Intelligence Community – Federal News Network https://federalnewsnetwork.com Helping feds meet their mission. Wed, 29 Jun 2022 22:29:18 +0000 en-US hourly 1 https://federalnewsnetwork.com/wp-content/uploads/2017/12/cropped-icon-512x512-1-60x60.png Intelligence Community – Federal News Network https://federalnewsnetwork.com 32 32 New clearance ideas aim to make national security workforce more mobile, diverse https://federalnewsnetwork.com/inside-ic/2022/06/new-clearance-ideas-aim-to-make-national-security-workforce-more-mobile-diverse/ https://federalnewsnetwork.com/inside-ic/2022/06/new-clearance-ideas-aim-to-make-national-security-workforce-more-mobile-diverse/#respond Wed, 29 Jun 2022 20:41:40 +0000 https://federalnewsnetwork.com/?p=4128718 var config_4128539 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/podone.noxsolutions.com\/media\/2252\/episodes\/062922_InsideTheIC_FullEpisode_Mixdown_6ld5.mp3"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/02\/183879-image-1644619204-150x150.jpg","title":"Why it can be a challenge to move highly cleared people around","description":"[hbidcpodcast podcastid='4128539']nnIf the governmentwide \u201cTrusted Workforce 2.0\u201d initiative is a once-in-a-generation chance to modernize and streamline the personnel vetting process, then the Intelligence and National Security Alliance isn\u2019t sitting on the sidelines.nnPersonnel vetting reform is one of the <a href="https:\/\/federalnewsnetwork.com\/defense-news\/2022\/03\/omb-sees-2022-as-most-significant-year-for-security-clearance-reform\/">White House\u2019s<\/a> <a href="https:\/\/www.performance.gov\/trusted-workforce\/">top performance initiatives,<\/a> with published strategies and action plans. And agencies have already made strides in <a href="https:\/\/federalnewsnetwork.com\/inside-ic\/2022\/06\/lead-agency-for-security-clearance-reform-expands-continuous-vetting\/">adopting continuous vetting<\/a> and speeding up the background investigations process in recent years.nnBut INSA is continuing to offer new ideas and poke holes in current policies and processes, most recently with new white papers on <a href="https:\/\/www.insaonline.org\/wp-content\/uploads\/2022\/06\/Improving-Security-Clearance-Mobility.pdf">security clearance mobility<\/a> and <a href="https:\/\/www.insaonline.org\/wp-content\/uploads\/2021\/12\/Recruiting-and-Clearing-Personnel-with-Foreign-Ties.pdf">clearing personnel with foreign ties,<\/a> respectively.nnLarry Hanauer, vice president for policy at INSA, said the group is staying engaged with Congress and the intelligence community on major clearance initiatives, like continuous vetting and the development of the National Background Investigative Services.nn\u201cWe also look at ways just to make the clearance and adjudication process more efficient for both government staff and contractors,\u201d Hanauer said in an interview for Inside the IC.nnThe mobility paper, for instance, dives into inconsistent policies and processes that make it challenging to move personnel who need Top Secret Sensitive Compartmented Information (TS\/SCI) clearance from one agency to another.nnThe issue is most acute for contractors who often move personnel across multiple contracts and agencies. But it can affect recruiting for both agencies and industry.nnFor instance, some intelligence agencies allow personnel who already have TS\/SCI clearance to begin work while they wait for their polygraph test, while others make those employees wait until the polygraph is complete. Depending on the type of polygraph needed, that can mean a delay of anywhere from 30 days to 18 months.nnGreg Torres, the director of personnel security at Booz Allen Hamilton, said the net result is a small pool of personnel who are qualified to start work under contracts immediately.nn\u201cThis means we're just shuffling the deck chairs, moving someone from one government mission to another, making a hole somewhere else,\u201d Torres said. \u201cAnd we usually need to pay a premium for that employee to leave their current job.\u201dnnINSA\u2019s white paper recommends intelligence agencies consider the counter-intelligence polygraph sufficient for personnel to begin work until a full-scope polygraph can be scheduled.nn\u201cWe think this is a risk management approach, which we think is the right approach given the myriad tools that these agencies now have to mitigate any perceived risk,\u201d Torres said. \u201cIf you think about it years ago, they didn't have tools like continuous evaluation or user activity monitoring and a host of other tools. But they do now.\u201dnnThe white paper also recommends the Defense Department eliminate component-specific requirements for granting SCI access and name a senior official in charge of developing department-wide policies for such access.nnINSA estimates additional and disparate processes across the 43 DoD components can result in delays of two to five weeks beyond the few days it takes for a component to initially accept an individual\u2019s clearance. And it recommends clearing Top Secret applicants at the SCI level, as well, so additional processes don\u2019t delay that individual if they require SCI access in the future.nnDoD and the IC should also put an official or team in charge of uniting policies that affect personnel mobility, from clearance reciprocity to polygraphs to contract language and industry coordination, according to INSA\u2019s paper.nn\u201cSince the 9\/11 attacks, the government has made really a concerted effort to make sure that intelligence is shared, so you can work at agency X, and you're accessing intelligence information that comes from agencies Y and Z,\u201d Hanauer said. \u201cWhy, if you're going to go support agency Y or Z, should those agencies have to re-adjudicate your clearance or ask the different investigative steps be done all over again? ... It's these really duplicative processes that don't add anything to security.\u201dn<h2>Re-examining foreign ties<\/h2>nClearance and mobility processes can also present barriers to the intelligence community\u2019s goal of increasing diversity in the national security workforce. Contractors often compete for the same people who are already cleared at the highest levels, and new applicants can be dissuaded from going through a lengthy, often confusing process.nn\u201cIf you keep moving the same people around from place to place, you're not going to be as successful as you as you could be,\u201d Torres said on diversity.nnINSA\u2019s new white paper on \u201crecruiting and clearing personnel with foreign ties\u201d also dives headlong into diversity issues, positing that the security clearance process \u201cdoes not lend itself\u201d to hiring individuals with different backgrounds and experiences who may have key language and cultural skills.nnThe paper said the intelligence community needs to \u201cre-examine historical assumptions about the risks posed to national security by foreign-born persons or those with close foreign ties.\u201dnnAdjudicative guidelines for granting or revoking a clearance requires agencies to examine factors like allegiance to the United States, foreign influence, and foreign preference.nnBut INSA suggests investigators could look at those aspects from a risk mitigation approach, as opposed to eliminating all risk.nn\u201cInvestigators are never going to be able to learn everything they want to know about a candidate's uncle in rural China somewhere, but they can assess whether such a family tie really affects a candidate's loyalties or creates security risks that can't be mitigated,\u201d Hanauer said.nnThe paper also recommends mission-focused teams, such as analysts, work more closely with their counterparts in security and human resources, respectively, to ensure candidates with critical skills don\u2019t get easily dropped from the clearance process because of foreign ties.nn\u201cWe just feel like better communication between the human resources people, the mission-focused teams that want to hire a candidate, and the security folks will help ensure that people with those critical skills don't just hit that brick wall,\u201d Hanauer said. \u201cThe mission-focused teams might be able to provide the the security team, with additional insights into the reasons why this candidate is facing obstacles.\u201dnnThe white paper also recommends bias awareness training for all officials responsible for recruitment, hiring, investigations and adjudications. Meanwhile, new policies and procedures could consider a more granular consideration of foreign ties, INSA\u2019s paper suggests, such as reasons behind why a candidate wants to hang onto a dual citizenship.nnHanauer said that INSA is now working on a white paper comparing how commercial companies screen their job candidates and contrasting it with the government\u2019s clearance approach.nn\u201cCommercial companies ... manage to protect their sensitive information pretty well without subjecting their job candidates to a months-long vetting process,\u201d he said. \u201cWe're in the process of doing a comparison of public sector and private sector personnel screening to see if maybe the government can adopt some more efficient best practices from industry.\u201d"}};

If the governmentwide “Trusted Workforce 2.0” initiative is a once-in-a-generation chance to modernize and streamline the personnel vetting process, then the Intelligence and National Security Alliance isn’t sitting on the sidelines.

Personnel vetting reform is one of the White House’s top performance initiatives, with published strategies and action plans. And agencies have already made strides in adopting continuous vetting and speeding up the background investigations process in recent years.

But INSA is continuing to offer new ideas and poke holes in current policies and processes, most recently with new white papers on security clearance mobility and clearing personnel with foreign ties, respectively.

Larry Hanauer, vice president for policy at INSA, said the group is staying engaged with Congress and the intelligence community on major clearance initiatives, like continuous vetting and the development of the National Background Investigative Services.

“We also look at ways just to make the clearance and adjudication process more efficient for both government staff and contractors,” Hanauer said in an interview for Inside the IC.

The mobility paper, for instance, dives into inconsistent policies and processes that make it challenging to move personnel who need Top Secret Sensitive Compartmented Information (TS/SCI) clearance from one agency to another.

The issue is most acute for contractors who often move personnel across multiple contracts and agencies. But it can affect recruiting for both agencies and industry.

For instance, some intelligence agencies allow personnel who already have TS/SCI clearance to begin work while they wait for their polygraph test, while others make those employees wait until the polygraph is complete. Depending on the type of polygraph needed, that can mean a delay of anywhere from 30 days to 18 months.

Greg Torres, the director of personnel security at Booz Allen Hamilton, said the net result is a small pool of personnel who are qualified to start work under contracts immediately.

“This means we’re just shuffling the deck chairs, moving someone from one government mission to another, making a hole somewhere else,” Torres said. “And we usually need to pay a premium for that employee to leave their current job.”

INSA’s white paper recommends intelligence agencies consider the counter-intelligence polygraph sufficient for personnel to begin work until a full-scope polygraph can be scheduled.

“We think this is a risk management approach, which we think is the right approach given the myriad tools that these agencies now have to mitigate any perceived risk,” Torres said. “If you think about it years ago, they didn’t have tools like continuous evaluation or user activity monitoring and a host of other tools. But they do now.”

The white paper also recommends the Defense Department eliminate component-specific requirements for granting SCI access and name a senior official in charge of developing department-wide policies for such access.

INSA estimates additional and disparate processes across the 43 DoD components can result in delays of two to five weeks beyond the few days it takes for a component to initially accept an individual’s clearance. And it recommends clearing Top Secret applicants at the SCI level, as well, so additional processes don’t delay that individual if they require SCI access in the future.

DoD and the IC should also put an official or team in charge of uniting policies that affect personnel mobility, from clearance reciprocity to polygraphs to contract language and industry coordination, according to INSA’s paper.

“Since the 9/11 attacks, the government has made really a concerted effort to make sure that intelligence is shared, so you can work at agency X, and you’re accessing intelligence information that comes from agencies Y and Z,” Hanauer said. “Why, if you’re going to go support agency Y or Z, should those agencies have to re-adjudicate your clearance or ask the different investigative steps be done all over again? … It’s these really duplicative processes that don’t add anything to security.”

Re-examining foreign ties

Clearance and mobility processes can also present barriers to the intelligence community’s goal of increasing diversity in the national security workforce. Contractors often compete for the same people who are already cleared at the highest levels, and new applicants can be dissuaded from going through a lengthy, often confusing process.

“If you keep moving the same people around from place to place, you’re not going to be as successful as you as you could be,” Torres said on diversity.

INSA’s new white paper on “recruiting and clearing personnel with foreign ties” also dives headlong into diversity issues, positing that the security clearance process “does not lend itself” to hiring individuals with different backgrounds and experiences who may have key language and cultural skills.

The paper said the intelligence community needs to “re-examine historical assumptions about the risks posed to national security by foreign-born persons or those with close foreign ties.”

Adjudicative guidelines for granting or revoking a clearance requires agencies to examine factors like allegiance to the United States, foreign influence, and foreign preference.

But INSA suggests investigators could look at those aspects from a risk mitigation approach, as opposed to eliminating all risk.

“Investigators are never going to be able to learn everything they want to know about a candidate’s uncle in rural China somewhere, but they can assess whether such a family tie really affects a candidate’s loyalties or creates security risks that can’t be mitigated,” Hanauer said.

The paper also recommends mission-focused teams, such as analysts, work more closely with their counterparts in security and human resources, respectively, to ensure candidates with critical skills don’t get easily dropped from the clearance process because of foreign ties.

“We just feel like better communication between the human resources people, the mission-focused teams that want to hire a candidate, and the security folks will help ensure that people with those critical skills don’t just hit that brick wall,” Hanauer said. “The mission-focused teams might be able to provide the the security team, with additional insights into the reasons why this candidate is facing obstacles.”

The white paper also recommends bias awareness training for all officials responsible for recruitment, hiring, investigations and adjudications. Meanwhile, new policies and procedures could consider a more granular consideration of foreign ties, INSA’s paper suggests, such as reasons behind why a candidate wants to hang onto a dual citizenship.

Hanauer said that INSA is now working on a white paper comparing how commercial companies screen their job candidates and contrasting it with the government’s clearance approach.

“Commercial companies … manage to protect their sensitive information pretty well without subjecting their job candidates to a months-long vetting process,” he said. “We’re in the process of doing a comparison of public sector and private sector personnel screening to see if maybe the government can adopt some more efficient best practices from industry.”

