubic.

There is no magic silver bullet for cybersecurity—but coordination and discipline can make things a lot easier to manage.

The intelligence community lists cyber as the top threat the country faces globally, ranging from teenage hackers to nation states.

“When a nation state really pours its resources into trying to do harm to the United States and our allies, the results could be significant. We’ve certainly seen that with actions by North Korea, Iran, China and Russia, to name the four that are the most significant,” said Glenn Gerstell, general counsel for the National Security Agency, at an American Bar Association event.

To make things even more complicated, new technologies like artificial intelligence or machine learning, among others, are now becoming more mainstream. That means the government also has to focus on enacting policies to prepare for the effects of new technology — technologies that can be used for both good and bad.

The unknown that comes with these new technologies is a major worry for those in the intelligence community.

“We’re most worried about the fact that we are facing a completely unprecedented and I would say almost incomprehensible level of change in the technological world … just the whole onrush of technology … what some have called the fourth digital revolution. If we’re not already in it,  we’re on the cusp of it. It’s already about to wash over us.” said Gerstell.

Nearly five years ago, the Office of Personnel Management was hit with one of the largest data breaches in American history that exposed millions of records, including information about people who had undergone background checks. That breach is still looming over federal cyber efforts, including in the intelligence community.

Multiple individuals in leadership roles were vacated after the breach, including Katherine Archuleta, then director of OPM. There aren’t any publicly known consequences on record that resulted from using the stolen information, but the reputational damage is still being felt and similar risks remain.

“But just looking back, those risks still exists. The adversary that took the information still has that information and a lot of that information is permanent, unchanging information about 20 million individuals who are responsible for safeguarding America’s secrets. And so the threat and the challenge with those individuals are still very much ongoing,” said Sina Beaghley, a senior international/defense policy analyst with the RAND Corporation, on Agency in Focus: Intelligence Community.

With any breach, it is key to identify how it occurred and who are the responsible parties, which is yet to happen with the OPM breach.

Often times a breach can come from someone on the inside, much like the high-profile saga of Edward Snowden — an individual within the intelligence community that directly took data he had been granted access to.

A concept that got more traction after Snowden and other similar incidents was the idea of continuously monitoring individuals that have already received a clearance to ensure new risks have not emerged by collecting data outside of just what the government has collected and evaluating if the clearance is still appropriate.

“Continuous evaluation is getting all this data from these sort of sources that are available, that collect information about individuals and on a regular basis, kind of having this picture of the individual and seeing these red flags that come up not from just what the government can see on it’s own computer system,” Beaghley said.

Beaghley says the insider threats are not just about sensitive materials, there are physical risks as well. “But then there’s physical security, both of the information and of the individuals where we have had a number of scenarios where people have actually been physically harmed or killed because of actions taken by an insider who had access to them physically and no longer could be trusted. But the government didn’t detect that ahead of time.”

The government is beginning to recognize the convergence of physical and cybersecurity according to Beaghley. She cites the creation of the Defense Counterintelligence and Security Agency, which merges vetting of personnel with the need to protect critical technology, as an example.

Attacks make things more challenging for the intelligence community but serve as learning tools for the government as they continue to adapt in the mission of keeping sensitive information and the people that manage them safe.

The commercialization of space and the high volume of visual information now being collected has revolutionized geospatial intelligence. This means agencies like the National Geospatial-Intelligence Agency and the National Reconnaissance Office must find new ways to innovate, according to Jack O’Connor, a retired CIA and NGA executive who is now with the Krieger School at Johns Hopkins University.

Work is being done on computer algorithms that can interpret imagery similar to an analyst, and that is becoming increasingly important.

“The volume of information is such that it has made a different scarcity. Years ago, when space satellites were new, what was scarce was images. but now it’s the attention of the analysts that’s scarce,” O’Connor said on Agency in Focus: Intelligence Community. 

The NGA and NRO are focusing their efforts on gathering what visual information they can uniquely and buying the rest from commercial vendors. O’Connor says simply buying digital images is not enough, the agencies need to be able to quantify how valuable what they are purchasing will be for them.

“So the concept of interpretability used to be measured and then, for some reason about 10 years ago, they stopped measuring it. But there are other units of measure that would help socialize the concepts that NGA and the NRA are trying to do and also help the commercial vendors,” O’Connor said.

Some imagery can look good but lack value while others may not appear as technically sound but hold great value. Having common scales and terminology in the community would go a long way for innovation.

Despite all the innovation that has led up to now, many of the challenges of the past remain true. Especially human capital.

“Previous director of NGA Robert Cordero estimated that it would take more than a million analysts to look at what was coming down, and that was a few years ago. So there’s even more imagery being created now, and there are not government resource is for those kinds of investments in that number,” O’Connor said.