]]>
https://federalnewsnetwork.com/inside-ic/2022/06/new-clearance-ideas-aim-to-make-national-security-workforce-more-mobile-diverse/feed/ 0
Senator wants former and possibly current marijuana use to not count against clearance-seekers https://federalnewsnetwork.com/federal-newscast/2022/06/senator-wants-former-and-possibly-current-marijuana-use-to-not-count-against-clearance-seekers/ https://federalnewsnetwork.com/federal-newscast/2022/06/senator-wants-former-and-possibly-current-marijuana-use-to-not-count-against-clearance-seekers/#respond Fri, 24 Jun 2022 15:48:41 +0000 https://federalnewsnetwork.com/?p=4119024 var config_4119090 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/FederalNewscast\/mp3\/062422CASTFORWEB_r4n5_1a4b80e1.mp3?awCollectionId=1102&awEpisodeId=867cdd7a-7587-4de6-9335-90a21a4b80e1&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/FedNewscast1500-150x150.jpg","title":"Senator wants former and possibly current marijuana use to not count against clearance-seekers","description":"[hbidcpodcast podcastid='4119090']nn<em>To listen to the Federal Newscast on your phone or mobile device, subscribe in\u00a0<a href="https:\/\/www.podcastone.com\/federal-newstalk?showAllEpisodes=true">PodcastOne<\/a>\u00a0or\u00a0<a href="https:\/\/itunes.apple.com\/us\/podcast\/federal-newscast\/id1053077930?mt=2">Apple Podcasts<\/a>. The best listening experience on desktop can be found using Chrome, Firefox or Safari.<\/em>n<ul>n \t<li>New legislation would make it easier for security clearance applicants to overcome a history of using marijuana. A provision in the Senate Intelligence Committee\u2019s 2023 intel authorization bill would prohibit agencies from denying a clearance solely based on the applicant\u2019s previous pot use. The provision was championed by <a href="https:\/\/www.wyden.senate.gov\/news\/press-releases\/wyden-secures-provisions-to-protect-whistleblowers-bolster-cybersecurity-and-end-denial-of-security-clearances-based-on-past-marijuana-use-in-2023-intelligence-bill" target="_blank" rel="noopener">Sen. Ron Wyden (D-Ore.)<\/a>. He\u2019s also pushing to make it so ongoing marijuana use is not the basis for denying or losing a clearance. Today, cleared individuals can still expect to forfeit their clearance due to ongoing pot use, even if it\u2019s legal in the state in which they reside.<\/li>n<\/ul>n<ul>n \t<li>Kiran Ahuja reaches one year as director for the Office of Personnel Management. Ahuja is the first confirmed OPM director to reach one year in office since 2015. After implementing changes like adding time off to vote and updating telework policies, Ahuja said she's pushing for more reforms to federal recruitment, "We're going to stand up a chief diversity officer council, which is something that will be coming this summer, paid internship guidance that will be coming out later this summer. We want to ensure that federal jobs and opportunities are accessible to all, as well as doing some reforms to the Pathways Program." (<a href="https:\/\/federalnewsnetwork.com\/workforce\/2022\/06\/for-opms-ahuja-strong-human-capital-leadership-crucial-to-federal-workforce-reform\/" target="_blank" rel="noopener"><em>Federal News Network<\/em><\/a>)<\/li>n<\/ul>n<ul>n \t<li>Agencies have some new guidance for securely using cloud services. The <a href="https:\/\/www.cisa.gov\/news\/2022\/06\/23\/cisa-releases-second-version-guidance-secure-migration-cloud" target="_blank" rel="noopener">Cybersecurity and Infrastructure Security Agency<\/a> updated its Cloud Security Technical Reference Architecture this week. The agency received more than 300 comments on the original TRA released last September. The new document reflects requests to bring the guidance in line with the federal zero trust strategy, clarify its connections to the FedRAMP program, and create more consistency with Identity and Access Management capabilities.<\/li>n<\/ul>n<ul>n \t<li><a href="https:\/\/youtu.be\/1aPNfOxbQyc" target="_blank" rel="noopener">Health and Human Services<\/a> welcomes its inaugural class of digital fellows. The fellows are part of an early career program to get technology career workers into government. At HHS, the fellows will use data, analytics and innovation to help with pubic health outreach. The program is designed to recruit new tech employees into federal government. Fellows come from a variety of backgrounds ranging from recent college grads, to software engineers and product managers. The Office of Management and Budget last week announced the 41 fellows who will spend the next two years working at 13 different agencies to solve technology challenges.<\/li>n<\/ul>n<ul>n \t<li>Frontline employees at the Federal Emergency Management Agency may see more resources from federal leadership. FEMA Administrator Deanne Criswell requests funding in the <a href="https:\/\/www.hsgac.senate.gov\/hearings\/examining-femas-strategic-priorities-and-disaster-preparedness" target="_blank" rel="noopener">fiscal 2023 budget<\/a> to expand mental health programs for agency workers. That's as FEMA faces staffing shortages and a now year-round pace of disaster response in the U.S. Criswell said the agency is analyzing its future staffing model to determine how to increase services, without placing more strain on employees. FEMA's budget request also includes $6.4 million for the incident management workforce.<\/li>n<\/ul>n<ul>n \t<li>A bill to make federal buildings more resilient against natural disasters makes it through the Senate. The <a href="https:\/\/www.hsgac.senate.gov\/media\/majority-media\/peters-and-scott-bipartisan-bill-to-save-taxpayer-dollars-by-ensuring-federal-property-and-assets-are-disaster-resilient-passes-senate" target="_blank" rel="noopener">Disaster Resiliency Planning Act<\/a> would require the Office of Management and Budget to issue guidance to agencies on how to make natural disaster resilience part of their asset management decision-making. OMB would also work with the Government Accountability Office and the Federal Emergency Management Agency to help agencies identify potential gaps in their disaster resilience prevention efforts. Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) and Senator Rick Scott (R-Fla.) introduced the bill.<\/li>n<\/ul>n<ul>n \t<li>The upside to Congress' decentralized nature is that innovation can come from anywhere. The downside is that coordinating those innovations is hard. Current and former staffers say technology can and has solved many common problems for members of Congress, but they want to see members tap into more commercial-friendly platforms and give centralized authority to bodies like the Bulk Data Task Force, or the House Digital Service. The House Modernization Committee said they agree Congress needs better collaboration on tech solutions but it may take dedicated staff from each member office. (<em>Federal News Network<\/em>)<\/li>n<\/ul>n<ul>n \t<li>Federal contractors and subcontractors have less than a week to certify their compliance with their affirmative action requirements. The <a href="https:\/\/www.dol.gov\/agencies\/ofccp\/contractorportal" target="_blank" rel="noopener">Labor Department's Office of Contractor Compliance<\/a> set a June 30 deadline for vendors to submit their plans to the OFCCP Contractor Portal. Labor found most contractors and subcontractors were not meeting federal affirmative action requirements forcing them to create this new rule. It mandates companies, on an annual basis, to develop and maintain annual affirmative action plans and upload them to the portal. Contractors and subcontractors who fail to register or certify their compliance will face an audit from Labor.<\/li>n<\/ul>n<ul>n \t<li>The IRS is looking to diversify its contractor base. A new <a href="https:\/\/sam.gov\/opp\/9965e9d2a82e4153a8854765162ef003\/view" target="_blank" rel="noopener">request for information<\/a> published on SAM.gov says the agency is doing market research. It wants to determine if there is a sufficient population of contractors capable of providing goods and services the IRS needs. The RFI specifically asks for responses from businesses that qualify for socio-economic set-asides. IRS is looking for responses by July 12.<\/li>n<\/ul>n<ul>n \t<li>The <a href="https:\/\/www.va.gov\/oig\/pubs\/VAOIG-22-00180-169.pdf" target="_blank" rel="noopener">Department of Veterans Affairs <\/a> is now better at negotiating prices of pharmaceuticals. The VA's National Acquisition Center heeded the advice of its inspector general and renegotiated prices with 10 pharmaceutical suppliers and achieved almost $43 million in immediate savings. The acquisition center went back to the contractors after the IG found all 10 did not have valid reasons for not offering the agency most-favored-customer pricing. The IG also found the acquisition center didn't reliably track all the items contractors offered through the Price Reduction Clause, causing the higher prices. VA expects to save more than $328 million over the life of the contracts.<\/li>n<\/ul>n<ul>n \t<li>The <a href="https:\/\/www.va.gov\/opa\/pressrel\/pressrelease.cfm?id=5799" target="_blank" rel="noopener">Department of Veterans Affairs<\/a> encourages veterans to self-check for Post Traumatic Stress Disorder on PTSD Screening Day, June 27. The agency shared a 50-second self-evaluation to help determine if the subject may have symptoms of PTSD by answering six questions. Paula Schnurr, the executive director of the National Center for PTSD said that the message they want to send is one of hope and she said that PTSD is treatable and a normal response to trauma.<\/li>n<\/ul>n<ul>n \t<li>The concept of a government scorecard for customer experience is coming into focus. Former federal officials suggest a customer experience category could be added to the Federal IT Acquisition Reform Act scorecard, or could exist as a standalone scorecard. Matt Lira, former special assistant to the president for Innovation Policy and Initiatives tell the Senate Homeland Security and Governmental Affairs Committee a FITRA-like scorecard for CX would get results. \u201cIt\u2019s tangible, it\u2019s binary, it\u2019s quantitative. And I will say firsthand, being on the other side of Pennsylvania Avenue, it was an incredibly useful tool, the FITARA scorecard, in driving agency deliverables,\u201d Lira said. (<a href="https:\/\/federalnewsnetwork.com\/agency-oversight\/2022\/06\/agencies-need-customer-experience-quarterback-and-scorecard-to-track-progress-experts-say\/" target="_blank" rel="noopener"><em>Federal News Network<\/em><\/a>)<\/li>n<\/ul>n<ul>n \t<li>Two observers of federal management have a list of nine tenets for more agile government. The National Academy of Public Administration and the Project Management Institute's latest report, "<a href="https:\/\/napawash.org\/press-releases\/national-academy-of-public-administration-and-project-management-institute-release-report-on-agile-regulatory-framework" target="_blank" rel="noopener">Agile Regulation: Gateway to the Future<\/a>," outlines an agile regulatory framework with tenets like collaborating early and often on regulatory development, using small inclusive teams to manage the regulatory development process, and automation tools. NAPA President Terry Gerton saidthat after the pandemic, the public sector must begin to operate differently and make public satisfaction the top priority.<\/li>n<\/ul>n "}};

To listen to the Federal Newscast on your phone or mobile device, subscribe in PodcastOne or Apple Podcasts. The best listening experience on desktop can be found using Chrome, Firefox or Safari.

  • New legislation would make it easier for security clearance applicants to overcome a history of using marijuana. A provision in the Senate Intelligence Committee’s 2023 intel authorization bill would prohibit agencies from denying a clearance solely based on the applicant’s previous pot use. The provision was championed by Sen. Ron Wyden (D-Ore.). He’s also pushing to make it so ongoing marijuana use is not the basis for denying or losing a clearance. Today, cleared individuals can still expect to forfeit their clearance due to ongoing pot use, even if it’s legal in the state in which they reside.
  • Kiran Ahuja reaches one year as director for the Office of Personnel Management. Ahuja is the first confirmed OPM director to reach one year in office since 2015. After implementing changes like adding time off to vote and updating telework policies, Ahuja said she’s pushing for more reforms to federal recruitment, “We’re going to stand up a chief diversity officer council, which is something that will be coming this summer, paid internship guidance that will be coming out later this summer. We want to ensure that federal jobs and opportunities are accessible to all, as well as doing some reforms to the Pathways Program.” (Federal News Network)
  • Agencies have some new guidance for securely using cloud services. The Cybersecurity and Infrastructure Security Agency updated its Cloud Security Technical Reference Architecture this week. The agency received more than 300 comments on the original TRA released last September. The new document reflects requests to bring the guidance in line with the federal zero trust strategy, clarify its connections to the FedRAMP program, and create more consistency with Identity and Access Management capabilities.
  • Health and Human Services welcomes its inaugural class of digital fellows. The fellows are part of an early career program to get technology career workers into government. At HHS, the fellows will use data, analytics and innovation to help with pubic health outreach. The program is designed to recruit new tech employees into federal government. Fellows come from a variety of backgrounds ranging from recent college grads, to software engineers and product managers. The Office of Management and Budget last week announced the 41 fellows who will spend the next two years working at 13 different agencies to solve technology challenges.
  • Frontline employees at the Federal Emergency Management Agency may see more resources from federal leadership. FEMA Administrator Deanne Criswell requests funding in the fiscal 2023 budget to expand mental health programs for agency workers. That’s as FEMA faces staffing shortages and a now year-round pace of disaster response in the U.S. Criswell said the agency is analyzing its future staffing model to determine how to increase services, without placing more strain on employees. FEMA’s budget request also includes $6.4 million for the incident management workforce.
  • A bill to make federal buildings more resilient against natural disasters makes it through the Senate. The Disaster Resiliency Planning Act would require the Office of Management and Budget to issue guidance to agencies on how to make natural disaster resilience part of their asset management decision-making. OMB would also work with the Government Accountability Office and the Federal Emergency Management Agency to help agencies identify potential gaps in their disaster resilience prevention efforts. Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) and Senator Rick Scott (R-Fla.) introduced the bill.
  • The upside to Congress’ decentralized nature is that innovation can come from anywhere. The downside is that coordinating those innovations is hard. Current and former staffers say technology can and has solved many common problems for members of Congress, but they want to see members tap into more commercial-friendly platforms and give centralized authority to bodies like the Bulk Data Task Force, or the House Digital Service. The House Modernization Committee said they agree Congress needs better collaboration on tech solutions but it may take dedicated staff from each member office. (Federal News Network)
  • Federal contractors and subcontractors have less than a week to certify their compliance with their affirmative action requirements. The Labor Department’s Office of Contractor Compliance set a June 30 deadline for vendors to submit their plans to the OFCCP Contractor Portal. Labor found most contractors and subcontractors were not meeting federal affirmative action requirements forcing them to create this new rule. It mandates companies, on an annual basis, to develop and maintain annual affirmative action plans and upload them to the portal. Contractors and subcontractors who fail to register or certify their compliance will face an audit from Labor.
  • The IRS is looking to diversify its contractor base. A new request for information published on SAM.gov says the agency is doing market research. It wants to determine if there is a sufficient population of contractors capable of providing goods and services the IRS needs. The RFI specifically asks for responses from businesses that qualify for socio-economic set-asides. IRS is looking for responses by July 12.
  • The Department of Veterans Affairs is now better at negotiating prices of pharmaceuticals. The VA’s National Acquisition Center heeded the advice of its inspector general and renegotiated prices with 10 pharmaceutical suppliers and achieved almost $43 million in immediate savings. The acquisition center went back to the contractors after the IG found all 10 did not have valid reasons for not offering the agency most-favored-customer pricing. The IG also found the acquisition center didn’t reliably track all the items contractors offered through the Price Reduction Clause, causing the higher prices. VA expects to save more than $328 million over the life of the contracts.
  • The Department of Veterans Affairs encourages veterans to self-check for Post Traumatic Stress Disorder on PTSD Screening Day, June 27. The agency shared a 50-second self-evaluation to help determine if the subject may have symptoms of PTSD by answering six questions. Paula Schnurr, the executive director of the National Center for PTSD said that the message they want to send is one of hope and she said that PTSD is treatable and a normal response to trauma.
  • The concept of a government scorecard for customer experience is coming into focus. Former federal officials suggest a customer experience category could be added to the Federal IT Acquisition Reform Act scorecard, or could exist as a standalone scorecard. Matt Lira, former special assistant to the president for Innovation Policy and Initiatives tell the Senate Homeland Security and Governmental Affairs Committee a FITRA-like scorecard for CX would get results. “It’s tangible, it’s binary, it’s quantitative. And I will say firsthand, being on the other side of Pennsylvania Avenue, it was an incredibly useful tool, the FITARA scorecard, in driving agency deliverables,” Lira said. (Federal News Network)
  • Two observers of federal management have a list of nine tenets for more agile government. The National Academy of Public Administration and the Project Management Institute’s latest report, “Agile Regulation: Gateway to the Future,” outlines an agile regulatory framework with tenets like collaborating early and often on regulatory development, using small inclusive teams to manage the regulatory development process, and automation tools. NAPA President Terry Gerton saidthat after the pandemic, the public sector must begin to operate differently and make public satisfaction the top priority.

 

]]>
https://federalnewsnetwork.com/federal-newscast/2022/06/senator-wants-former-and-possibly-current-marijuana-use-to-not-count-against-clearance-seekers/feed/ 0
Lead agency for security clearance reform expands ‘continuous vetting’ https://federalnewsnetwork.com/inside-ic/2022/06/lead-agency-for-security-clearance-reform-expands-continuous-vetting/ https://federalnewsnetwork.com/inside-ic/2022/06/lead-agency-for-security-clearance-reform-expands-continuous-vetting/#respond Mon, 20 Jun 2022 22:20:13 +0000 https://federalnewsnetwork.com/?p=4111236 var config_4112481 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/federal-drive\/mp3\/062122_Justin_web_i9so_5155d8cc.mp3?awCollectionId=1146&awEpisodeId=1569ef71-3eef-4ca0-8654-a5f85155d8cc&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/FD1500-150x150.jpg","title":"Lead agency for security clearance reform expands \u2018continuous vetting\u2019","description":"[hbidcpodcast podcastid='4112481']nnThe Defense Counterintelligence and Security Agency is adding more data categories to its \u201ccontinuous vetting\u201d program, while more than three dozen non-defense agencies are using DCSA\u2019s services as it moves ahead with security clearance reform efforts.nnDCSA is now monitoring 50,000 cleared individuals from 38 non-defense agencies under its continuous vetting program, according to Heather Green, assistant director of vetting risk operations at DCSA. That\u2019s on top of the 3.6 million Defense Department service members, civilians and contractors who were enrolled in continuous vetting <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2021\/10\/pentagon-security-agency-looks-to-expand-continuous-vetting-beyond-dod-add-more-data-sources\/">by last October.<\/a>nn\u201cWe do anticipate this continuing to grow through this fiscal year and beyond as we add those additional CV services,\u201d Green said on Inside the IC. \u201cSo as more services and capability comes online, we're going to continue to grow our service to our federal agencies, as well as our DoD customers.\u201dnnDCSA is one of the lead agencies implementing the government-wide \u201cTrusted Workforce 2.0\u201d initiative. The effort aims to streamline the government\u2019s personnel vetting process through automated record checks, simplified security standards and more information sharing across agencies.nnEarlier this year, a White House official called 2022 <a href="https:\/\/federalnewsnetwork.com\/defense-news\/2022\/03\/omb-sees-2022-as-most-significant-year-for-security-clearance-reform\/">the "most significant, most consequential" year<\/a> for security clearance reform yet.nnDCSA's continuous vetting system is one of the centerpieces of the initiative, giving investigators the ability to receive automated alerts when a security clearance holder faces an issue that could put their clearance at risk.nnDCSA\u2019s continuous vetting system hit the \u201c1.25\u201d milestone last fall when the DoD cleared population was fully enrolled. But the system at that time was limited to three data categories: criminal activities, terrorism, and eligibility.nnThe agency is now adding alerts about suspicious financial activity, foreign travel, credit history and \u201cpublic record information\u201d to the continuous vetting system on the way to the \u201cTrusted Workforce 1.5\u201d milestone this fall, according to Green. Already, 2 million DoD clearance holders are\u00a0 enrolled in that expanded system of alerts.nnThe continuous vetting system is replacing periodic reinvestigations, where investigators would do a background check on a clearance holder every five or 10 years. Instead of learning about potentially suspicious activity years after it took place, the system is intended to provide security offices with alerts about such activity. Investigators can then decide whether to follow up.nnBut Green says continuous vetting is not a \u201cgotcha\u201d program. Instead, she says it\u2019s intended to improve security while also giving cleared personnel the chance to self-report and mitigate any potential issues.nn\u201cIn the grand scheme of things, very few individuals actually receive an alert or require the additional investigative action to take place,\u201d Green said. \u201cBut CV isn't just about generating those alerts. It really is about self-reporting. There are self-reporting requirements for clearance holders, and it's really supporting the goal of helping us identify potential issues before they fester into a larger insider threat concern.\u201dn<h2>Security clearance reciprocity timelines down<\/h2>nDCSA has also made major strides in the time it takes for it to process and adjudicate a security clearance granted by another agency, a process referred to as \u201creciprocity.\u201d The process affects personnel transferring from one agency to another, as well as contractors working on different projects for different agencies.nnDCSA now takes an average of just one day to make a reciprocity decision, down from a peak of 65 days in mid-2020, according to Green.nnShe credited \u201cbusiness process engineering\u201d leading to more efficient decision-making on reciprocity requests, as well as the merger of several organizations under DCSA, including the former National Background Investigations Bureau and the DoD Consolidated Adjudications Facility.nnLast year, DCSA also completed the shift from using multiple personnel security databases to the Defense Information Security System (DISS).nn\u201cHaving the ability to control the end-to-end process was certainly a part of that success,\u201d Green said of reciprocity.nnWhile other agencies, most notably in the intelligence community, take much longer to make reciprocity decisions, Green thinks the \u201ctransfer of trust\u201d process, as it\u2019s called under Trusted Workforce 2.0, will continue to improve with time.n<h2>Initial vetting hurdles<\/h2>nOne of the next major hurdles for security clearance reform will be speeding up the time it takes to get an initial applicant, with no prior government background investigation, through the vetting process. The initial background investigations process often takes months and even years in some cases, making it harder for the federal government to hire new employees.nn<a href="https:\/\/www.performance.gov\/assets\/files\/Personnel_Vetting_Reform_Progress_2022_Q1.pdf">A quarterly update<\/a> issued by the Security, Suitability, and Credentialing Performance Accountability Council earlier this year shows DCSA is expected to begin offering initial vetting products, using more automated processes and the new National Background Investigation Services (NBIS) IT system, starting next June.nn"We are committed to being what I would call the 'personal security provider of choice,'" Green said. "We're working very hard to provide new and enhanced products and services to support that full TW 2.0 implementation to include initial vetting products. The actual implementation of the new standards will take some time and will be fully phased in as those products and services are available. But we are leaning forward, looking at how we can continue to evolve all our vetting products and services.\u201d"}};

The Defense Counterintelligence and Security Agency is adding more data categories to its “continuous vetting” program, while more than three dozen non-defense agencies are using DCSA’s services as it moves ahead with security clearance reform efforts.

DCSA is now monitoring 50,000 cleared individuals from 38 non-defense agencies under its continuous vetting program, according to Heather Green, assistant director of vetting risk operations at DCSA. That’s on top of the 3.6 million Defense Department service members, civilians and contractors who were enrolled in continuous vetting by last October.

“We do anticipate this continuing to grow through this fiscal year and beyond as we add those additional CV services,” Green said on Inside the IC. “So as more services and capability comes online, we’re going to continue to grow our service to our federal agencies, as well as our DoD customers.”

DCSA is one of the lead agencies implementing the government-wide “Trusted Workforce 2.0” initiative. The effort aims to streamline the government’s personnel vetting process through automated record checks, simplified security standards and more information sharing across agencies.

Earlier this year, a White House official called 2022 the “most significant, most consequential” year for security clearance reform yet.

DCSA’s continuous vetting system is one of the centerpieces of the initiative, giving investigators the ability to receive automated alerts when a security clearance holder faces an issue that could put their clearance at risk.

DCSA’s continuous vetting system hit the “1.25” milestone last fall when the DoD cleared population was fully enrolled. But the system at that time was limited to three data categories: criminal activities, terrorism, and eligibility.

The agency is now adding alerts about suspicious financial activity, foreign travel, credit history and “public record information” to the continuous vetting system on the way to the “Trusted Workforce 1.5” milestone this fall, according to Green. Already, 2 million DoD clearance holders are  enrolled in that expanded system of alerts.

The continuous vetting system is replacing periodic reinvestigations, where investigators would do a background check on a clearance holder every five or 10 years. Instead of learning about potentially suspicious activity years after it took place, the system is intended to provide security offices with alerts about such activity. Investigators can then decide whether to follow up.

But Green says continuous vetting is not a “gotcha” program. Instead, she says it’s intended to improve security while also giving cleared personnel the chance to self-report and mitigate any potential issues.

“In the grand scheme of things, very few individuals actually receive an alert or require the additional investigative action to take place,” Green said. “But CV isn’t just about generating those alerts. It really is about self-reporting. There are self-reporting requirements for clearance holders, and it’s really supporting the goal of helping us identify potential issues before they fester into a larger insider threat concern.”

Security clearance reciprocity timelines down

DCSA has also made major strides in the time it takes for it to process and adjudicate a security clearance granted by another agency, a process referred to as “reciprocity.” The process affects personnel transferring from one agency to another, as well as contractors working on different projects for different agencies.

DCSA now takes an average of just one day to make a reciprocity decision, down from a peak of 65 days in mid-2020, according to Green.

She credited “business process engineering” leading to more efficient decision-making on reciprocity requests, as well as the merger of several organizations under DCSA, including the former National Background Investigations Bureau and the DoD Consolidated Adjudications Facility.

Last year, DCSA also completed the shift from using multiple personnel security databases to the Defense Information Security System (DISS).

“Having the ability to control the end-to-end process was certainly a part of that success,” Green said of reciprocity.

While other agencies, most notably in the intelligence community, take much longer to make reciprocity decisions, Green thinks the “transfer of trust” process, as it’s called under Trusted Workforce 2.0, will continue to improve with time.

Initial vetting hurdles

One of the next major hurdles for security clearance reform will be speeding up the time it takes to get an initial applicant, with no prior government background investigation, through the vetting process. The initial background investigations process often takes months and even years in some cases, making it harder for the federal government to hire new employees.

A quarterly update issued by the Security, Suitability, and Credentialing Performance Accountability Council earlier this year shows DCSA is expected to begin offering initial vetting products, using more automated processes and the new National Background Investigation Services (NBIS) IT system, starting next June.

“We are committed to being what I would call the ‘personal security provider of choice,'” Green said. “We’re working very hard to provide new and enhanced products and services to support that full TW 2.0 implementation to include initial vetting products. The actual implementation of the new standards will take some time and will be fully phased in as those products and services are available. But we are leaning forward, looking at how we can continue to evolve all our vetting products and services.”

]]>
https://federalnewsnetwork.com/inside-ic/2022/06/lead-agency-for-security-clearance-reform-expands-continuous-vetting/feed/ 0
State Department intelligence arm to set up open source coordination office https://federalnewsnetwork.com/inside-ic/2022/05/state-department-intelligence-arm-to-set-up-open-source-coordination-office/ https://federalnewsnetwork.com/inside-ic/2022/05/state-department-intelligence-arm-to-set-up-open-source-coordination-office/#respond Mon, 23 May 2022 20:27:33 +0000 https://federalnewsnetwork.com/?p=4072031 var config_4065142 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/podone.noxsolutions.com\/media\/2252\/episodes\/051822_InsideTheIC_FullEpisode_Mixdown_nywr.mp3"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/02\/183879-image-1644619204-150x150.jpg","title":"The State Department’s intelligence arm has a new strategic plan","description":"[hbidcpodcast podcastid='4065142']nnThe State Department\u2019s intelligence branch is setting up a new open source office to improve how it shares analysis with diplomats worldwide under a new strategic plan that puts a major emphasis on upgrading the bureau\u2019s IT operations.nnBrett Holmgren, assistant secretary of state for intelligence and research, says the Strategic Open Source Coordination Office will serve as a \u201ccentral point of contact\u201d for policy, training and tradecraft around open source intelligence, or OSINT. The new unit will also test and procure open-source tools, help deliver them overseas, and manage contracts.nnThe Bureau of Intelligence and Analysis, or INR, provides intelligence to U.S. diplomats. But most diplomats, spread out at locations across the world, have sporadic access to classified U.S. intelligence assessments.nn\u201cBeing able to leverage open source in a fundamentally different way than we've done so to date will allow us to share our best insights at the unclassified, FOUO, or the sensitive but unclassified level, on new platforms to our diplomats overseas,\u201d Holmgren said on Inside the IC.nnThe intelligence community is increasingly looking to <a href="https:\/\/federalnewsnetwork.com\/intelligence-community\/2022\/05\/spy-agencies-look-to-standardize-use-of-open-source-intelligence\/">improve its use of OSINT,<\/a><a href="https:\/\/federalnewsnetwork.com\/inside-ic\/2022\/04\/intel-community-weighs-role-of-open-source-intelligence-amid-ukraine-conflict\/"> especially as Russia's invasion of Ukraine<\/a> plays out across social media feeds, commercial satellite images and other publicly available sources.nnThe open source office is part of the bureau\u2019s <a href="https:\/\/www.state.gov\/wp-content\/uploads\/2022\/02\/INR_2025_Strategic-Plan-Brochure_vF_FINAL.pdf">new strategic plan, called \u201cINR 2025.\u201d<\/a> It lays out five major pillars, starting with an imperative to \u201celevate strategic analysis and redefine intelligence support to diplomacy.\u201dnnHolmgren, who was sworn in last September, said that first pillar represents something of a return to INR\u2019s roots of developing long-range, strategic intelligence products.nn\u201cWe really want to kind of reinvest in that core capability,\u201d he said. \u201cOver the years, we've become a little bit overstretched in responding to a lot of the demand for current assessments, and we'll continue to do that, obviously, to support our policymakers. But we really want to step back and make sure that in the intelligence community, we are one of those agencies that is thinking about where the world is headed, and trying to identify some opportunities and risks over the horizon to provide a warning, and also to help enable our policymakers to think through wise foreign policy strategies.\u201dn<h2>INR\u2019s digital vision<\/h2>nThe strategy also prioritizes digital modernization. As Holmgren puts it, its about shifting away from an operations and maintenance mindset for IT toward \u201ca more modern, agile, innovative technology team.\u201dnnIn order to oversee that shift, INR created a chief information officer position. Raymond Romano is currently acting CIO for the bureau. He previously led the State Department\u2019s cyber threat investigations division at the Bureau of Diplomatic Security.nnINR is also creating a technology governance board to oversee the bureau\u2019s IT modernization efforts and ensure technology is incorporated into its strategic planning process moving forward, according to Holmgren.nn\u201cIt's a cultural shift, but I think it's vitally important, and it starts at the top in terms of how the leadership of our organization views technology and the role that it will play,\u201d he said.nnThe bureau is already sketching out a new mobile strategy, according to the new strategy. Holmgren says mobile devices will be key to delivering more open-source and unclassified information to diplomats across the globe.nn\u201cImagine a diplomat riding into work in the morning, or they're getting ready at their home in the morning, and they're somewhere in Asia, and they're able to pull up the INR app on their mobile device,\u201d Holmgren said. \u201cWe want to be able to provide real-time, relevant information to our diplomats in the most accessible manner possible, and we do view a mobile as a real opportunity for us to do so.\u201dn<h2>Tech savvy, diverse workforce<\/h2>nHolmgren also thinks INR\u2019s future workforce will continue to be more technologically savvy, even if they\u2019re not all software engineers.nn\u201cThey don't need to be fluent in JavaScript and Python languages,\u201d he said. \u201cThey don't need to know how to code. But they do need to understand how technology operates. They need to understand and be comfortable with using modern technology, so that they can be successful in the future.\u201dnnHolmgren says it\u2019s not just an imperative from an internal, business operations perspective.nn\u201cI think you'll see more officers with some backgrounds in science and technology, just given where the threat landscape is evolving in the world, everything from global pandemics to emerging technologies and cyber, and how all of these technologies are applied in the military context as well,\u201d he said. \u201cI think it'll be important to have experts on our team that not only understand the deep history of a particular region, or understand applied economics, but that actually understand and have a deep familiarity with some of the science and some of the education that underpins a lot of these disciplines.\u201dnnINR\u2019s strategy also places a priority on recruiting individuals from more diverse backgrounds and perspectives. Diversity continues to be a challenge <a href="https:\/\/federalnewsnetwork.com\/workforce\/2021\/10\/intelligence-community-workforce-is-more-diverse-but-still-struggles-with-retention-and-promotion\/">across the intelligence community.<\/a>nn\u201cIt's making sure that we are being very deliberate about our recruiting strategy moving forward,\u201d Holmgren said. \u201cAnd we're going to continue to invest in expertise, regardless of where it comes from. But we are going to make sure that we put a premium on forcing ourselves to think more critically about our recruitment strategies, and not just doing what's easy, but doing what's hard, because ultimately, that will make us better and more effective as a bureau in the future.\u201d"}};

The State Department’s intelligence branch is setting up a new open source office to improve how it shares analysis with diplomats worldwide under a new strategic plan that puts a major emphasis on upgrading the bureau’s IT operations.

Brett Holmgren, assistant secretary of state for intelligence and research, says the Strategic Open Source Coordination Office will serve as a “central point of contact” for policy, training and tradecraft around open source intelligence, or OSINT. The new unit will also test and procure open-source tools, help deliver them overseas, and manage contracts.

The Bureau of Intelligence and Analysis, or INR, provides intelligence to U.S. diplomats. But most diplomats, spread out at locations across the world, have sporadic access to classified U.S. intelligence assessments.

“Being able to leverage open source in a fundamentally different way than we’ve done so to date will allow us to share our best insights at the unclassified, FOUO, or the sensitive but unclassified level, on new platforms to our diplomats overseas,” Holmgren said on Inside the IC.

The intelligence community is increasingly looking to improve its use of OSINT, especially as Russia’s invasion of Ukraine plays out across social media feeds, commercial satellite images and other publicly available sources.

The open source office is part of the bureau’s new strategic plan, called “INR 2025.” It lays out five major pillars, starting with an imperative to “elevate strategic analysis and redefine intelligence support to diplomacy.”

Holmgren, who was sworn in last September, said that first pillar represents something of a return to INR’s roots of developing long-range, strategic intelligence products.

“We really want to kind of reinvest in that core capability,” he said. “Over the years, we’ve become a little bit overstretched in responding to a lot of the demand for current assessments, and we’ll continue to do that, obviously, to support our policymakers. But we really want to step back and make sure that in the intelligence community, we are one of those agencies that is thinking about where the world is headed, and trying to identify some opportunities and risks over the horizon to provide a warning, and also to help enable our policymakers to think through wise foreign policy strategies.”

INR’s digital vision

The strategy also prioritizes digital modernization. As Holmgren puts it, its about shifting away from an operations and maintenance mindset for IT toward “a more modern, agile, innovative technology team.”

In order to oversee that shift, INR created a chief information officer position. Raymond Romano is currently acting CIO for the bureau. He previously led the State Department’s cyber threat investigations division at the Bureau of Diplomatic Security.

INR is also creating a technology governance board to oversee the bureau’s IT modernization efforts and ensure technology is incorporated into its strategic planning process moving forward, according to Holmgren.

“It’s a cultural shift, but I think it’s vitally important, and it starts at the top in terms of how the leadership of our organization views technology and the role that it will play,” he said.

The bureau is already sketching out a new mobile strategy, according to the new strategy. Holmgren says mobile devices will be key to delivering more open-source and unclassified information to diplomats across the globe.

“Imagine a diplomat riding into work in the morning, or they’re getting ready at their home in the morning, and they’re somewhere in Asia, and they’re able to pull up the INR app on their mobile device,” Holmgren said. “We want to be able to provide real-time, relevant information to our diplomats in the most accessible manner possible, and we do view a mobile as a real opportunity for us to do so.”

Tech savvy, diverse workforce

Holmgren also thinks INR’s future workforce will continue to be more technologically savvy, even if they’re not all software engineers.

“They don’t need to be fluent in JavaScript and Python languages,” he said. “They don’t need to know how to code. But they do need to understand how technology operates. They need to understand and be comfortable with using modern technology, so that they can be successful in the future.”

Holmgren says it’s not just an imperative from an internal, business operations perspective.

“I think you’ll see more officers with some backgrounds in science and technology, just given where the threat landscape is evolving in the world, everything from global pandemics to emerging technologies and cyber, and how all of these technologies are applied in the military context as well,” he said. “I think it’ll be important to have experts on our team that not only understand the deep history of a particular region, or understand applied economics, but that actually understand and have a deep familiarity with some of the science and some of the education that underpins a lot of these disciplines.”

INR’s strategy also places a priority on recruiting individuals from more diverse backgrounds and perspectives. Diversity continues to be a challenge across the intelligence community.

“It’s making sure that we are being very deliberate about our recruiting strategy moving forward,” Holmgren said. “And we’re going to continue to invest in expertise, regardless of where it comes from. But we are going to make sure that we put a premium on forcing ourselves to think more critically about our recruitment strategies, and not just doing what’s easy, but doing what’s hard, because ultimately, that will make us better and more effective as a bureau in the future.”

]]>
https://federalnewsnetwork.com/inside-ic/2022/05/state-department-intelligence-arm-to-set-up-open-source-coordination-office/feed/ 0
Spy agencies look to standardize use of open source intelligence https://federalnewsnetwork.com/intelligence-community/2022/05/spy-agencies-look-to-standardize-use-of-open-source-intelligence/ https://federalnewsnetwork.com/intelligence-community/2022/05/spy-agencies-look-to-standardize-use-of-open-source-intelligence/#respond Thu, 12 May 2022 20:26:31 +0000 https://federalnewsnetwork.com/?p=4055968 Intelligence agencies are starting to coalesce around a set of common standards and data for using open source intelligence, but challenges remain in boosting the use of OSINT throughout the intelligence community.

Patrice Tibbs, chief of community open source at the CIA, said open source has “proven itself over and over,” especially given current events like Russia’s invasion of Ukraine. OSINT is generally defined as unclassified information, often publicly available, like data gleaned from social media feeds.

“My five-year-old grandson understands the value of the iPhone and in communicating,” Tibbs said during a May 2 event hosted by the Intelligence and National Security Alliance. “If we can’t get on board and figure that kind of thing out now, and understand how that can be leveraged to make sure that we are clear in every country, every city, every home, in some cases, we will lose the lion’s share of any benefit we have in open source.”

Spy agencies have traditionally been organized around other forms of intelligence, like geospatial intelligence or signals intelligence. Agencies have struggled to define how OSINT fits into its broader tradecraft, but the array of public information about the Ukraine conflict has started to shift the conversation about OSINT intelligence circles.

The 2022 Intelligence Authorization Act is also pushing agencies to build more OSINT capabilities within the context of competition with China.

“The Intelligence Community must reorient to engage in a strategic competition with the PRC while countering China’s malign activities globally,” the Senate’s report on the Intelligence Authorization Act states. “To do so, it must continue to build open source intelligence capabilities and augment capacity; enhance sharing of intelligence capabilities; and strengthen the analytical and collection capabilities relating to non- military threats including technology competition.”

As head of the CIA, Director Bill Burns is considered the “community functional manager for open source,” meaning he reports to Director of National Intelligence Avril Haines on OSINT policy, requirements and funding, according to Tibbs.

The intelligence community also has a “National Open Source Committee,” which includes senior leaders from each of the 18 intelligence agencies. Within the committee, there are subcommittees specifically focused on issues like OSINT data, collection management, training and tradecraft, according Tibbs.