AI will play a key role in filling those gaps, but it is not the one-stop solution. The algorithms must also be held accountable for errors just like a person would be. This requires a sound auditing process with a clear unit of measure so issues can be identified and improved upon.

A combination of humans and smart algorithms is a balance all interested parties are chasing.

The intelligence community is adapting how it operates to catch up with an ever changing world that has made the hiring and retaining of talent increasingly difficult — but some of the challenges the IC faces are unique.

“We need to adjust what we mean when we say that if the norm is different today, then the criteria needs to be different. So there’s little things like that that the IC is slowly chipping away at,” said Richard Girven, director of the Cyber and Intelligence Policy Center at the Rand Corporation, on Agency in Focus: Intelligence Community.

From the outset, one major hurdle for joining the IC that other parts of government or the general working population do not face is the thorough security clearance process. Just to get inside many IC buildings requires a clearance. Girven said some of those criteria to acquire a clearance need to change. For example, one disqualifying factor can be financial debt because a bad actor can potentially use that as leverage to compromise an individual. This causes issues especially for students leaving college that want to enter the IC but are saddled with large sums of student debt.

“The average millennial has $45,000 in student debt. So the college educated population of millennials that the intelligence community might want to hire actually have more debt than their next-gen or baby boomer parents and grandparents,” said Girven, a retired Army officer that served multiple stints at the Defense Intelligence Agency.

The daily work environment is also not the most appealing. Being locked in windowless rooms for hours at a time while not being permitted to use your cellphone is not exactly a welcoming thought, especially for younger candidates who are accustomed to being constantly linked to the rest of the world.

“The environment could be challenging compared to a normal life if you have to lock up your cell phone and you can’t talk about your work and so forth,” Girven said.

So human capital officers must make sure candidates understand the importance of the work so they can look beyond that and be excited to tackle critical missions with cutting edge technological tools alongside some of the sharpest minds in government.

Though change takes time, especially in the government, human capital officers in the IC have for years understood they must be willing to adapt their recruitment strategies and are constantly doing just that. Things as simple as improving their web pages to be more dynamic and interactive so they can be better used as a resource, to cultivating a more direct pipelines for attracting students.

“Human capital officers have done a good job of outreach at educational institutions, both to market what it is that they do on the national security side and to recruit from the best populations of students,” Girven said.

At the same time, the IC still faces many of the same challenges other workplaces face, like improving diversity and inclusion in the workforce. Not only diversity in terms of demographics, but “diversity of ideas and diversity of thinking styles and diversity of work styles, so that you don’t get into a group think environment where everybody, not only do they look the same, they all think the same. That’s not helpful when you’re trying to solve really complex and very serious national security threat issues … but they’re taking steps to improve.”

The next part of the Trump administration’s ongoing security clearance modernization efforts will come soon in the form of three highly-anticipated policy directives.

These policy directives will kick off the next phase of the administration’s multi-faceted Trusted Workforce 2.0 initiative, which first began as an effort to resolve a sky-high security clearance backlog and has since evolved to overhaul a decades-old, governmentwide personnel vetting system.

First will come a national security presidential memorandum (NSPM), which instructs the director of National Intelligence, as the security executive agent, and the director of the Office of Personnel Management, as the suitability and credentialing executive agent, to take a variety of measures to modernize the suitability, credentialing and security clearance process.

The memo is finished, and ODNI is awaiting Trump’s signature, Brian Dunbar, assistant director of security for the agency’s National Counterintelligence and Security Center, said in an interview with Federal News Network.

“It’s an endorsement on the part of the president that this is needed,” he said. “That, to my understanding, is at the White House now, available for the president’s signature. I understand that his signature and issuance of that NSPM is imminent.”

Next, the security executive agent and the suitability and credentialing executive agent will issue an executive correspondence, which will direct agencies to stop conducting periodic reinvestigations of their clearance holders and move toward continuous vetting capabilities.

“It will provide departments and agencies authority to adopt an interim vetting process, to replace PRs, and continue to apply investigative reductions measures, which were approved in prior executive correspondences,” Dunbar said.

ODNI and OPM issued an executive correspondence back in June 2018, which described 15 measures that agencies could take to speed up the security clearance process.

Those measures are, in large part, how the National Background Investigations Bureau — now the Defense Counterintelligence and Security Agency — managed to dramatically slash its inventory of pending security clearances in about a year.

As of last week, the current backlog sits at 272,000 pending cases, Dunbar said.

Now with this forthcoming executive correspondence, those measures will be permanent, and agencies will receive specific instructions on how to begin using continuous vetting capabilities.

“There are going to be departments and agencies who have fairly robust continuous vetting programs,” Dunbar said. “Those will be, for example, [intelligence community] organizations. The Department of Defense is in a good place. There are other departments and agencies that aren’t there yet. They will need to continue to conduct investigations until such time that they’re ready from a continuous vetting capability.”