She said senior leaders are starting to take OSINT more seriously, providing a chance to set common standards around open source training and tradecraft

“The key for me is just understanding how we modify and change and adapt to the amount of data that’s available,” Tibbs said. “And because there’s not a consistency of how all of the different 18 organizations are utilizing, are capturing or are integrating open source into their workflows, there is inconsistency sometimes in how that is translated and shared and a variety of other things.”

Tibbs said the most difficult challenge for OSINT is “getting everybody to agree on the direction.” She also said ensuring the intelligence community has the technology infrastructure to support OSINT is important.

“Also, it’s just having the individuals with the right skill set and the motivation to come in and really take on these challenging roles, especially in the federal government realm,” Tibbs added. “This is this is not always the easiest place to work. It is not always the highest paid place to work.”

DIA open source center

The Defense Intelligence Agency is also looking to elevate OSINT through its Open Source Intelligence Integration Center. It was established in late 2019, and governs the military’s use of OSINT by leaning on standards, processes and tradecraft, according to Brad Ahlskog, chief of the center.

Compared to traditional forms of intelligence, Ahklskog said OSINT is now playing an “outsized role” in scenarios like exposing Russia’s build-up of military forces and subsequent invasion of Ukraine.

“I would argue that along with the amplified information warfare aspect of hybrid warfare, there’s a vital need for what I’ll call ‘hybrid intelligence,’” Ahlskog said during an April 26 presentation at the GEOINT conference in Denver. “It features a larger reliance on OSINT to both identify the threats, support deterrence operations, and provide the ground truth of the battlefield situation during the conflict.”

But he said the Defense Department will rely on contractors to help with a “data-centric approach” to OSINT. The approach will rely on artificial intelligence and automation to speed up the exploitation of such data, but it doesn’t come without some caveats.

“This translates to a need for datasets that are cataloged discoverable, or resident in government or commercial applications that are readily machine ingestible through application interfaces for transfer into other applications in formats that are not proprietary,” Ahlskog said. “Too often in the past, some open tools or applications were created with self contained datasets that were not easily blended with other data, or datasets from other sources that cannot be easily moved into a proprietary application.”

Furthermore, he said it will be crucial for analysts to understand how algorithms are analyzing the data and reaching specific conclusions.

“We want to produce actionable intelligence from them, and we must be able to easily understand and clearly explain how application ‘X’ produced information ‘Y’ that was used to inform decisions ‘Z,’” he said. “Without transparency into how OSINT data is obtained and processed, the intelligence community personnel will be very reluctant to rely on that PAI for intelligence purposes. Verification, validation and sourcing play integral roles for data in these cases.”

Beyond technology, Ahlskog said he thinks the culture around relying on OSINT is starting to change.

“I think more and more of our customers and personnel realize the value of open source,” he said. “They also get it first, frankly, in many cases. It’s very immediate. . . . It wasn’t possible 10 years ago, or 15 years ago, for information to be that widespread, immediately available to anyone who has a mobile device, or computer at their desk. So I think a lot of our customers, and our all source analysts and other collectors are getting much more comfortable with relying on open source early and often.”

]]>
https://federalnewsnetwork.com/intelligence-community/2022/05/spy-agencies-look-to-standardize-use-of-open-source-intelligence/feed/ 0
Two agency inspectors general got salaries that busted legal limits on political employee pay https://federalnewsnetwork.com/intelligence-community/2022/05/two-agency-inspectors-general-got-salaries-that-busted-legal-limits-on-political-employee-pay/ https://federalnewsnetwork.com/intelligence-community/2022/05/two-agency-inspectors-general-got-salaries-that-busted-legal-limits-on-political-employee-pay/#respond Thu, 12 May 2022 16:43:37 +0000 https://federalnewsnetwork.com/?p=4055358 var config_4055711 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/federal-drive\/mp3\/051222_Foster_web_d129_e89ee96a.mp3?awCollectionId=1146&awEpisodeId=0887d382-0896-439d-9848-a9bde89ee96a&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/FD1500-150x150.jpg","title":"Two agency inspectors general got salaries that busted legal limits on political employee pay","description":"[hbidcpodcast podcastid='4055711']nn<em>Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive\u2019s daily audio interviews on\u00a0<\/em><a href="https:\/\/itunes.apple.com\/us\/podcast\/federal-drive-with-tom-temin\/id1270799277?mt=2"><em>Apple Podcast<\/em>s<\/a><em>\u00a0or\u00a0<a href="https:\/\/www.podcastone.com\/federal-drive-with-tom-temin?pid=1753589">PodcastOne<\/a>.<\/em>nnThe inspectors general for two intelligence agencies were each overpaid by tens of thousands of dollars between 2016 and 2020. That's according to an internal Defense Department memo a whistleblower supplied to Empower Oversight, an outside watchdog group. There's no clear evidence anyone intentionally did anything wrong. There's also no evidence the money's been repaid or whether the matter has been properly investigated. Jason Foster is founder and president of Empower Oversight. He spoke with Federal News Network's Jared Serbu on the\u00a0<a href="https:\/\/federalnewsnetwork.com\/category\/temin\/tom-temin-federal-drive\/"><strong><em>Federal Drive with Tom Temin<\/em><\/strong><\/a>\u00a0about what we know and don't know.nn<em>Interview transcript:<\/em>n<blockquote><strong>Jason Foster:<\/strong> The memo was provided to the DoD inspector general's office and it walks through the relevant legal authorities for inspector general pay because inspector general pay is set by statute. And inspectors general are senior officials who are subject to a pay freeze and so the memo went through and concluded and reported findings to the DoD IG that these two inspectors general at NSA and NRO had been, according to this official at DoD, overpaid the amounts of approximately $18,000 total for one of the IGs and approximately $150,000 total for the other IG. And this is over a multiple-year timeframe.nn<strong>Jared Serbu: <\/strong>And you're fairly confident at this point that that memo is authentic, even though it was not provided to you from an official source of any kind?nn<strong>Jason Foster:<\/strong> Yes, so we attached a copy of the memo to our FOIA requests to all the agencies that we asked about it. And in our FOIA request, we explicitly said that we had received it from an anonymous source and couldn't independently authenticate it. However, since we sent those FOIA requests we were contacted by multiple other sources, who did authenticate the memo who we know who they are, and they are in a position to know that it's an authentic memo.nn<strong>Jared Serbu:\u00a0<\/strong>And I believe you've seen a response from the NSA IG that basically just indicates this was a clerical error that he knew nothing about at the time. Anything similar from NRO, so far?nn<strong>Jason Foster:<\/strong> No, we've had no contact from NRO. And I would note just that the amount for the NRO IG, the total amount of the alleged overpayments is much higher, it's much more significant than with the, in one case, it was just the NSA IG got a cost of living increase that the DoD memo says he wasn't entitled to. However, with the NRO IG, you're talking about overpayments of over $40,000 a year for several years totaling about $150,000.nn<strong>Jared Serbu:\u00a0<\/strong>Yeah, can you unpack that one, maybe a little bit more? Because that one, it looks as, for one thing it spans over more years than the NSA IG overpayments did. But also it looks in that case as though the official started at a higher salary than would have been entitled to under law and then continue to get increases year after year after that.nn<strong>Jason Foster:<\/strong> Yeah, that's exactly correct. So we lay out the numbers from the memo in our FOIA request. And, you know, this is, again, the these are approximate and we don't have access to the underlying records. We just have the summary memo that the DoD provided to the DoD IG. And you know, according to that memo, the overpayments were about $5,000 in 2016; about $20,000 in 2017; about $38,000 in 2018; about $40,000 in 2019; and about $45,000 in 2020. I mean, this is significantly above the level at what an executive level, I think it's executive level three, I think is the pay cap for a presidentially appointed inspector general.nn<strong>Jared Serbu:\u00a0<\/strong>I know you said you've not gotten any official responses from NRO yet, but is there any document in your possession or anything that you've seen that would lead you to come up with some reason why this might have happened in that case?nn<strong>Jason Foster:<\/strong> I mean, I have a little bit of insight, again, from sources who contacted me after we sent the FOIA request as sort of what the backstory was. When this memo came over to the DoD OIG, they then referred it to the Council of Inspectors General Integrity Committee (CIGIE), which is sort of the self-policing body for inspectors general, to see if there was any potential investigation that body ought to do. I don't know whether they also informed the White House or Congress or anyone else, but it's because the DoD IG is the one who referred it to the integrity committee, there were concerns about potential retaliation if, because the NSA IG is the nominee to be the new DoD IG, right? And so it's the office that he would be taking over where people had, just doing what they thought was their duty, referred it for potential inquiry. And we raised questions about why the integrity committee didn't look at it, and how can this not have been elevated to responsible people in the political branches, either in Congress or the White House and sort of how, it's just sort of perplexing, like, how could this happen without anybody knowing, and without it being public? You don't have accidental pay raises going to other IG's and I don't know if it's because they're national security components. And so there's just not as much transparency or what the explanation is.nn<strong>Jared Serbu:\u00a0<\/strong>Let's unpack that CIGIE piece a little bit, I think the allegation in your original whistleblower communication was not only was CIGIE aware that these overpayments had happened and didn't really do any kind of investigation, but may have also alerted the people who would have been the subjects of the investigation. Is that right?nn<strong>Jason Foster:<\/strong> That's correct. So the source who provided the memo to us also alleged that in CIGIE meetings, there was essentially a heads up to the other IGs and said, "Hey, this is something that came in to the integrity committee, and you should double check and make sure your houses there in order, right? Basically, there's going to be scrutiny on this." So there was, like I said, essentially, a heads up to everyone to make sure that they weren't in a similar position.nn<strong>Jared Serbu:\u00a0<\/strong>I want to stress I don't think there's really any hard evidence at this point that there was any impropriety on the part of CIGIE or, frankly, anyone else at this point because we just haven't seen the documents yet. But does this kind of structure give you any kind of pause just in terms of how inspectors general are overseen? It is really, as you said, really just a self policing body where the inspectors general themselves are really the only oversight they have other than each of their respective agency directors, or am I missing something?nn<strong>Jason Foster:<\/strong> Right, and Congress, right. I mean, and technically CIGIE, there's an OMB official who is part of CIGIE by statute. So that's supposed to be the line of oversight to the White House. But again, with my background and working years and years on issues around the IG community from Capitol Hill, my concern is there needs to be transparency and oversight and questions being asked from Capitol Hill about these things. I mean, this is ultimately, the structure, as you said, it is largely a self-policing structure. The integrity committee itself, the NSA IG was the vice chair of the integrity committee at the time this report came in and so had to recuse himself. My understanding is he did properly as I would expect, he recused himself from any consideration of this particular matter. But the standards are very opaque and vague as to what the integrity committee will open an investigation on and what it won't open an investigation on. And there has been a lot of dissatisfaction on Capitol Hill over the years with the integrity committee's performance. It seems to be either too aggressive in some cases for some reasons and not aggressive enough in other cases. And there's no sort of coherent explanation for why they will open up an investigation on some and not open investigations on others. And my argument from the time even from when I was on Capitol Hill as a staffer dealing with CIGIE and its leadership was you need to manage this situation, when you have a problem like this, that has the potential to tarnish the reputation of the inspector general community writ large. You need to show some leadership and and make sure that it's raised to the political branches to deal with, and that folks on the Hill and the folks in the White House know when there's an issue and can step in and resolve it one way or the other.nn<strong>Jared Serbu:\u00a0<\/strong>To the best of your knowledge, is anyone on the Hill actively looking into this?nn<strong>Jason Foster:<\/strong> We published an update to our press release that included questions for the record from Sen. Josh Hawley (R-Mo.), who had asked the NSA IG about the overpayments in the course of his confirmation proceedings, because he's the nominee to be the new DoD inspector general. And so that's the only one where I know we were provided a copy of the answer that the NSA inspector general provided to Sen. Hawley's office in response to that question for the record. But I know that that nomination hasn't moved forward in the last several weeks and that there were attempts to hotline it, and to have it passed by UC and that that hasn't occurred yet.nn<strong>Jared Serbu:\u00a0<\/strong>Just one more question on transparency. Beyond transparency around policy, is what you call it opaque a second ago, what else could or should CIGIE be doing to make the whole process that they run more transparent, and as you said, increase that or maintain that level of trust that everybody needs to have in the IG community?nn<strong>Jason Foster:<\/strong> Well, we tried to impose some of that transparency back in 2016, when I worked on the IG empowerment act, and we had, there were dissatisfaction then on both sides of the aisle about the speed with which integrity committee investigations were being completed. And we passed at that time, a reporting requirement that said that when the integrity committee has an investigation on an IG that's open for more than 180 days, that then you have to send a report up to Congress with an explanation. Well, since I've been off the Hill and I'm now in this role in an outside watchdog organization, we actually FOIA'd a whole bunch of those reports. They're not routinely made public. The statute didn't require them to make public so if Congress doesn't post them or put them out, then nobody sees them. And when we got them, we were sort of shocked by how little information is actually in them. So they're constantly punting on these investigations. They stay open for extremely long periods of time, and then they send these perfunctory reports up to Congress technically satisfying the statute, but really not telling you much about why it's taking so long. There were some people who wanted, who had argued for actual caps with requirements that look, you got to finish this investigation within X amount of time or something, some kind of consequence occurs. But they fought that, and we sort of had this compromise of the reporting requirement. But it doesn't seem to be doing much. So I know that there's talk among good government groups on the outside across the ideological spectrum about readdressing integrity committee reforms, because nobody seems to be happy with the progress on either side.<\/blockquote>"}};

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The inspectors general for two intelligence agencies were each overpaid by tens of thousands of dollars between 2016 and 2020. That’s according to an internal Defense Department memo a whistleblower supplied to Empower Oversight, an outside watchdog group. There’s no clear evidence anyone intentionally did anything wrong. There’s also no evidence the money’s been repaid or whether the matter has been properly investigated. Jason Foster is founder and president of Empower Oversight. He spoke with Federal News Network’s Jared Serbu on the Federal Drive with Tom Temin about what we know and don’t know.

Interview transcript:

Jason Foster: The memo was provided to the DoD inspector general’s office and it walks through the relevant legal authorities for inspector general pay because inspector general pay is set by statute. And inspectors general are senior officials who are subject to a pay freeze and so the memo went through and concluded and reported findings to the DoD IG that these two inspectors general at NSA and NRO had been, according to this official at DoD, overpaid the amounts of approximately $18,000 total for one of the IGs and approximately $150,000 total for the other IG. And this is over a multiple-year timeframe.

Jared Serbu: And you’re fairly confident at this point that that memo is authentic, even though it was not provided to you from an official source of any kind?

Jason Foster: Yes, so we attached a copy of the memo to our FOIA requests to all the agencies that we asked about it. And in our FOIA request, we explicitly said that we had received it from an anonymous source and couldn’t independently authenticate it. However, since we sent those FOIA requests we were contacted by multiple other sources, who did authenticate the memo who we know who they are, and they are in a position to know that it’s an authentic memo.

Jared Serbu: And I believe you’ve seen a response from the NSA IG that basically just indicates this was a clerical error that he knew nothing about at the time. Anything similar from NRO, so far?

Jason Foster: No, we’ve had no contact from NRO. And I would note just that the amount for the NRO IG, the total amount of the alleged overpayments is much higher, it’s much more significant than with the, in one case, it was just the NSA IG got a cost of living increase that the DoD memo says he wasn’t entitled to. However, with the NRO IG, you’re talking about overpayments of over $40,000 a year for several years totaling about $150,000.

Jared Serbu: Yeah, can you unpack that one, maybe a little bit more? Because that one, it looks as, for one thing it spans over more years than the NSA IG overpayments did. But also it looks in that case as though the official started at a higher salary than would have been entitled to under law and then continue to get increases year after year after that.

Jason Foster: Yeah, that’s exactly correct. So we lay out the numbers from the memo in our FOIA request. And, you know, this is, again, the these are approximate and we don’t have access to the underlying records. We just have the summary memo that the DoD provided to the DoD IG. And you know, according to that memo, the overpayments were about $5,000 in 2016; about $20,000 in 2017; about $38,000 in 2018; about $40,000 in 2019; and about $45,000 in 2020. I mean, this is significantly above the level at what an executive level, I think it’s executive level three, I think is the pay cap for a presidentially appointed inspector general.

Jared Serbu: I know you said you’ve not gotten any official responses from NRO yet, but is there any document in your possession or anything that you’ve seen that would lead you to come up with some reason why this might have happened in that case?

Jason Foster: I mean, I have a little bit of insight, again, from sources who contacted me after we sent the FOIA request as sort of what the backstory was. When this memo came over to the DoD OIG, they then referred it to the Council of Inspectors General Integrity Committee (CIGIE), which is sort of the self-policing body for inspectors general, to see if there was any potential investigation that body ought to do. I don’t know whether they also informed the White House or Congress or anyone else, but it’s because the DoD IG is the one who referred it to the integrity committee, there were concerns about potential retaliation if, because the NSA IG is the nominee to be the new DoD IG, right? And so it’s the office that he would be taking over where people had, just doing what they thought was their duty, referred it for potential inquiry. And we raised questions about why the integrity committee didn’t look at it, and how can this not have been elevated to responsible people in the political branches, either in Congress or the White House and sort of how, it’s just sort of perplexing, like, how could this happen without anybody knowing, and without it being public? You don’t have accidental pay raises going to other IG’s and I don’t know if it’s because they’re national security components. And so there’s just not as much transparency or what the explanation is.

Jared Serbu: Let’s unpack that CIGIE piece a little bit, I think the allegation in your original whistleblower communication was not only was CIGIE aware that these overpayments had happened and didn’t really do any kind of investigation, but may have also alerted the people who would have been the subjects of the investigation. Is that right?

Jason Foster: That’s correct. So the source who provided the memo to us also alleged that in CIGIE meetings, there was essentially a heads up to the other IGs and said, “Hey, this is something that came in to the integrity committee, and you should double check and make sure your houses there in order, right? Basically, there’s going to be scrutiny on this.” So there was, like I said, essentially, a heads up to everyone to make sure that they weren’t in a similar position.

Jared Serbu: I want to stress I don’t think there’s really any hard evidence at this point that there was any impropriety on the part of CIGIE or, frankly, anyone else at this point because we just haven’t seen the documents yet. But does this kind of structure give you any kind of pause just in terms of how inspectors general are overseen? It is really, as you said, really just a self policing body where the inspectors general themselves are really the only oversight they have other than each of their respective agency directors, or am I missing something?

Jason Foster: Right, and Congress, right. I mean, and technically CIGIE, there’s an OMB official who is part of CIGIE by statute. So that’s supposed to be the line of oversight to the White House. But again, with my background and working years and years on issues around the IG community from Capitol Hill, my concern is there needs to be transparency and oversight and questions being asked from Capitol Hill about these things. I mean, this is ultimately, the structure, as you said, it is largely a self-policing structure. The integrity committee itself, the NSA IG was the vice chair of the integrity committee at the time this report came in and so had to recuse himself. My understanding is he did properly as I would expect, he recused himself from any consideration of this particular matter. But the standards are very opaque and vague as to what the integrity committee will open an investigation on and what it won’t open an investigation on. And there has been a lot of dissatisfaction on Capitol Hill over the years with the integrity committee’s performance. It seems to be either too aggressive in some cases for some reasons and not aggressive enough in other cases. And there’s no sort of coherent explanation for why they will open up an investigation on some and not open investigations on others. And my argument from the time even from when I was on Capitol Hill as a staffer dealing with CIGIE and its leadership was you need to manage this situation, when you have a problem like this, that has the potential to tarnish the reputation of the inspector general community writ large. You need to show some leadership and and make sure that it’s raised to the political branches to deal with, and that folks on the Hill and the folks in the White House know when there’s an issue and can step in and resolve it one way or the other.

Jared Serbu: To the best of your knowledge, is anyone on the Hill actively looking into this?

Jason Foster: We published an update to our press release that included questions for the record from Sen. Josh Hawley (R-Mo.), who had asked the NSA IG about the overpayments in the course of his confirmation proceedings, because he’s the nominee to be the new DoD inspector general. And so that’s the only one where I know we were provided a copy of the answer that the NSA inspector general provided to Sen. Hawley’s office in response to that question for the record. But I know that that nomination hasn’t moved forward in the last several weeks and that there were attempts to hotline it, and to have it passed by UC and that that hasn’t occurred yet.

Jared Serbu: Just one more question on transparency. Beyond transparency around policy, is what you call it opaque a second ago, what else could or should CIGIE be doing to make the whole process that they run more transparent, and as you said, increase that or maintain that level of trust that everybody needs to have in the IG community?

Jason Foster: Well, we tried to impose some of that transparency back in 2016, when I worked on the IG empowerment act, and we had, there were dissatisfaction then on both sides of the aisle about the speed with which integrity committee investigations were being completed. And we passed at that time, a reporting requirement that said that when the integrity committee has an investigation on an IG that’s open for more than 180 days, that then you have to send a report up to Congress with an explanation. Well, since I’ve been off the Hill and I’m now in this role in an outside watchdog organization, we actually FOIA’d a whole bunch of those reports. They’re not routinely made public. The statute didn’t require them to make public so if Congress doesn’t post them or put them out, then nobody sees them. And when we got them, we were sort of shocked by how little information is actually in them. So they’re constantly punting on these investigations. They stay open for extremely long periods of time, and then they send these perfunctory reports up to Congress technically satisfying the statute, but really not telling you much about why it’s taking so long. There were some people who wanted, who had argued for actual caps with requirements that look, you got to finish this investigation within X amount of time or something, some kind of consequence occurs. But they fought that, and we sort of had this compromise of the reporting requirement. But it doesn’t seem to be doing much. So I know that there’s talk among good government groups on the outside across the ideological spectrum about readdressing integrity committee reforms, because nobody seems to be happy with the progress on either side.

]]>
https://federalnewsnetwork.com/intelligence-community/2022/05/two-agency-inspectors-general-got-salaries-that-busted-legal-limits-on-political-employee-pay/feed/ 0
Outgoing intelligence community data chief previews forthcoming data strategy https://federalnewsnetwork.com/inside-ic/2022/05/outgoing-intelligence-community-data-chief-previews-forthcoming-data-strategy/ https://federalnewsnetwork.com/inside-ic/2022/05/outgoing-intelligence-community-data-chief-previews-forthcoming-data-strategy/#respond Fri, 06 May 2022 18:01:40 +0000 https://federalnewsnetwork.com/?p=4047415 var config_4043870 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/podone.noxsolutions.com\/media\/2252\/episodes\/050422_InsideTheIC_FullEpisode_Mixdown_ien8.mp3"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/02\/183879-image-1644619204-150x150.jpg","title":"A conversation with the intelligence community’s chief data officer","description":"[hbidcpodcast podcastid='4043870']nnThe intelligence community is drafting a new data strategy for the first time since 2017, with a big focus on training a data savvy workforce well equipped to take advantage of an increasing deluge of information that intelligence agencies are both collecting and producing.nnIntelligence agencies have made \u201cgreat strides\u201d since the first data strategy was published in 2017, according to Nancy Morgan, who just retired as chief data officer of the intelligence community. Her last day was April 29, and the office of the director of national intelligence has yet to select her replacement.nn\u201cWe've made some significant improvements to what we've been doing with data lifecycle management since the first IC data strategy was published in 2017,\u201d Morgan said in an April 28 interview on <a href="https:\/\/www.podcastone.com\/pd\/All-About-Data">All About Data<\/a>\u00a0and <a href="https:\/\/www.podcastone.com\/pd\/Inside-the-IC">Inside the IC.<\/a> \u201cWe feel we've done a lot of work to enhance sharing and safeguarding, but there's still more to do.\u201dnnChief data officers across the 18 intelligence agencies are focused on using automation to do more data preparation, Morgan said. The goal is to give analysts more time to \u201cdo higher order tasks\u201d rather than rudimentary jobs like data tagging.nn\u201cWe're collecting and producing more information than ever before, the IC is launching more collection capabilities than ever before at astounding volumes, certainly since I began my career 30-plus years ago,\u201d Morgan said. \u201cIt's just astounding how much information we're gathering. So it creates a data volume challenge.\u201dnnODNI is also updating the IC IT Enterprise, or \u201cICITE,\u201d strategy, a major guiding document for how intelligence agencies will use computing in the years ahead. The work is being led by Adele Merritt, the chief information officer for the intelligence community.nnThe new IT strategy will be pivotal to \u201cenhance the critical data management capabilities to achieve our goals,\u201d Morgan said.nnCDOs in the intelligence community are also looking to create more interoperability across intel agencies and the broader Defense Department. Morgan said leaders want to share successful approaches across organizations.nn"How do we integrate and involve multidisciplinary approaches that solve the IC's most challenging and emerging data issues?" she said. "We find new data challenges\u00a0 every day in every domain area."nnBut beyond technology, a major piece of the forthcoming data strategy is the workforce. Morgan said spy agencies aren\u2019t just focused on bringing in highly sought-after data scientists, but also training the existing workforce to be more data savvy.nn\u201cHow do we increase the data acumen and tradecraft, by not only attracting but developing, growing and resourcing the data savvy workforce?\u201d she said. \u201cSo not just the talent we recruit, but the workforce we already have. How do we give people a chance to develop new skills and make them even more powerful and valuable to the community?\u201dn<h2>Career pivots<\/h2>nIC data leaders are looking to create opportunities for intelligence professionals to start learning new skills related to digital technologies, data and cybersecurity, according to Morgan.nn\u201cIt's really very powerful when our domain experts learn some of the foundational skills for working with technology, working with automation, working with artificial intelligence, machine learning, being paired up with data scientists and data engineers,\u201d she said.nnThe focus isn\u2019t just on developing data professionals, but on building data aptitude across mission, business and policy areas, including acquisition, contracting, privacy and civil liberties, legal divisions and finance, according to Morgan.nn\u201cFrankly, it's about supervisors, managers, leaders, senior executives at all levels of the organization,\u201d she said. \u201cAre we asking the right questions about data when it's presented to us? Do we understand the data that's driving our decision making and we say the words data driven decision making but how are we actually putting that into practice?\u201dnnMorgan noted the Fiscal Year 2022 National Defense Authorization Act requires the Office of Personnel Management to establish new occupational series for not just \u201cdata science,\u201d but \u201cdata management\u201d as well.nn\u201cI was really proud of helping influence some of the wording on that, because while I absolutely want to have a strong data science cadre, you need the full data management realm,\u201d she said. \u201cYou need data managers, data policy experts, in addition to those data scientists and those data engineers.\u201dnnODNI is also preparing to conduct the pilot phase of a new public-private talent exchange. It will allow intelligence officers to work temporarily in the private sector, and vice versa. The pilot phase will allow for six-month details, according to Morgan.nnThe pilot phase will include specific focus areas, including professionals working in data, as well as a category for artificial intelligence and machine learning, according to Morgan.nn\u201cLaunching the pilot is a bit complicated, working through some of the security issues working through some of the acquisition and legal issues,\u201d she said. \u201cBut our goal is really to help intelligence officers and private sector colleagues better understand each other's mission, landscape, inject diverse thinking and gain new insights and really, hopefully create a more two way flow of talent skills and ideas.\u201dnnShe also said it could help inculcate a culture where there\u2019s more back-and-forth between the government and private sector.nn\u201cI don't know that people will have the same sort of trajectory of a career that's more only in the government or only in the private sector,\u201d Morgan said. \u201cI hope we'll see more two-way movement and more continuous movement over the time of someone's career. And again, selfishly, for me, this helps us grow our digital data and cyber savvy workforce with real world experiences.\u201d"}};

The intelligence community is drafting a new data strategy for the first time since 2017, with a big focus on training a data savvy workforce well equipped to take advantage of an increasing deluge of information that intelligence agencies are both collecting and producing.

Intelligence agencies have made “great strides” since the first data strategy was published in 2017, according to Nancy Morgan, who just retired as chief data officer of the intelligence community. Her last day was April 29, and the office of the director of national intelligence has yet to select her replacement.

“We’ve made some significant improvements to what we’ve been doing with data lifecycle management since the first IC data strategy was published in 2017,” Morgan said in an April 28 interview on All About Data and Inside the IC. “We feel we’ve done a lot of work to enhance sharing and safeguarding, but there’s still more to do.”

Chief data officers across the 18 intelligence agencies are focused on using automation to do more data preparation, Morgan said. The goal is to give analysts more time to “do higher order tasks” rather than rudimentary jobs like data tagging.

“We’re collecting and producing more information than ever before, the IC is launching more collection capabilities than ever before at astounding volumes, certainly since I began my career 30-plus years ago,” Morgan said. “It’s just astounding how much information we’re gathering. So it creates a data volume challenge.”

ODNI is also updating the IC IT Enterprise, or “ICITE,” strategy, a major guiding document for how intelligence agencies will use computing in the years ahead. The work is being led by Adele Merritt, the chief information officer for the intelligence community.

The new IT strategy will be pivotal to “enhance the critical data management capabilities to achieve our goals,” Morgan said.

CDOs in the intelligence community are also looking to create more interoperability across intel agencies and the broader Defense Department. Morgan said leaders want to share successful approaches across organizations.

“How do we integrate and involve multidisciplinary approaches that solve the IC’s most challenging and emerging data issues?” she said. “We find new data challenges  every day in every domain area.”

But beyond technology, a major piece of the forthcoming data strategy is the workforce. Morgan said spy agencies aren’t just focused on bringing in highly sought-after data scientists, but also training the existing workforce to be more data savvy.

“How do we increase the data acumen and tradecraft, by not only attracting but developing, growing and resourcing the data savvy workforce?” she said. “So not just the talent we recruit, but the workforce we already have. How do we give people a chance to develop new skills and make them even more powerful and valuable to the community?”

Career pivots

IC data leaders are looking to create opportunities for intelligence professionals to start learning new skills related to digital technologies, data and cybersecurity, according to Morgan.

“It’s really very powerful when our domain experts learn some of the foundational skills for working with technology, working with automation, working with artificial intelligence, machine learning, being paired up with data scientists and data engineers,” she said.

The focus isn’t just on developing data professionals, but on building data aptitude across mission, business and policy areas, including acquisition, contracting, privacy and civil liberties, legal divisions and finance, according to Morgan.

“Frankly, it’s about supervisors, managers, leaders, senior executives at all levels of the organization,” she said. “Are we asking the right questions about data when it’s presented to us? Do we understand the data that’s driving our decision making and we say the words data driven decision making but how are we actually putting that into practice?”

Morgan noted the Fiscal Year 2022 National Defense Authorization Act requires the Office of Personnel Management to establish new occupational series for not just “data science,” but “data management” as well.

“I was really proud of helping influence some of the wording on that, because while I absolutely want to have a strong data science cadre, you need the full data management realm,” she said. “You need data managers, data policy experts, in addition to those data scientists and those data engineers.”

ODNI is also preparing to conduct the pilot phase of a new public-private talent exchange. It will allow intelligence officers to work temporarily in the private sector, and vice versa. The pilot phase will allow for six-month details, according to Morgan.

The pilot phase will include specific focus areas, including professionals working in data, as well as a category for artificial intelligence and machine learning, according to Morgan.

“Launching the pilot is a bit complicated, working through some of the security issues working through some of the acquisition and legal issues,” she said. “But our goal is really to help intelligence officers and private sector colleagues better understand each other’s mission, landscape, inject diverse thinking and gain new insights and really, hopefully create a more two way flow of talent skills and ideas.”

She also said it could help inculcate a culture where there’s more back-and-forth between the government and private sector.

“I don’t know that people will have the same sort of trajectory of a career that’s more only in the government or only in the private sector,” Morgan said. “I hope we’ll see more two-way movement and more continuous movement over the time of someone’s career. And again, selfishly, for me, this helps us grow our digital data and cyber savvy workforce with real world experiences.”