Third, the executive agents will release a “federal core vetting doctrine,” which will describe the main principles behind governmentwide vetting policy and practices.

These three policy directives, Dunbar said, will come out in quick succession one after the other.

Once these new policies are live, the ODNI will issue new sets of adjudicative guidelines and investigative standards. Subject matter experts have been developing these standards and guidelines, which ODNI anticipates will be released next year.

These standards will describe how all agencies will establish trust with employees and contractors. Every agency will uniformly apply the same standards to grant security clearances, which, as industry has bemoaned for years now, is far from the current reality.

Getting all agencies up to speed on a series of new investigative standards will, from the ODNI’s perspective, be a heavy lift.

“This is such a massive cultural change that we’re going to have to, from an enterprise standpoint, do a lot of training on how you apply these new standards and these guidelines in the future,” Dunbar said.

‘1-3-5’ Trusted Workforce model

The administration’s efforts to overhaul the suitability, credentialing and security clearance system started in earnest last March, when the ODNI several brainstorm sessions with agencies, industry and other organizations and thought leaders.

What emerged from those discussions is what the ODNI is calling its “1-3-5 model,” Dunbar said.

The model outlines one governmentwide personnel system, three background investigative tiers and five “vetting scenarios.”

First, the goal is to establish a single personnel vetting system that’s designed with mobility in mind, Dunbar said.

“Traditionally the national security vetting and the suitability and credentialing vetting had been rather stove-piped,” he said. “This new model aligns those two, what had been disparate vetting activities, into one.”

In addition, the ODNI is planning to cut the number of background investigative tiers from five to three.

In the future, tier one will encompass “low risk” cases, Dunbar said. Tier two will include “moderate risk” or secret security clearance cases. And tier three will consist of high risk or top secret clearances.

“This will … speed up the process, reduce the complexity that exists with the current five investigative tiers, eliminate repetitive checks that exist in the system now and enable us to use our resources better,” Dunbar said of the investigative tier consolidation.

And perhaps the biggest change will come in how government will establish trust with an individual and continuously evaluate that person’s trust over a period of time through five unique “vetting scenarios.”

• Initial vetting: will establish a baseline of trust with an individual who is just joining government or applying for a security clearance. It’ll turn “outsiders into insiders,” Dunbar said.
• Continuous vetting: will replace the traditional five-or-ten-year periodic reinvestigations with a model that constantly identifies and flags risks for a trusted insider.
• Upgrading an individual’s level of vetting: will be commensurate with an employee or contractor’s move to a position with higher-level risk.
• Reestablishing trust: will restore trust with an individual who has a break in service and hasn’t been subject to continuous vetting.
• Transfer of trust: will allow a trusted individual to take his or her security clearance with him from one agency to another.

The goal is to give both employees and contractors more flexibility to move around government — and in and out of the private sector, ODNI said.

Every year the National Security Agency conducts its Codebreaker Challenge. The exercise aims to encourage students interested in cybersecurity to apply their talents in service of national security.

Students must register for the challenge by going to the website the NSA has set up, and then after reviewing some background material about the scenario of the year’s challenge, they begin working on a series of tasks that get progressively harder as they go along. “The final task is usually something that would be challenging to an existing expert in the field,” said Eric Bryant, a technical director in the crypto-analysis organization at the NSA, on Agency in Focus: Intelligence Community.

Bryant and his team created the concept in 2013 as a way to communicate with academic institutions on areas the agency felt was important to include in their curriculum and as “a way to showcase some of the real world challenges the NSA was facing and be able to launch it out there nationwide for students across the spectrum to able to test their talents,” said Kathy Hudson, senior strategist for academic engagement.

The agency is well into this year’s challenge which revolves around a secure messaging app that runs on Android. Students are working toward building a couple of different capabilities. “One is to be able to masquerade as the terrorists that are using this application. Another is to be able to send spoof messages. And then ultimately, the final task is to break all of the encryption,” Bryant explained.

The agency has academic liaisons that are assigned to specific schools working to assist departments in shaping curriculum and articulating other things the NSA wants the institutions to know, like hiring requirements and program deadlines. The agency has built strong relationships with many schools so it has become easier over time to spread the word about the challenge. “We’ve had longstanding relationships with many, many of the schools, and so they are eagerly anticipating code breaker … Eric gets all kind of fan mail. When’s it coming? Can you give us a hint about what it’s gonna be this year? So if it has really built up a fan club of its own. So that’s great, because it grows on itself that way,” Hudson said.

The NSA makes the early stages of the challenge accessible enough so that those that may not necessarily have cybersecuirty experience can use it as a learning opportunity. But as students get deep into the challenge, the agency will reach out to them to encourage them to keep up their hard work. Typically less than 1% of students are able to solve all the tasks. “If you look at the leaderboard on the site, you’ll see a kind of a steady drop-off in terms of the number of solutions as the tasks get more and more complex. But as you know, as students get far in the challenge, that’s where we’ll have direct outreach to those students … encouraging that you keep up the good work,” Bryant said.

Beyond encouragement, the students that are identified as excelling in the challenge are also given more information about potential job opportunities and how to go about applying for them. Though he didn’t have the exact figures, Bryant said quite a few students, specifically the ones that made it far into the challenge, over the years have entered the agency and that number has continued to grow steadily. “I think one of the things that code breaker helps highlight in these applicants is really two different dimensions. One is, of course, just raw talent … but also it’s a large time commitment to work on this … in addition to the regular school duties …  it also shows a genuine interest in the topic matter. And I think those two things combined are pretty powerful,” Bryant said.

Beyond just being capable, a big hurdle for entering the NSA is the security clearance process. Hudson says the best thing for students that are really interested in making a career in cybersecurity with the agency is to do research on what it entails and prepare themselves to make the right decisions. “I think it’s always good for students to go look to see, to make sure, ‘Hey, I’m making good decisions on behaving smartly.’ Maybe if they haven’t to date, because we were all in college at one time and enjoying our schoolwork as well enjoying life, it is great for them to say or be thinking, ‘Huh, maybe I need to make a couple changes so that I can ensure that I can process for a clearance,'” Hudson said.

Sen. Mark Warner (D-Va.) is not happy with how the intelligence community is being treated. The vice chairman of the Senate Intelligence Committee said inappropriate political pressures are taking their toll on morale, though thus far the IC is holding firm in resisting them.

“Being the local guy, I hear from members of the community, I hear from recently retired members of the community on a regular basis, and they say that they do feel under assault,” Warner said on Agency in Focus: Intelligence Community. “I’ve not seen to date any evidence that anyone has bowed down to that pressure or that there’s been any attempt to cook the books. And for that, I’m grateful for people like Gina Haspel with the CIA and Gen. [Paul] Nakasone at [the National Security Agency]. … There’s a number of good folks who I think are doing a good job protecting the people.”

Unfortunately, Warner said, the ones above those people don’t appear to fully appreciate the work of the intelligence community.

“The intelligence community has been under this administration, unfortunately, the victim of a lot of abuse. A lot of disrespect,” Warner said. “I’ve never heard a president be so cavalier about the product of the intelligence community, and for that matter not having, I think, the appropriate respect for the men and women who keep our nation safe. They do it in a different way than perhaps our folks in uniform. But they absolutely put their lives on the line, many of them on a regular basis, keeping our nation safe.”

But the current political maelstrom swirling around the intelligence community is not the only challenge it faces. The security clearance process has been taking too long, making it difficult for the IC to attract new talent and onboard them in anything resembling a reasonable amount of time.

“When the clearance backlog had got to 740,000, when new CIA agents were waiting two years to get a security clearance, when contractors would move from one [Department of Homeland Security] contract to another and have to wait over 100 days — even though it’s within the same agency — to get their clearances renewed for another contract, that is both inefficient, and makes us less secure as a nation,” Warner said.

Now the backlog is down to around 300,000, thanks to a new embrace of technology and a concerted effort to hire more investigators. But Warner wants to go even further to make the system work better for the IC and its employees. Toward that end, Warner said there’s a few provisions in the intelligence authorization bills that he hopes will be passed.

“We’ve put in place an ability to say we should do what’s called continuous evaluation, so that you don’t simply review somebody secure again every five years regardless. You do it on a more ongoing basis, and you put the more folks in higher priority positions to get more scrutiny than ones that maybe in other positions. And then we’re working towards — this is really important – reciprocity,” Warner said. “So that if you get a DHS clearance for the most part, maybe that should also work at the NSA or that should work at [the National Reconnaissance Office]. There are obviously certain areas where a higher level of clearance will be required. There may not be full reciprocity, but the notion that we have each of these agencies and departments having slightly different sets of security criteria is really a 20th century mindset and way old school and, frankly, some of the things that are still happening where you still got retired FBI agents literally traveling to another jurisdiction to check the college records or to check the then the legal records to make somebody’s sure nobody’s been arrested. I mean, we should be able to do that much more efficiently online than kind of the old school way that we go through this process.”

Artificial intelligence is a concept that seems tailor-made for the intelligence community. The ability to sort through massive amounts of data, seeking out patterns large and small, anomalies that warrant further investigation, that’s what intelligence analysts do already. Imagine what they could achieve when augmented by AI?

But it’s not as simple as just adopting it. Dean Souleles, chief technology advisor for the Office of the Director of National Intelligence, said on Agency in Focus – Intelligence Community that the IC is working now to lay the foundation for adopting AI.