]]>
https://federalnewsnetwork.com/inside-ic/2022/05/outgoing-intelligence-community-data-chief-previews-forthcoming-data-strategy/feed/ 0
NGA looks to speed up software development with key metrics, ‘CORE’ capabilities https://federalnewsnetwork.com/intelligence-community/2022/04/nga-looks-to-speed-up-software-development-with-key-metrics-core-capabilities/ https://federalnewsnetwork.com/intelligence-community/2022/04/nga-looks-to-speed-up-software-development-with-key-metrics-core-capabilities/#respond Fri, 29 Apr 2022 18:50:15 +0000 https://federalnewsnetwork.com/?p=4035109 var config_4034846 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/federal-drive\/mp3\/042922_Justin_web_dnmj_306c40c7.mp3?awCollectionId=1146&awEpisodeId=8b2da77b-b2cc-4ce2-8861-67e5306c40c7&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/FD1500-150x150.jpg","title":"The NGA Software Way could improve the agency’s development process","description":"[hbidcpodcast podcastid='4034846']nnThe National Geospatial-Intelligence Agency is looking to deliver software more like the tech industry under a new strategy that sets key metrics for both internal development teams and contractors.nn<a href="https:\/\/www.nga.mil\/assets\/files\/The_NGA_Software_Way.pdf">\u201cThe NGA Software Way\u201d<\/a> lays out how the agency envisions delivering software faster and more consistently, as NGA\u2019s technology priorities increasingly revolve around software-enabled capabilities like automation and machine learning.nnOfficials believe automation, artificial intelligence and machine learning <a href="https:\/\/federalnewsnetwork.com\/space-operations\/2021\/10\/nga-looks-to-corral-satellite-imagery-other-data-in-push-for-synthetic-persistence\/">will be key at NGA<\/a> to analyzing a rapidly increasing volume of satellite imagery and other geospatial intelligence data that could overwhelm human analysts. NGA also recently took over Project Maven, <a href="https:\/\/federalnewsnetwork.com\/intelligence-community\/2022\/04\/pentagon-shifting-project-maven-marquee-artificial-intelligence-initiative-to-nga\/">a major AI program<\/a> that\u2019s been at the forefront of the Pentagon\u2019s recent software development projects.nnNGA\u2019s new software strategy describes three key metrics as \u201cavailability,\u201d \u201clead time for changes,\u201d and \u201cdeployment frequency.\u201d Each individual software product will have its own \u201cproduct-specific metrics\u201d as well, tailored to track how well the software is working for its users.nn\u201cWe put this out for really anyone delivering software at NGA,\u201d NGA Chief Technology Officer Alex Loehr said. \u201cThat could be government employees, industry, even commercial products that NGA is buying. There are significant parts of the software way that relate to how we want to work with those companies. And so we hope that this will set common expectations of how we can deliver useful software faster and for our mission.\u201dnnThe software strategy complements the NGA\u2019s recently released technology focus areas. The big priorities include assured positioning, navigation, timing and targeting; accelerated tasking orchestration; data access and data integrity; and analytic workflow modernization.nnLoehr said the software strategy is an \u201cimplementation guide\u201d for NGA\u2019s technology focus areas.nn\u201cIf the tech focus areas are the \u2018what,\u2019 the Software Way is \u2018how,\u2019\u201d he said.nnNGA wrote the \u201cSoftware Way\u201d based off of several existing documents, including the U.S. Digital Service\u2019s \u201cDigital Services Playbook,\u201d as well as the U.K. government\u2019s \u201cService Standard,\u201d according to Loehr. The agency also looked to research and data from industry, specifically from the DevOps Research and Assessment, or \u201cDORA,\u201d a company owned by Google\u2019s parent company, Alphabet.nnLoehr said NGA took best practices from those documents and used them as a foundation for the software strategy, while taking into account the more unique needs of an intelligence agency.nn\u201cSome of those other documents are much more about citizen facing services,\u201d he said. \u201cAt NGA, we do have some of those, but not everything we do is open and public. And so some of the elements from those other documents didn't fit exactly, but we were able to build off the core of those documents in order to learn from those who came before and did a lot of really hard work and grow in a way that matches what we need at NGA.\u201dnnNGA published an initial version of the document last year and received more than 300 pages of responses from 47 companies.nn\u201cWe got some feedback around things that were unclear, that didn't make sense, as well as lessons that we learned about how we need to work at NGA and work with our industry partners to make this document successful,\u201d Loehr said. \u201cSome of that didn't make it into the words of the document itself, but did start driving some work we're doing to make sure that as we implement the NGA Software Way, we're able to do it successfully.\u201dn<h2>CORE developments<\/h2>nTo help meet the goals of the strategy, NGA has established a Common Operating Release Environment, called \u201cCORE,\u201d to provide development teams with enterprise software delivery tools like version control, testing, and tracking and collaboration tools.nn\u201cHistorically, we've let different teams choose their tools and their different processes of how they build software,\u201d Loehr said. \u201cThat led to some really important things, but it also led to a lot of fragmentation. And what we're trying to do is build one set of tooling and one set of processes.\u201dnnMany pieces of CORE are already in place and being used by mission critical applications in some cases, according to Loehr, including version control, the \u201cCI\/CD\u201d pipeline, an API developer portal, and issue tracking and documentation spaces.nnEnterprise workflow orchestration and messaging tools, respectively, are still \u201cmore in the beta phase,\u201d Loehr said.nn\u201cThe core of the CORE around the version control, the pipeline, the developer portal, all that is live, real and being used today,\u201d he said. \u201cAnd we are looking at growing that usage pretty significantly.\u201dnnSeveral years ago, NGA began developing an in-house software developer corp. Now, NGA is also looking to build out a key competency in the form of product managers who can shepherd a software project through development successfully.nn"The person that acts as the interface between those end users and the development team and understands the vision for the product, creates the roadmap and makes sure that what is being built is actually both useful and actually used," Loehr said. "That's been a discipline that we are bringing into NGA, and then that we're helping grow. I think will be really important for our future on how we make sure that we are building not just any software, but the right software, and it's actually delivering on our mission."n<h2>\u2018Build low, push high\u2019<\/h2>nNGA is also increasingly developing its software in unclassified environments, called the \u201clow side\u201d in intelligence jargon, before it\u2019s pushed to the \u201chigh side,\u201d or a classified environment. The concept is \u201cbuild low, push high,\u201d according to Loehr.nn\u201cA lot of our workforce, and our contractor workforce doesn't want to be in a [Sensitive Compartmented Information Facility] every day,\u201d he said. \u201cAnd also a lot of our software itself isn't necessarily classified. The data that's in it might be classified, and often not in all cases, but often our software isn't.\u201dnnThe CORE tooling includes the ability to sync software versions across classified and unclassified domains, Loehr said, a key process for speeding up development.nn\u201cThose process pieces are almost just as important as technology pieces,\u201d he said. \u201cAnd enabling us to build low and move high, I think will help us move faster and really increase the diversity that we're able to have in the people working on our products and how that work gets done.\u201d"}};

The National Geospatial-Intelligence Agency is looking to deliver software more like the tech industry under a new strategy that sets key metrics for both internal development teams and contractors.

“The NGA Software Way” lays out how the agency envisions delivering software faster and more consistently, as NGA’s technology priorities increasingly revolve around software-enabled capabilities like automation and machine learning.

Officials believe automation, artificial intelligence and machine learning will be key at NGA to analyzing a rapidly increasing volume of satellite imagery and other geospatial intelligence data that could overwhelm human analysts. NGA also recently took over Project Maven, a major AI program that’s been at the forefront of the Pentagon’s recent software development projects.

NGA’s new software strategy describes three key metrics as “availability,” “lead time for changes,” and “deployment frequency.” Each individual software product will have its own “product-specific metrics” as well, tailored to track how well the software is working for its users.

“We put this out for really anyone delivering software at NGA,” NGA Chief Technology Officer Alex Loehr said. “That could be government employees, industry, even commercial products that NGA is buying. There are significant parts of the software way that relate to how we want to work with those companies. And so we hope that this will set common expectations of how we can deliver useful software faster and for our mission.”

The software strategy complements the NGA’s recently released technology focus areas. The big priorities include assured positioning, navigation, timing and targeting; accelerated tasking orchestration; data access and data integrity; and analytic workflow modernization.

Loehr said the software strategy is an “implementation guide” for NGA’s technology focus areas.

“If the tech focus areas are the ‘what,’ the Software Way is ‘how,’” he said.

NGA wrote the “Software Way” based off of several existing documents, including the U.S. Digital Service’s “Digital Services Playbook,” as well as the U.K. government’s “Service Standard,” according to Loehr. The agency also looked to research and data from industry, specifically from the DevOps Research and Assessment, or “DORA,” a company owned by Google’s parent company, Alphabet.

Loehr said NGA took best practices from those documents and used them as a foundation for the software strategy, while taking into account the more unique needs of an intelligence agency.

“Some of those other documents are much more about citizen facing services,” he said. “At NGA, we do have some of those, but not everything we do is open and public. And so some of the elements from those other documents didn’t fit exactly, but we were able to build off the core of those documents in order to learn from those who came before and did a lot of really hard work and grow in a way that matches what we need at NGA.”

NGA published an initial version of the document last year and received more than 300 pages of responses from 47 companies.

“We got some feedback around things that were unclear, that didn’t make sense, as well as lessons that we learned about how we need to work at NGA and work with our industry partners to make this document successful,” Loehr said. “Some of that didn’t make it into the words of the document itself, but did start driving some work we’re doing to make sure that as we implement the NGA Software Way, we’re able to do it successfully.”

CORE developments

To help meet the goals of the strategy, NGA has established a Common Operating Release Environment, called “CORE,” to provide development teams with enterprise software delivery tools like version control, testing, and tracking and collaboration tools.

“Historically, we’ve let different teams choose their tools and their different processes of how they build software,” Loehr said. “That led to some really important things, but it also led to a lot of fragmentation. And what we’re trying to do is build one set of tooling and one set of processes.”

Many pieces of CORE are already in place and being used by mission critical applications in some cases, according to Loehr, including version control, the “CI/CD” pipeline, an API developer portal, and issue tracking and documentation spaces.

Enterprise workflow orchestration and messaging tools, respectively, are still “more in the beta phase,” Loehr said.

“The core of the CORE around the version control, the pipeline, the developer portal, all that is live, real and being used today,” he said. “And we are looking at growing that usage pretty significantly.”

Several years ago, NGA began developing an in-house software developer corp. Now, NGA is also looking to build out a key competency in the form of product managers who can shepherd a software project through development successfully.

“The person that acts as the interface between those end users and the development team and understands the vision for the product, creates the roadmap and makes sure that what is being built is actually both useful and actually used,” Loehr said. “That’s been a discipline that we are bringing into NGA, and then that we’re helping grow. I think will be really important for our future on how we make sure that we are building not just any software, but the right software, and it’s actually delivering on our mission.”

‘Build low, push high’

NGA is also increasingly developing its software in unclassified environments, called the “low side” in intelligence jargon, before it’s pushed to the “high side,” or a classified environment. The concept is “build low, push high,” according to Loehr.

“A lot of our workforce, and our contractor workforce doesn’t want to be in a [Sensitive Compartmented Information Facility] every day,” he said. “And also a lot of our software itself isn’t necessarily classified. The data that’s in it might be classified, and often not in all cases, but often our software isn’t.”

The CORE tooling includes the ability to sync software versions across classified and unclassified domains, Loehr said, a key process for speeding up development.

“Those process pieces are almost just as important as technology pieces,” he said. “And enabling us to build low and move high, I think will help us move faster and really increase the diversity that we’re able to have in the people working on our products and how that work gets done.”

]]>
https://federalnewsnetwork.com/intelligence-community/2022/04/nga-looks-to-speed-up-software-development-with-key-metrics-core-capabilities/feed/ 0
Pentagon shifting Project Maven, marquee artificial intelligence initiative, to NGA https://federalnewsnetwork.com/intelligence-community/2022/04/pentagon-shifting-project-maven-marquee-artificial-intelligence-initiative-to-nga/ https://federalnewsnetwork.com/intelligence-community/2022/04/pentagon-shifting-project-maven-marquee-artificial-intelligence-initiative-to-nga/#respond Tue, 26 Apr 2022 21:43:25 +0000 https://federalnewsnetwork.com/?p=4029686 var config_4032761 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/aw.noxsolutions.com\/launchpod\/federal-drive\/mp3\/042822_Justin_web_mb4s_63124a3b.mp3?awCollectionId=1146&awEpisodeId=5f51606f-b769-44f7-87aa-098563124a3b&awNetwork=322"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2018\/12\/FD1500-150x150.jpg","title":"Pentagon shifting Project Maven, marquee artificial intelligence initiative, to NGA","description":"[hbidcpodcast podcastid='4032761']nnDENVER -- The National Geospatial-Intelligence Agency is evaluating the progress of \u201cProject Maven\u201d as it prepares to take over the artificial intelligence initiative and integrate it with a broader range of efforts to apply machine learning to geospatial intelligence.nnThe Biden administration is proposing to shift Project Maven to NGA as part of its fiscal year 2023 budget request. The program has been run out of the office of secretary of defense since its inception in 2017.nnNGA Director Vice Adm. Robert Sharp said the agency would be \u201ccalling on industry\u201d with regards to the Project Maven transition in the coming months. The agency has repeatedly <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2022\/01\/nga-cio-eyes-big-shifts-for-cloud-cybersecurity-and-machine-learning-in-2022\/">stressed<\/a> in recent years that it will need to use artificial intelligence and machine learning to process and analyze the fast growing amount of satellite imagery and other GEOINT data available from both government and commercial sources.nn\u201cWe want to move forward together, so we can deliver GEOINT at the pace that our warfighters and decision makers need,\u201d Sharp said during a Monday keynote address at the GEOINT conference here. \u201cWe have to be able to keep up with rapidly emerging digital trends. We have to be able to accelerate our ability to provide detections at the speed of mission, to give our customers tactical, operational and strategic advantage.\u201dnnNGA has been a partner to Project Maven since it started, helping to provide imagery and other data necessary for companies to train their algorithms, according to Mark Munsell, NGA\u2019s deputy director of data and digital innovation.nnAnd NGA has also been working on computer vision and machine learning projects, according to Munsell. He said NGA can \u201cbonus off all the things\u201d Project Maven has learned over the past five years and integrate the software projects into its own infrastructure.nn\u201cIt makes a lot of sense to bring these things together,\u201d Munsell said during a Tuesday media roundtable with reporters on the sidelines of GEOINT. \u201cDoesn't mean that we'll always operate the same way that Maven has operated. We\u2019ll do a really good assessment of what they've done. We bring in our subject matter experts, who are steeped in GEOINT for 30 years, some of the folks. They're the ultimate customer now to be able to assess utility, assess how we can continue to support our combat support partners in the military, and make modifications moving forward to make it better.\u201dnnThe agency is also hoping to avoid duplicative efforts, while sharing promising software across the military and intelligence components it supports.nn\u201cIf you've developed an algorithm that goes after certain objects in certain geographies and biomes that is successful, we will capitalize on that as a community and ensure that if someone else in the community needs that, we can provide that as a service to them,\u201d Munsell said.n<h2>Military AI pathfinder<\/h2>nProject Maven was established in 2017 \u201cto accelerate DOD\u2019s integration of big data and machine learning,\u201d then-Deputy Defense Secretary Bob Work wrote in a memo at the time. The project fielded its first algorithms for processing images and video captured by surveillance aircraft later that year.nnThe program served as an AI pathfinder for the Pentagon, preceding the establishment of the <a href="https:\/\/federalnewsnetwork.com\/artificial-intelligence\/2019\/02\/dod-rips-wrapping-paper-off-of-new-joint-ai-center\/">Joint AI Center.<\/a>nnIt also garnered major headlines in 2018 when thousands of Google engineers protested the company\u2019s involvement in the project. The company ended its involvement, later stating it would not develop AI applications in the areas of weaponry or surveillance.nnBut Project Maven continued to grow well past the controversy. The Pentagon requested $247 million for the Algorithmic Warfare Cross Functional Teams, aka Project Maven, in fiscal year 2022 after receiving $230 million for the program in FY 21.\u00a0 It has also been <a href="https:\/\/federalnewsnetwork.com\/defense-main\/2021\/05\/pentagon-wants-to-use-its-biggest-it-program-to-test-colorless-software-appropriation\/">among the programs<\/a> to pilot the use of a "colorless" software appropriation.nnIt\u2019s unclear how much the Pentagon is requesting for the program in FY 23 as it shifts to NGA, because the intelligence community\u2019s budget details are classified.nnBut the Defense Department\u2019s budget documents provide some detail on how Project Maven has advanced in recent years. The program aims to \u201caugment and automate\u201d the processing, exploitation and dissemination for full-motion video feeds from a range of unmanned aerial vehicles, including \u201cWAMI ISR,\u201d which stands for wide-area imagery intelligence, surveillance and reconnaissance.\u201dnnThe program is also fielding AI to automate analysis of military and commercial satellite imagery, according to the documents.nnThe program has also expanded beyond imagery in recent years. It also uses AI to exploit \u201cCEM,\u201d which stands for \u201ccapture enemy material\u201d in intelligence parlance, as well as \u201cmaritime\u201d intelligence and \u201cPAI,\u201d or publicly available information.nn\u201cMaven\u2019s AI, deep learning, and computer vision algorithms and insights are developed for use in theater to detect, classify, and track objects within images (e.g., persons, vehicles, and weapons) as well as provide other insights, such as with CEM, text-based, and other projects,\u201d the documents state.nnNGA is taking over the project\u2019s \u201cGEOINT AI services and capabilities,\u201d according to Sharp, and it\u2019s unclear what will happen to the capabilities the project has created for other categories of intelligence.nnWith the transition not expected to become effective until Oct. 1, NGA is currently doing the \u201cadministrative work\u201d to determine how to transition contracts, as well as get personnel and leadership in place, according to Munsell.nnAnd even as NGA evaluates how Project Maven fits into its broader portfolio, Munsell also emphasized that there will be \u201cno pause\u201d in the project\u2019s ongoing activities.nn\u201cThe assessment is not a pause,\u201d he said. \u201cIt's our charge, as GEOINT functional manager, to help prioritize, to help others understand the investments, and then with data and statistics, offer opportunities to improve.\u201d"}};

DENVER — The National Geospatial-Intelligence Agency is evaluating the progress of “Project Maven” as it prepares to take over the artificial intelligence initiative and integrate it with a broader range of efforts to apply machine learning to geospatial intelligence.

The Biden administration is proposing to shift Project Maven to NGA as part of its fiscal year 2023 budget request. The program has been run out of the office of secretary of defense since its inception in 2017.

NGA Director Vice Adm. Robert Sharp said the agency would be “calling on industry” with regards to the Project Maven transition in the coming months. The agency has repeatedly stressed in recent years that it will need to use artificial intelligence and machine learning to process and analyze the fast growing amount of satellite imagery and other GEOINT data available from both government and commercial sources.

“We want to move forward together, so we can deliver GEOINT at the pace that our warfighters and decision makers need,” Sharp said during a Monday keynote address at the GEOINT conference here. “We have to be able to keep up with rapidly emerging digital trends. We have to be able to accelerate our ability to provide detections at the speed of mission, to give our customers tactical, operational and strategic advantage.”

NGA has been a partner to Project Maven since it started, helping to provide imagery and other data necessary for companies to train their algorithms, according to Mark Munsell, NGA’s deputy director of data and digital innovation.

And NGA has also been working on computer vision and machine learning projects, according to Munsell. He said NGA can “bonus off all the things” Project Maven has learned over the past five years and integrate the software projects into its own infrastructure.

“It makes a lot of sense to bring these things together,” Munsell said during a Tuesday media roundtable with reporters on the sidelines of GEOINT. “Doesn’t mean that we’ll always operate the same way that Maven has operated. We’ll do a really good assessment of what they’ve done. We bring in our subject matter experts, who are steeped in GEOINT for 30 years, some of the folks. They’re the ultimate customer now to be able to assess utility, assess how we can continue to support our combat support partners in the military, and make modifications moving forward to make it better.”

The agency is also hoping to avoid duplicative efforts, while sharing promising software across the military and intelligence components it supports.

“If you’ve developed an algorithm that goes after certain objects in certain geographies and biomes that is successful, we will capitalize on that as a community and ensure that if someone else in the community needs that, we can provide that as a service to them,” Munsell said.