“You cannot build a house without a solid foundation. The foundation of AI is data and computational technology,” Souleles said. “The intelligence community has spent much of the last decade on a program we call ICITE, the information technology enterprise of the IC. And that’s been about modernizing the technology infrastructure. And that is about getting cloud technology throughout the community, making basic computational capability available to our technologists just as it is in the private sector. But that’s not good enough, because the new era of computation requires sophisticated kinds of computing. We talk about GPUs, graphical processing units, or tensor processing units (TPUs), or neuromorphic chips or field programmable gate arrays, or any of the wide variety of things that are the specialized computation that enable AI computation. And we need to make the investments in those things.”

But raw technology is not all the IC needs to take advantage of AI.

“Second, we need to make an investment in data. And not the way most people think. It’s not about acquiring more and more data,” Souleles said. “It’s acquiring the right data and having it properly prepared for machine learning. So the reason you can do image classification is that Stanford, Princeton and others created a network, a database called imagenet. It’s got 14 million images in it, classified by people into 200,000 categories of things. That’s training data, curated training data. Well, most intelligence data is not that. It is lots and lots of raw data.”

Instead, intelligence data looks more like hours upon hours of drone footage. And in those hours and hours, there may be only a couple of minutes worth that is significant, like a car approaching a checkpoint, for example, or certain people congregating. Watching that data and noting which parts are or aren’t interesting is called “tagging” the data.

But there’s a manpower issue here too: there just aren’t enough analysts to develop a thorough library of tagged data to train AI, at least for intelligence analysis.

“How many images do you think Google has of cats? Lots and lots and lots, right? How many images do you think we have of missile launchers from space? That are high quality? Certainly not tens of millions,” Souleles said. “And that is the challenge. If you don’t have enough data to train your algorithm, they call it low shot learning in AI, which means you don’t have what would be sufficient data to train an algorithm. You need ways to do that. So that’s areas we’re investing in: low shot learning, or one shot learning, or zero shot learning, where we have no data, which means we might have to create synthetic data to train an algorithm. Those are all rich areas for exploration.”

And then there’s the matter of training the workforce. That’s not limited to reskilling or upskilling, though those are certainly part of it. There’s also training the workforce, not to mention leadership, in exactly what AI can and — more importantly — can’t do.

“So AI as it exists today is narrow, it can do very specific small things. What it can’t do is anything people think it can do: it can’t replace human cognition in any significant way,” Souleles said. “It doesn’t have judgment. It doesn’t think. As I’ve said before, it’s easily fooled. I like to say that most trivial biological intelligence runs rings around the most sophisticated artificial intelligence today.”

That means ensuring leadership doesn’t get caught up in the hype and start looking at AI as a get out of jail free card.

It also means training people to understand bias when working with AI. Most people think of bias as a terrible thing, skewing data, and thereby an AI’s decisions, against a certain group of people. But Souleles said bias is inherent in all data, because someone has to choose what data to use to train the AI. Understanding that bias is the key.

“For intelligence purposes, I’m interested in bias because I want to know how the data is biased so that I know where I can use it. And more importantly, where I can’t use it,” he said. So for example, “if I train my full motion video to look at checkpoints over the desert, I should not expect that it will work in checkpoints over the jungle. They’re different areas, the bias is towards the desert, right? So that kind of bias, we just need to understand so that we use it for appropriate purposes. I like to think of it as on-label and off-label use. Don’t use AI for off-label use. If you don’t understand what it’s intended to do, don’t use it for that thing.”

At a time when we are watching an impeachment case unfold, we again are wrestling with the question of who is a whistleblower and who is not. You might think it’s a matter of one’s perspective, but Eric Feldman, one of the signatories to a letter penned by a group of former intelligence community inspectors general, said on Agency in Focus: Intelligence Community that following procedure, projecting integrity, and telling the truth are keys to making that determination.

“In my view, Snowden was not a whistleblower because if he, in fact, wanted to share information about what he believed to be inappropriate activity on the part of intelligence professionals at the NSA. He could have availed himself of that whistleblower protection by going to the NSA inspector general who would have kept classified information in appropriate channels and would not have put our national security at risk.”

Feldman is the former IG of the National Reconnaissance Office. His perspective on whistleblowing was formed early in his career at the Defense Intelligence Agency. When reviewing details involving use of a U.S. aircraft overseas, he determined it was not being used for its intended purposes. In testimony in front of the Senate intelligence committee, he provided the facts as they were. But for some, his report was not appreciated.

“Before I even got back to my office, I was summoned into the director’s office and read the riot act and asked, ‘What did you tell them?’ in a rather threatening voice. When three star generals speak loudly at you, you tend to listen,” Feldman said.

“My answer was, I told them the truth. What else would you suggest I should have done?” Feldman said his answer completely diffused the situation. “When it comes down to it,” Feldman continued, “either you’re gonna tell the truth to the oversight committees that have a right to the truth, or you’re going to lie. And there really is not much gray area in between.”

Outside the intelligence community, a person who identifies as a whistleblower has protections from retaliation under various statutes. In the intelligence community, Feldman said it’s even more critical to protect whistleblowers, while protecting national security.

“In the intelligence community we want to encourage people who have concerns to go within the process that’s been established to protect our information and protect our national security.”

Feldman explained how it works. After receiving a report, the inspector general has 14 days to determine if the concern falls within the definitions in the statute of being urgent and credible. If it does, it must be passed along to the head of the agency who has seven days to transmit it to the chairman and ranking member of both oversight committees. That is the agency’s only role.

In recent days, a whistleblower complaint centering on President Donald Trump and his interactions with Ukraine has created a lot of tension in the administration. The intelligence community’s inspector general, Michael Atkinson, deemed the complaint an “urgent concern” that by law required his agency to pass along the information to the congressional intelligence committees. But Acting Director of National Intelligence Joseph Maguire refused to do so on advice from the Justice Department. The move sparked the impeachment inquiry.

Critics of the current impeachment inquiry contend the anonymous whistleblower didn’t have first-hand knowledge of President Trump’s phone call with the Ukrainian president, because he was not on the phone. Feldman said there is a lot of misinformation swirling about the case and the process.

“That is a huge fallacy about what whistleblowers are all about. You need whistleblowers who have knowledge of a concern, suspect something is going on, maybe have heard from others that there is something going on, and you want them to raise that issue within the classified channels and have the appropriate people investigate to determine whether or not they believe it is true.“

Another matter of concern, according to Feldman, is the identity of the whistleblower. “We cannot in any way, shape or form compromise the anonymity of a whistleblower who has requested anonymity, or else we will never get people to come forward. That is absolutely critical to the process.”

Trust and integrity start at the top, according to Feldman. “I have been in situations where the tone at the top is so mission-driven that the message being sent to the workforce is we’re going to achieve this mission no matter what we have to do. And, in those kinds of environments, it’s very difficult to get the hearts and minds of employees thinking that they need to protect the organization when they’re being pressured from a performance perspective to get things done no matter what.”

Feldman said the message of the former intelligence IG community wanted to make was the importance of trusting the process. “If there’s no credibility in either the process or those who we entrust to execute that process … then you’re going to increase the risk of having another Edward Snowden. That’s why within the IG intelligence community as a whole, having inspectors general and staff who are of high integrity, well-trained and know their jobs and are objective in doing the work that they do is critical to encourage people to come up and say, ‘Hey, this just isn’t right.’”

Redefining space as a warfighting domain made waves throughout the defense community as they began thinking about defending assets in space. Maj. Gen. John Shaw, deputy commander for Air Force Space Command, called the creation of Space Command a “tectonic shift.” Now the aftershocks of that shift are being felt in the intelligence community as analysts have to reconsider space’s role in intelligence gathering.

“When you think of space and intelligence together, you might be like me: I spent my career thinking about intelligence collection in space coming down to the Earth, intelligence from space,” Shaw said on Agency in Focus: Intelligence Community. “We need to think really, really hard now about intelligence for space. Where is that intelligence expertise that processes the capabilities? We have to understand what’s actually happening in the space environment.”

Shaw said the intelligence support the new command will require is a major priority for Gen. Jay Raymond, leader of Air Force Space Command. And it’s not just about the organizations that will provide the intelligence, but about the capabilities they can field. Those capabilities will need to be developed to protect and defend assets in space.

“Space is critical to modern warfare and to modern society and only increasingly so in so many different ways. And yet, it is perceived by potential adversaries to be vulnerable,” Shaw said Sept. 5 at the Intelligence and National Security Summit. “And so it is only logical and we should not be surprised that therefore our space capabilities would be threatened and that potential adversaries would develop capabilities to threaten those our space capabilities that are so critical. So the big tectonic shift that we’ve been facing, really, within the national security arena, but more focused at Air Force Space Command, is how do we make this shift to space as a warfighting domain?”

One thing Shaw said will have to happen is that the intelligence community will have to grow intelligence professionals specifically for the space domain. And then those individuals will have to support operational and foundational intelligence for the potential of warfare extending to space.

But Shaw was careful to emphasize that these professionals should be focused on intelligence “for space,” rather than “from space.”

Because space and intelligence are already inextricably linked. Satellites provide a huge amount of intelligence that analysts pore through day after day. And with commercial interests also entering the domain in a significant way, the amount of data coming from space is only going to increase.

“It’s a big data problem to understand what is going on within the space domain as well. Turns out space is pretty big. It’s huge. It’s only getting bigger in many senses, both from a cosmological as well as a policy [perspective],” Shaw said. “So how do we make sure that we’re harnessing all of the capabilities to understand and attack that problem?”

Stacey Dixon, deputy director of the National Geospatial-Intelligence Agency, has some thoughts on that.