Military AI pathfinder

Project Maven was established in 2017 “to accelerate DOD’s integration of big data and machine learning,” then-Deputy Defense Secretary Bob Work wrote in a memo at the time. The project fielded its first algorithms for processing images and video captured by surveillance aircraft later that year.

The program served as an AI pathfinder for the Pentagon, preceding the establishment of the Joint AI Center.

It also garnered major headlines in 2018 when thousands of Google engineers protested the company’s involvement in the project. The company ended its involvement, later stating it would not develop AI applications in the areas of weaponry or surveillance.

But Project Maven continued to grow well past the controversy. The Pentagon requested $247 million for the Algorithmic Warfare Cross Functional Teams, aka Project Maven, in fiscal year 2022 after receiving $230 million for the program in FY 21.  It has also been among the programs to pilot the use of a “colorless” software appropriation.

It’s unclear how much the Pentagon is requesting for the program in FY 23 as it shifts to NGA, because the intelligence community’s budget details are classified.

But the Defense Department’s budget documents provide some detail on how Project Maven has advanced in recent years. The program aims to “augment and automate” the processing, exploitation and dissemination for full-motion video feeds from a range of unmanned aerial vehicles, including “WAMI ISR,” which stands for wide-area imagery intelligence, surveillance and reconnaissance.”

The program is also fielding AI to automate analysis of military and commercial satellite imagery, according to the documents.

The program has also expanded beyond imagery in recent years. It also uses AI to exploit “CEM,” which stands for “capture enemy material” in intelligence parlance, as well as “maritime” intelligence and “PAI,” or publicly available information.

“Maven’s AI, deep learning, and computer vision algorithms and insights are developed for use in theater to detect, classify, and track objects within images (e.g., persons, vehicles, and weapons) as well as provide other insights, such as with CEM, text-based, and other projects,” the documents state.

NGA is taking over the project’s “GEOINT AI services and capabilities,” according to Sharp, and it’s unclear what will happen to the capabilities the project has created for other categories of intelligence.

With the transition not expected to become effective until Oct. 1, NGA is currently doing the “administrative work” to determine how to transition contracts, as well as get personnel and leadership in place, according to Munsell.

And even as NGA evaluates how Project Maven fits into its broader portfolio, Munsell also emphasized that there will be “no pause” in the project’s ongoing activities.

“The assessment is not a pause,” he said. “It’s our charge, as GEOINT functional manager, to help prioritize, to help others understand the investments, and then with data and statistics, offer opportunities to improve.”

]]>
https://federalnewsnetwork.com/intelligence-community/2022/04/pentagon-shifting-project-maven-marquee-artificial-intelligence-initiative-to-nga/feed/ 0
Agencies look to get a handle on increasingly complex network “attack surface” https://federalnewsnetwork.com/federal-insights/2022/04/agencies-look-to-get-a-handle-on-increasingly-complex-network-attack-surface/ https://federalnewsnetwork.com/federal-insights/2022/04/agencies-look-to-get-a-handle-on-increasingly-complex-network-attack-surface/#respond Fri, 22 Apr 2022 18:43:05 +0000 https://federalnewsnetwork.com/?p=4022529 Agencies are modernizing their IT infrastructure, moving their data into cloud computing services and adopting modern software practices.

The IT efforts are all a step in a positive direction, but they also carry with them the burden of increasing network complexity, according to Cody Pierce, chief product officer at Looking Glass. Add in a post-pandemic, distributed workforce that is accessing services remotely, and secure teams are looking at a more complicated picture than ever before.

But efforts are underway to get a handle on that complexity. President Joe Biden’s cybersecurity executive order from last May and the resulting zero trust strategy published in February both direct agencies to inventory their devices, categorize and protect their data, and break down their network perimeters into isolated environments, among numerous other actions.

“It’s really good to have that direction and those orders,” Pierce said. “We have to think about cybersecurity, not just for the problems we have today, but the problems that we’re going to have in 10 years. How do we modernize our agencies, our infrastructure? How do we put cybersecurity front and center, so that it is a part of the planning and expansion process?”

Many of the administration’s efforts are tied into gaining greater visibility into the software and hardware that agencies are using. The executive order, for example, directed agencies to come up with a way to use Software Bills of Material, or SBOMs, to provide an inventory of a codebase used in any given product.

The potential necessity for such a measure was highlighted when agencies and other organizations had to grapple with the Log4Shell vulnerabilities discovered in the open source Apache software logging library Log4j last December. The discovery sent security teams scrambling to determine where they had instances of Log4j in their critical and Internet-facing systems.

Pierce said organizations should do a “table top exercise” to take away some lessons from the Log4j vulnerabilities, which are still active today, and determine how they can improve their defenses and response going forward. The newly established Cyber Incident Review Board at the Department of Homeland Security is in the midst of such a review, and it plans to issue a report on Log4j this summer.

“That was an interesting case of needing a software inventory, not just across your internally developed software, but the software that you use in your public facing, your vendors and suppliers, your cloud provider, your services, software-as-a-service,” Pierce said. “So we talk about attack surface, it’s a really great way to see how complicated that attack surface gets.”

The White House is now pushing agencies to adopt a “zero trust” security mindset through a new directive issued earlier this year. The federal zero trust architecture strategy looks to transition agencies away from a perimeter-based security model, to a construct where no user or device is trusted inside or outside a network.

“The intent is really strong,” Pierce said. “And that’s have good visibility about your external attack surface. Have a plan for authenticating everybody that gets access to that system. And then have a way to log and manage that access for your response teams.”

]]>
https://federalnewsnetwork.com/federal-insights/2022/04/agencies-look-to-get-a-handle-on-increasingly-complex-network-attack-surface/feed/ 0
Intel community weighs role of open source intelligence amid Ukraine conflict https://federalnewsnetwork.com/inside-ic/2022/04/intel-community-weighs-role-of-open-source-intelligence-amid-ukraine-conflict/ https://federalnewsnetwork.com/inside-ic/2022/04/intel-community-weighs-role-of-open-source-intelligence-amid-ukraine-conflict/#respond Wed, 20 Apr 2022 21:39:58 +0000 https://federalnewsnetwork.com/?p=4018771 var config_4019510 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/podone.noxsolutions.com\/media\/2252\/episodes\/042022_InsideTheIC_FullEpisode_Mixdown_1q7o.mp3"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/02\/183879-image-1644619204-150x150.jpg","title":"How spy agencies use open source intelligence","description":"[hbidcpodcast podcastid='4019510']nnIntelligence agencies have struggled to define how open source intelligence fits into its broader work, but the wide breadth of publicly available information about the Ukraine conflict, combined with proactive disclosures of classified information, are providing some clarity about OSINT\u2019s role.nnDuring an appearance at the Center for Strategic and International Studies last week, Principal Deputy Director of National Intelligence Stacey Dixon said publicly available satellite imagery, for instance, puts the intelligence community \u201cin a different place\u201d in not being the sole arbiter of information about a foreign conflict like the one in Ukraine.nnCommercial satellite imagery helped expose Russia\u2019s build-up of forces prior to the invasion, and since then, such imagery has helped publicly track the conflict\u2019s progression in detail.nn\u201cWithin the community, I think we have been thinking about open source information and how it actually fits into the intelligence enterprise for quite a while,\u201d Dixon said. \u201cThere's a lot of really useful information out there and so figuring out how do we legally, keeping in mind privacy and civil liberties, how do we bring in the information that's useful and see how we can complement the classified information we have in terms of being able to provide insights to our customers.\u201dnnOSINT represents a rapidly expanding world of social media feeds, commercial satellite imagery, cell phone videos and other internet-derived information that allow professional and amateur analysts alike to investigate events happening around the world without the need for classified information.nnBut Dixon said the U.S. intelligence analysts bring a known amount of \u201crigor\u201d to their work, while measuring the quality of outside analysis can be difficult.nn\u201cI know the rigor with which our analysts interpret information,\u201d she said. \u201cI don't know the rigor with which all other analysts interpret information.\u201dnn\u201cI've seen sometimes others with perhaps less rigor in their analysis make statements and claims that you really can't tell from that information itself, it may be a logical next step, but our intelligence is based on what we actually see or hear or what we actually measure,\u201d Dixon added.nnThe IC traditionally defined open source intelligence as foreign newspapers and other media. The various definitions of "OSINT" in the intelligence community have evolved over the years to also capture media from the internet, but they remain vague and vary across agencies, according to a <a href="https:\/\/www.csis.org\/analysis\/move-over-jarvis-meet-oscar">January report<\/a> from the Center for Strategic and International Studies foundnnThe CSIS report says the intelligence community \u201chas not yet warmed\u201d to OSINT, and is yet to take advantage of artificial intelligence and machine learning tools to make sense of vast amounts of publicly available information.nn\u201cFor the intelligence community to meet its mission of \u2018all-source\u2019 analysis, it cannot afford to ignore a wealth of available data solely because it is unclassified,\u201d the report states. \u201cIn a best-case scenario, the IC will lose policymaker attention and trust as they compete with private intelligence. But the worst case scenario is more problematic: U.S. adversaries are pursuing this same technology aggressively and outstripping IC capabilities.\u201dnnLauren Zabierek, a former intelligence officer and executive director of the Cyber Project at Harvard Kennedy School's Belfer Center, said the CSIS report provides a good overview of the myriad policy, legal and cultural challenges that can constrain the use of OSINT within the intelligence community.nn\u201cAnalysts want to do a good job, they want to be able to use information in their analyses,\u201d Zabierek said on \u201cInside the IC.\u201d \u201cBut there are a lot of different issues that I think the community and even Congress really need to address.\u201dnnShe said Congress could improve how it sets budgets and requirements to advance the role of OSINT, while both Congress and the executive branch need to work through legal issues governing how analysts can use publicly available information, so they can do so while ensuring privacy and civil liberties are protected.nnMaria Robson, program coordinator of the Intelligence Project at the Belfer Center, studies how the private sector has increasingly built up OSINT tradecraft over the last two decades. She said while some people retain their security clearances when they move to the private sector, the clearances aren\u2019t providing \u201cnuggets of gold\u201d compared to OSINT.nn\u201cA lot of it is just the power of open source information in a way that didn't exist 10 or 20 years ago,\u201d Robson said on \u201cInside the IC.\u201d \u201cThe distinction that we see here with public and private is the extent of the training on open source intelligence analysis that exists in the private sector that doesn't necessarily exist in the government because of the access to classified information. And so one of the things I think we need to see is learning from those private sector models in terms of how to train analysts and how to effectively take advantage of all the open source intelligence available.\u201d"}};

Intelligence agencies have struggled to define how open source intelligence fits into its broader work, but the wide breadth of publicly available information about the Ukraine conflict, combined with proactive disclosures of classified information, are providing some clarity about OSINT’s role.

During an appearance at the Center for Strategic and International Studies last week, Principal Deputy Director of National Intelligence Stacey Dixon said publicly available satellite imagery, for instance, puts the intelligence community “in a different place” in not being the sole arbiter of information about a foreign conflict like the one in Ukraine.

Commercial satellite imagery helped expose Russia’s build-up of forces prior to the invasion, and since then, such imagery has helped publicly track the conflict’s progression in detail.

“Within the community, I think we have been thinking about open source information and how it actually fits into the intelligence enterprise for quite a while,” Dixon said. “There’s a lot of really useful information out there and so figuring out how do we legally, keeping in mind privacy and civil liberties, how do we bring in the information that’s useful and see how we can complement the classified information we have in terms of being able to provide insights to our customers.”

OSINT represents a rapidly expanding world of social media feeds, commercial satellite imagery, cell phone videos and other internet-derived information that allow professional and amateur analysts alike to investigate events happening around the world without the need for classified information.

But Dixon said the U.S. intelligence analysts bring a known amount of “rigor” to their work, while measuring the quality of outside analysis can be difficult.

“I know the rigor with which our analysts interpret information,” she said. “I don’t know the rigor with which all other analysts interpret information.”

“I’ve seen sometimes others with perhaps less rigor in their analysis make statements and claims that you really can’t tell from that information itself, it may be a logical next step, but our intelligence is based on what we actually see or hear or what we actually measure,” Dixon added.

The IC traditionally defined open source intelligence as foreign newspapers and other media. The various definitions of “OSINT” in the intelligence community have evolved over the years to also capture media from the internet, but they remain vague and vary across agencies, according to a January report from the Center for Strategic and International Studies found

The CSIS report says the intelligence community “has not yet warmed” to OSINT, and is yet to take advantage of artificial intelligence and machine learning tools to make sense of vast amounts of publicly available information.

“For the intelligence community to meet its mission of ‘all-source’ analysis, it cannot afford to ignore a wealth of available data solely because it is unclassified,” the report states. “In a best-case scenario, the IC will lose policymaker attention and trust as they compete with private intelligence. But the worst case scenario is more problematic: U.S. adversaries are pursuing this same technology aggressively and outstripping IC capabilities.”

Lauren Zabierek, a former intelligence officer and executive director of the Cyber Project at Harvard Kennedy School’s Belfer Center, said the CSIS report provides a good overview of the myriad policy, legal and cultural challenges that can constrain the use of OSINT within the intelligence community.

“Analysts want to do a good job, they want to be able to use information in their analyses,” Zabierek said on “Inside the IC.” “But there are a lot of different issues that I think the community and even Congress really need to address.”

She said Congress could improve how it sets budgets and requirements to advance the role of OSINT, while both Congress and the executive branch need to work through legal issues governing how analysts can use publicly available information, so they can do so while ensuring privacy and civil liberties are protected.

Maria Robson, program coordinator of the Intelligence Project at the Belfer Center, studies how the private sector has increasingly built up OSINT tradecraft over the last two decades. She said while some people retain their security clearances when they move to the private sector, the clearances aren’t providing “nuggets of gold” compared to OSINT.

“A lot of it is just the power of open source information in a way that didn’t exist 10 or 20 years ago,” Robson said on “Inside the IC.” “The distinction that we see here with public and private is the extent of the training on open source intelligence analysis that exists in the private sector that doesn’t necessarily exist in the government because of the access to classified information. And so one of the things I think we need to see is learning from those private sector models in terms of how to train analysts and how to effectively take advantage of all the open source intelligence available.”

]]>
https://federalnewsnetwork.com/inside-ic/2022/04/intel-community-weighs-role-of-open-source-intelligence-amid-ukraine-conflict/feed/ 0
Intel agencies advance artificial intelligence in patches, struggle with big breakthroughs https://federalnewsnetwork.com/intelligence-community/2022/04/intel-agencies-advance-artificial-intelligence-in-patches-struggle-with-big-breakthroughs/ https://federalnewsnetwork.com/intelligence-community/2022/04/intel-agencies-advance-artificial-intelligence-in-patches-struggle-with-big-breakthroughs/#respond Wed, 13 Apr 2022 11:45:48 +0000 https://federalnewsnetwork.com/?p=4007245

Intelligence agencies are seeing some success in using automation and machine learning for narrow applications, but officials say a more “integrated” approach is needed to truly transform tradecraft using artificial intelligence technologies.

The National Geospatial-Intelligence Agency has been leveraging tools like natural language processing and automation for years to help analyze and share satellite imagery and other intelligence, according to Jim McCool, director of NGA’s Data and Digital Innovation Directorate.

McCool said his eight-month-old directorate is trying to advance NGA efforts in AI, machine learning and computer vision by focusing on customer outcomes.

“What we’re working on today is automating the existing work or the existing workflow or process,” McCool said April 11 at the Intelligence and National Security Alliance’s spring symposium in Arlington, VA.  “And right around the corner is an enormous increase in GEOINT imagery that’s coming.”

“We only have a few areas in which the teams have envisioned moving away from the transactional use of the source, to the streaming, like on Wall Street where they don’t look at the flow of data constantly,” he continued. “When some activity moves outside a norm, or below a threshold or just some measure is met, or a circumstance is met, then that gets the attention of someone responsible.”

Some officials say grassroots AI projects will lead to an eventual, larger scale evolution in how the intelligence community carries out its work.

The National Counterterrorism Center’s Futures Group recently completed a proof of concept on a tool that will allow the center to “try some new stuff” on legacy systems, according to Sarah Hengemuhle, chief of the Futures Group.

“Those small steps are what’s most critical to help that mission customer with their pain point,” Hengemuhle said. “And then we can use those lessons that we learned from that engagement and feed it into development of larger systems. So we’re taking the small steps that we can and trying to amplify those outcomes to the enterprise.”

The National Security Agency is using human language technology in multiple ways, including speaker identification, speech-to-text processing, and machine translation with the ability to process over 90 types of languages, according to James Lampton, who works in the NSA’s Capabilities Directorate.

Lampton said his goal is to “normalize AI” across the NSA.

“Everybody’s familiar with the heroic moonshots and everything like that, but any practitioner will tell you that you don’t really know if something’s going to work until you try it,” Lampton said. “So how do I lower the cost of that experimentation, do it in a manner, in an environment where I transition from pilot phase to experimentation to small operational use to at-scale.”

The Central Intelligence Agency is also updating its AI strategy, according to Lakshmi Raman, chief of AI at the CIA.

“We’re really working toward the whole-of-agency approach towards AI,” Raman said. “We want to go across collection, analysis, operations, digital innovation, S&T, acquisition, legal, finance. We want everybody to feel a part of this strategy.”

But officials conceded they need a better way to communicate their own successes and challenges across agencies.

“How do we in the community that are doing AI quickly come together to learn what each other’s working on?” said Heather Martin, NGA’s deputy director for plans, programs and strategy, data and digital innovation.