“All of the potential information that will be accessible on demand anywhere around the world is very exciting,” Dixon said. “The creativity that’s going to be needed to create the tools that are going to be able to allow us to use this information to be able to store it more efficiently, those are the things that are a little more daunting.”

For one thing, it’s going to require machine learning and artificial intelligence, Dixon said. It’s just not possible to expand the number of people necessary to sort through and analyze that many data points. Those people, instead, need to be focused on creative, critical thinking tasks, leaving the routine and repetitive work, like analysis of every individual pixel in every photo, to machines.

But allies will also become more important as well. Right now, she said, there are about 70 countries with intelligence sharing agreements. Most of those agreements are bilateral.

“But more importantly, I think multilateral agreements are growing so that people in various countries in various regions are coming together, pooling data, and allowing the region itself to really benefit from the knowledge the individual countries are creating. So that part’s looking great,” Dixon said. “I’m thankful that there are many companies who are looking at the standards that are out there to be able to create systems and products that will fit in  infrastructures and architectures that already exist. The danger in having so many different vendors is that these things will not work together. And we absolutely need them to be able to work together and to be able to ingest in systems that exist now and make systems that are able to exist in the future.”

Plenty of colleges have popular cybersecurity courses for young students looking to find a career, but even employees who don’t work in IT need to have knowledge of basic cybersecurity principles these days. There aren’t many such educational resources for people not looking to go into the cyber field, or who are already in the workforce.

That’s where the National Security Agency comes in.

They worked with Penn State University, as part of a broader initiative from the Department of Homeland Security, to develop a free online course to educate people on cybersecurity operations, law and policy.

“The NSA asked us to design a law course about cyber operations that can be taught to non lawyers, and really no requirement of any technical background or expertise,” Ann Toomey McKenna, a professor at Penn State’s Institute for CyberScience and one of the three professors who wrote the course, said on Agency in Focus: Intelligence Community. “They wanted a course that can be designed to be taught as a whole comprehensively, or in modules; smaller units of the course could be taken and taught independently. So in a very unusual way we went about this and we created a course designed to be taught in whole or part, and designed to be taught by anyone who might be interested.”

Toomey said you don’t have to be a professor, or even a cybersecurity, legal or policy expert to teach this course. Anyone from educators to federal employees to private sector managers can use the materials provided and educate others about this topic.

The course is offered for free through the Clark Center, operated by Towson University in Maryland. And Toomey’s isn’t the only course offered there; there’s a whole range of cybersecurity offerings as part of this program.

The course starts with a quick, introductory overview of how the U.S. government and legal system operate, so that everyone understands the legal framework around cyber operations and cybersecurity.

“I think folks need to be aware when they’re engaged in something that involves U.S. law, when are they engaged in something that could be considered a problem under the Computer Fraud and Abuse Act? When are we engaged in operations that implicate national security?” Toomey said.

“And then really the final module is where we get into cyber operations, and that’s sort of the meat of this from the standpoint of what we consider today an offensive operation and defensive operations,” Toomey said. “And we did it through sort of a cyber threat response framework, where we looked at operations by and against private actors, and how our domestic law comes into play and that intersection with international law and international norms in cyber operations. And then we really went through the international right to conduct cyber operations. And one thing we did to keep students engaged is use real-world case examples. So we talked about Estonia, we talked about different situations that folks can look at and read about in real news articles and think ‘okay, here’s how this played out. Here’s how the law works.’ And here’s how we intersect that technology, domestic law and national security.”

China and Russia, the U.S.’s closest military competitors, both have said that leveraging data is the key to military dominance in the near future. Defense Intelligence Agency Director Lt. Gen. Robert Ashley said 2.5 quintillion bytes of data get generated each day, and it’s increasingly a part of our lives that can’t be compartmentalized. Smart houses, cities, infrastructure, industrial components, even personal lives and more rely on data.

“Where is that data going? Who’s controlling it?” Ashley said August 19 at the Department of Defense Intelligence Information System Worldwide conference. “So it’s not just about the Internet of Things. For consumers, it’s other risks that lie out there in data and our inability to leverage it. Terrorist networks, misinformation, deep fakes, confusion, distrust in institutions. Then what’s our job as a combat support agency? We have to supply the war fighters with information that is accurate and that is trusted in an environment where misinformation exists.”

It’s commonly portrayed as a question of speed: whoever can make decisions fastest wins. But Ashley said it’s more nuanced than that. The Defense Department can operate at speed, he said. The problem is operating at scale.

“I could come up with a unique capability for a battalion, a brigade, where they can operate at speed within that brigade,” Ashley said on Agency in Focus: Intelligence Community. “But can they talk to every other brigade? Can they talk to other services, can they talk to other nations? I don’t know that we have as much a speed problem as we have a scale problem, and buried within that scale problem is the challenge of interoperability.”

Ashley said DIA has been dealing with large, complex datasets for decades. That’s not a problem either. The problem is that they’re not all in the same place, and don’t talk to each other.

“We’ve got to figure out how we aggregate information together and it gets back to the core of why this agency exists, is to provide foundational intelligence on four militaries and the operational environment,” Ashley said. “And since it is football season, my rough analogy is this is the scouting report on the team we’re going to play, and we update the scouting report every single day. Not only that, we’re going to tell you the good restaurants to go to, where to avoid traffic as we tell you about the operational environment.”

DIA is already working on a baseline for this with its Machine-Assisted Analytic Rapid-Repository System, or MARS. Unlike the Modern Integrated Database, MARS is a dynamic information environment that replicates a virtual model of adversaries and competitors.

“So think about the Arab spring. This is kind of where big data comes in,” Ashley said. “What was taking place in the northern tiers of Africa? The communication was taking place. The revolutionary conversations, the protests, everything was involving the conditions. And the IC saw those conditions. But from an indications warning standpoint, we didn’t necessarily see the when. When this was going to all kick off.”

But the data isn’t a panacea; it has to be paired with humans that teach algorithms to interpret the data correctly.

“But with all the data, all the stuff that comes out there is also a big piece of this that speaks to traditional analysis and good tradecraft, because you can’t just say the box told me the following and so we’re already working our way through that,” Ashley said. “[We’re] building analytic data teams, where we take a tool developer, a methodologist, an all-source analyst and a data scientist and we kluged them together. [We] Look at how we deal with information and then we train those algorithms with good tradecraft, where I can tell you I have a high probability – because of the way I’ve trained that algorithm – that what I am telling you is accurate.”

Bender discussed where the Air Force is headed to accommodate the 21^st networked century, and how the company is helping it get there.

“There’s a mismatch between the Air Force we built for a different time and the world we’re living in today.” He says the Air Force’s challenge is fully achieving what it calls mission domain command and control. Operations increasingly occur in cyberspace, as do logistics and other support functions. Put another way, the world in which the Air Force operates is a software-defined one, Bender says.

It all means the Air Force must develop the right networked applications to be agile and adaptive, and using data and analytics to support warfighting objectives. At the same time, it must build assurance in the security of its digital assets. And it must operate ever more efficiently, in part by applying analytics and modeling to how it conducts the “tail” activities that support the “tooth.”

Like the enterprises it aims to support, the Small Business Administration is attempting to modernize and innovate.

Since 1953 the agency has offered capital, contracting expertise and other forms of advocacy to small businesses. But in the last few years it’s also looked at using digital services and digital technology solutions.

“Mostly digital products — we’re starting to use an awful lot of software as a service solution. [A bit of it is still infrastructure as a service and we do still have some of our legacy systems that are built on on-premise servers,” Nagesh Rao, director of Business Technology Solutions in SBA’s Office of the Chief Information Officer, said on Federal Monthly Insights — A New Approach in IT Modernization. “But our goal over the last few years has really been to push as much as possible to a cloud-based solution as possible, and using over-the-shelf technology to make sure the solutions happen, whether it’s for [customer relationship management] and use of dynamics, or our web development projects that are built in Drupal, whatever it may be.”

Rao said the private sector has done well to iterate extensively in software development, and therefore it makes no sense for SBA to custom code. The value proposition, he said, is to just take that, augment it and tweak it to the needs of the agency’s customers.

For his office, moving away from legacy systems means data curation and migration in a two-pronged process. That includes the technology itself, and managing people’s expectations to change the way SBA deals with its workforce.

“It takes time, you have to work with pilots and in little bits at a time, and … make those changes happen … start to turn off servers and migrate the data into a cloud-based server, and make better use of the technology that is curating that data better, whether it’s an [Amazon Web Services] or Azure cloud environment, and using the tools that are built around those cloud environments,” he said on Federal Drive with Tom Temin.

Rao said his office has looked at best practices across federal agencies, from federal CIO councils to the app rationalization playbook; he said SBA has been making its own version. He also said it’s worth asking whether data that is as old as 10 or 15 years is even worth migrating to the cloud. While he did not give an estimate for how much of SBA’s data is already in the cloud, Rao did say that his team spent the summer moving everything it had into SharePoint’s cloud-based version.

“The thing that we still have to work on, though, is the rest of our agency program offices. Some are situated through us, and some have their own IT workforce. And so we’re in the process of leading  the charge forward so that everyone universally falls in alignment with our vision, and we’re getting there, but … you got to have the little ones to get the big one,” he said.

Looking ahead at the next one to two years, his modernization objective is solidifying the fundamentals. His office is working on enterprise customer relationship management system along with a case management system, that the agency can use overall, and “really working towards the customer journey from a 360 perspective,” he said.