“We have all these forums across the IC where we are sharing information on this and we’re working together,” she continued. “But it’s almost not enough. And people are so busy just developing these things that it’s really hard to kind of take a pause and come a level up and say, ‘Okay, let’s get in a room, who’s got what and how can we host it in one place, so that the customer and everyone else in the community can get to it really quickly?’”

AIM initiative attempts to tend a ‘garden’ of AI

The Office of the Director of National Intelligence is organizing the IC’s disparate artificial intelligence and machine learning efforts under a common framework through the “Augmenting Intelligence Using Machines,” or “AIM,” Initiative.

Ryan Carpenter, a program analyst for the AIM Initiative, compared the various AI and ML initiatives across intelligence agencies to a field of flowers.

“The way that the IC has grown, the way that capabilities have grown and moved along, there needs to be a more integrated approach,” Carpenter said. “The field has been planted, but it’s now a disorganized field and now we are trying to make a garden from a field.”

ODNI is helping to develop common standards and API’s to, for example, speed up the notorious “authority-to-operate” security verification process, according to John Beieler, director of science and technology at ODNI.

The aim is “standardizing these things, and then publishing them out and then enforcing those standards across the IC, to say, ‘Hey, here’s how we build things cross agency,’” Beieler said. “So that there’s a model at NGA, it can transfer to CIA and vice versa. So we can build once and apply widely.”

Congress is also asking questions about the intelligence community’s enterprise strategy. The Fiscal Year 2022 Intelligence Authorization Act requires the director of national intelligence to coordinate with agencies and send Congress a plan for an “artificial intelligence digital ecosystem.” The plan is due next March.

The plan should detail the “development and resourcing of a modern digital ecosystem that embraces state-of-the-art tools and modern processes to enable development, testing, fielding and continuous updating of artificial intelligence-powered applications at speed and scale from headquarters to the tactical edge.”

ODNI prepares to roll out talent exchange

Multiple officials said one of their greatest challenges is recruiting and retaining data scientists, a problem that’s further exacerbated by lengthy wait times to get new employees a security clearance.

“It’s really hard to find data scientists, recruiting and getting them in the door,” Martin said. “We certainly spend a lot of time on what is our recruiting strategy going to look like in the next year or so.”

Nancy Morgan, the chief data officer at ODNI, said her team is also looking at ways agencies can retrain their existing workforce.

“I can’t go get enough people fast enough, so what can I do about changing the skill set of the population I have?” Morgan said.

ODNI is also preparing to release details on a Public-Private Talent Exchange that will allow intelligence officers to work in the private sector, and vice versa. Morgan said the exchange will include distinct categories, including AI and data. It will start off with a series of pilots, allowing for exchanges of up to six months.

Morgan said ODNI plans to release a Broad Agency Announcement with further details on the exchange.

“Now we’re going to try it in a pilot phase at a smaller scale, because we’ve got to iron out some process things on both sides,” she said. “We’ve got some lawyers to work through on both sides. But there’s really a lot of energy and excitement about the possibility.”

]]>
https://federalnewsnetwork.com/intelligence-community/2022/04/intel-agencies-advance-artificial-intelligence-in-patches-struggle-with-big-breakthroughs/feed/ 0
CISA highlights new reporting hotline amid warnings about potential Russian cyber attacks https://federalnewsnetwork.com/inside-ic/2022/03/cisa-highlights-new-reporting-hotline-amid-warnings-about-potential-russian-cyber-attacks/ https://federalnewsnetwork.com/inside-ic/2022/03/cisa-highlights-new-reporting-hotline-amid-warnings-about-potential-russian-cyber-attacks/#respond Tue, 22 Mar 2022 23:00:25 +0000 https://federalnewsnetwork.com/?p=3972776 var config_3974101 = {"options":{"theme":"hbidc_default"},"extensions":{"Playlist":[]},"episode":{"media":{"mp3":"https:\/\/dts.podtrac.com\/redirect.mp3\/pdst.fm\/e\/chrt.fm\/track\/E2G895\/podone.noxsolutions.com\/media\/2252\/episodes\/032322_InsidetheIC_FullEpisode_MixDown_10c4.mp3"},"coverUrl":"https:\/\/federalnewsnetwork.com\/wp-content\/uploads\/2022\/02\/183879-image-1644619204-150x150.jpg","title":"The evolving state of cyber threats in the Russia-Ukraine conflict","description":"[hbidcpodcast podcastid='3974101']nnThe Cybersecurity and Infrastructure Security Agency is highlighting basic cybersecurity standards, a new incident reporting hotline and its known exploited vulnerability catalog, among other measures, as the White House takes an \u201cunprecedented\u201d step in raising a specific warning about potential Russian cyber attacks.nnThe White House on Monday warned it had \u201cevolving intelligence\u201d showing the Russian government may be preparing cyber attacks on U.S. critical infrastructure in response to sanctions levied on Moscow after its invasion of Ukraine.nnDuring a media roundtable hosted by NeoSystems on Tuesday, CISA chief of staff Kiersten Todt said the agency is focused on promoting resiliency across U.S. networks. The agency has been running a <a href="https:\/\/www.cisa.gov\/shields-up">"Shields Up" website<\/a> since Russia invaded Ukraine as a resource for information about potential Russian cyber activities.nn\u201cThe good news there is that often it doesn't require a lot of sophistication necessarily,\u201d Todt said. \u201cWe've got to raise the baseline. And that's why the call to action for encryption, for patching, for multifactor authentication. These are all still the basics that really need to be executed and instituted across the board.\u201dnnCongress also recently passed legislation requiring critical infrastructure operators to report cyber incidents to CISA within 72 hours. But the requirements won\u2019t become effective until CISA finalizes the regulations through a rulemaking process.nnHowever, Todt said CISA recently launched a new hotline, report@cisa.gov, that companies can use if they want to voluntarily report incidents to CISA. The United States Computer Emergency Readiness Team, an organization within CISA, is responsible for coordinating incident response activities.nnTodt said CISA has been working to \u201ccreate trust for incident reporting\u201d by working closely with the private sector through mechanisms like the Joint Cyber Defense Collaborative.nn\u201cThis is such a critical tool, the ability to report incidents in a timely way so that CISA can then take that information and share it across sectors,\u201d she said.nnThe White House\u2019s decision to issue a public warning about specific Russian preparatory actions is an \u201cextraordinary\u201d step after weeks of more generalized statements about Russian cyber threats, according to Glenn Gerstell, former general counsel at the NSA and senior advisor at the Center for Strategic and International Studies.nn\u201cThat's really unprecedented for the President to do this,\u201d Gerstell said during the roundtable. \u201cIt sounds like there's a specific intelligence behind this.\u201dnnWhile the warning may have been unprecedented, some members of the information security community have complained the White House alert was light on details about specific cyber threat intelligence.nnTim Kosiba, the former head of the National Security Agency\u2019s Tailored Access Operations Unit, said public-private collaboration mechanisms like the JCDC and the NSA\u2019s new Cybersecurity Collaboration Center offer venues where officials can share more threat information with industry. Kosiba is now chief executive of bracket f, a government-focused subsidiary of cybersecurity firm Redacted.nn\u201cClearly, there's a reason why information is kept classified, for important reasons, and we, we need to be able to respect that,\u201d Kosiba said in an interview on <a href="https:\/\/federalnewsnetwork.com\/shows\/inside-the-ic-podcast\/">Inside the IC.<\/a> \u201cBut at the same time, we need to be able to partner with private companies, certainly partner with industries throughout our country to ensure that our capabilities are what they need to be.\u201dnnCISA has also continued to update its \u201cKnown Exploited Vulnerabilities Catalog,\u201d including with cybersecurity exploits used by Russia-linked groups, according to Todt. The catalog was established last year under a Binding Operational Directive that requires agencies to patch the listed vulnerabilities within specific time frames.nn\u201cThere's so much data, there's so much out there that if we can help curate that, certainly for the purposes of this conflict, this crisis, this war, then we are we are helping out and we're moving forward,\u201d Todt said.nnKosiba also noted private sector officials in key areas like the energy and financial sectors, respectively, often hold security clearances to receive more sensitive cyber threat information.nn\u201cThere's a ton of sharing that's actually going on, and it will continue to evolve and get better,\u201d Kosiba said. \u201cThe methods and procedures that that the intelligence community uses clearly need to stay classified. But the information that is gleaned from what our adversaries want to actually do to us, or where they want to operate, is incredibly important for industry to be able to develop their defensive capabilities.\u201dnnThe former NSA official said Russia may be particularly focused on areas where sanctions are affecting their economy and citizens.nn\u201cI would clearly think it is in Putin's mind that that he could have an impact of the citizens of this country,\u201d Kosiba said. \u201cEspecially where we are with the sanctions that are being levied on Russia today, certainly impacting their financial sector, their energy sector. So if you think about proportionality, several of those sectors could be targeted by the Russians.\u201d"}};

The Cybersecurity and Infrastructure Security Agency is highlighting basic cybersecurity standards, a new incident reporting hotline and its known exploited vulnerability catalog, among other measures, as the White House takes an “unprecedented” step in raising a specific warning about potential Russian cyber attacks.

The White House on Monday warned it had “evolving intelligence” showing the Russian government may be preparing cyber attacks on U.S. critical infrastructure in response to sanctions levied on Moscow after its invasion of Ukraine.

During a media roundtable hosted by NeoSystems on Tuesday, CISA chief of staff Kiersten Todt said the agency is focused on promoting resiliency across U.S. networks. The agency has been running a “Shields Up” website since Russia invaded Ukraine as a resource for information about potential Russian cyber activities.

“The good news there is that often it doesn’t require a lot of sophistication necessarily,” Todt said. “We’ve got to raise the baseline. And that’s why the call to action for encryption, for patching, for multifactor authentication. These are all still the basics that really need to be executed and instituted across the board.”

Congress also recently passed legislation requiring critical infrastructure operators to report cyber incidents to CISA within 72 hours. But the requirements won’t become effective until CISA finalizes the regulations through a rulemaking process.

However, Todt said CISA recently launched a new hotline, report@cisa.gov, that companies can use if they want to voluntarily report incidents to CISA. The United States Computer Emergency Readiness Team, an organization within CISA, is responsible for coordinating incident response activities.

Todt said CISA has been working to “create trust for incident reporting” by working closely with the private sector through mechanisms like the Joint Cyber Defense Collaborative.

“This is such a critical tool, the ability to report incidents in a timely way so that CISA can then take that information and share it across sectors,” she said.

The White House’s decision to issue a public warning about specific Russian preparatory actions is an “extraordinary” step after weeks of more generalized statements about Russian cyber threats, according to Glenn Gerstell, former general counsel at the NSA and senior advisor at the Center for Strategic and International Studies.

“That’s really unprecedented for the President to do this,” Gerstell said during the roundtable. “It sounds like there’s a specific intelligence behind this.”

While the warning may have been unprecedented, some members of the information security community have complained the White House alert was light on details about specific cyber threat intelligence.

Tim Kosiba, the former head of the National Security Agency’s Tailored Access Operations Unit, said public-private collaboration mechanisms like the JCDC and the NSA’s new Cybersecurity Collaboration Center offer venues where officials can share more threat information with industry. Kosiba is now chief executive of bracket f, a government-focused subsidiary of cybersecurity firm Redacted.

“Clearly, there’s a reason why information is kept classified, for important reasons, and we, we need to be able to respect that,” Kosiba said in an interview on Inside the IC. “But at the same time, we need to be able to partner with private companies, certainly partner with industries throughout our country to ensure that our capabilities are what they need to be.”

CISA has also continued to update its “Known Exploited Vulnerabilities Catalog,” including with cybersecurity exploits used by Russia-linked groups, according to Todt. The catalog was established last year under a Binding Operational Directive that requires agencies to patch the listed vulnerabilities within specific time frames.

“There’s so much data, there’s so much out there that if we can help curate that, certainly for the purposes of this conflict, this crisis, this war, then we are we are helping out and we’re moving forward,” Todt said.

Kosiba also noted private sector officials in key areas like the energy and financial sectors, respectively, often hold security clearances to receive more sensitive cyber threat information.

“There’s a ton of sharing that’s actually going on, and it will continue to evolve and get better,” Kosiba said. “The methods and procedures that that the intelligence community uses clearly need to stay classified. But the information that is gleaned from what our adversaries want to actually do to us, or where they want to operate, is incredibly important for industry to be able to develop their defensive capabilities.”

The former NSA official said Russia may be particularly focused on areas where sanctions are affecting their economy and citizens.

“I would clearly think it is in Putin’s mind that that he could have an impact of the citizens of this country,” Kosiba said. “Especially where we are with the sanctions that are being levied on Russia today, certainly impacting their financial sector, their energy sector. So if you think about proportionality, several of those sectors could be targeted by the Russians.”

]]>
https://federalnewsnetwork.com/inside-ic/2022/03/cisa-highlights-new-reporting-hotline-amid-warnings-about-potential-russian-cyber-attacks/feed/ 0
There’s a lot of new you need to know about the security clearance scene https://federalnewsnetwork.com/workforce-rightsgovernance/2022/03/theres-a-lot-of-new-you-need-to-know-about-the-security-clearance-scene/ https://federalnewsnetwork.com/workforce-rightsgovernance/2022/03/theres-a-lot-of-new-you-need-to-know-about-the-security-clearance-scene/#respond Tue, 22 Mar 2022 17:15:39 +0000 https://federalnewsnetwork.com/?p=3971825

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

Security clearances, how to get them what you can do with them is an ever-changing topic. And the last couple of years have brought quite a few changes, especially since the machinery moved from the Office of Personnel Management to the Defense Department. Here was an update: two attorneys from the federal employee-focused law firm Kalijarvi, Chuzi, Newman & Fitch, Managing Partner, Elaine Fitch and partner Mary Kuntz, spoke with Federal Drive with Tom Temin .

Interview transcript

Tom Temin: Alright, let’s begin with what you think is the most significant change in the security clearance process and how that’s manifested in the experience of people trying to get it.

Mary Kuntz: The most significant change is, of course, when the National Background Investigations Bureau, which was created in 2016, was then moved back over to the Department of Defense and subsumed within the newly created organization, the Defense Counterintelligence and Security Agency (DCSA). We’ll talk about this a little bit more, but we have Trusted Workforce 2.0, we have the notion of reciprocity, we have continuous evaluation, all of this is wrapped up within DCSAs new processes. And the goal, of course, is to have one process for everybody. And, you know, that would be fantastic. Because at this point, some people have greater due process than others do, depending on what type of position they hold. And it’s not a fair process all the way around. And, again, we’ll talk more about reciprocity in just a moment.

Tom Temin: But Mary, also, is it fair to say that even within, say, the intelligence community, there’s variation among the components there, let alone across the whole government, from DoD to the civilian agencies?

Elaine Fitch: Well, there’s definitely variation because the agencies get to make their own choices. But what we have seen over the last decade really is an attempt to sort of bring these processes in line, we’ve got standard adjudicative guidelines, we’ve got standardizing processes, the Office of the Director of National Intelligence, which is in charge of security clearances, the security executive agent has worked to standardize one thing after another. And that’s connected to the whole impetus for Trusted Workforce, 2.0 and reciprocity. You can’t accept clearances from another agency unless you can trust that they’re following standard procedures and investigations.

Tom Temin: Well, how close are we to reciprocity, because that’s been kind of a golden dream forever. It’s almost like FedRAMP for clouds, and that took 10, 12 years.

Mary Kuntz: You know that I think that is still an unanswerable question. The notion of reciprocity has been around since one of the executive orders issued in 1995. And here we are in 2022. We continue to get guidances and issuances from the government that says yes, reciprocity, yes, you must do this. Unfortunately, there are a number of exceptions to reciprocity. So it can’t be an out of scope examination, meaning more than seven years old, it has to be at the same level of clearance, the agency has to have the same requirements. For instance, some agencies require a polygraph and others don’t, it can’t be a temporary clearance. There are various ways that the agencies find to get around reciprocity, and there’s no mechanism at this point for enforcing it. So even if you move to a new federal agency and same level of clearance, you’re in scope, nothing’s any different, they should accept it, they can decide that they’re going to start over again, and there’s really nothing you get to do about it.

Tom Temin: That means then there are a lot of process, statutory, regulatory, and you name it -cultural even- changes that have to be aligned before reciprocity can actually exist, which makes it sound almost impossible.

Elaine Fitch: Trust, right. It’s what Mary just said, each agency has to trust that the otheragency is going to do a good job in making a clearance determination.

Tom Temin: And by the way, you mentioned polygraph, what’s the latest in polygraph or lie detector testing requirements? Does that still considered something reliable?

Mary Kuntz: Oh, yes, very much. So it’s not the polygraph test itself. It is the admissions that are obtained during the polygraph examination. And those are golden to the federal government. People get nervous when they’re sitting down for a polygraph, and you know, yes, there can be physical reactions, but really, it’s when you get nervous and frightened and you start spilling your guts about your past history and everything you did when you were five years old.

Tom Temin: Yes, I did steal that Corvette and drive it around the block and stash my pot in it or something like that.

Elaine Fitch: That’s exactly right.

Tom Temin: We’re speaking with Elaine Fitch and Mary Kuntz, they’re partners at the law firm Kalijarvi, Chuzi, Newman & Fitch. And what is going on with continuous vetting? This is said to be in place and that most of the people with clearance are under continuous vetting. Have all of the privacy stipulations and so forth, been solved with that? So that third party data sources, people’s financial activities and so on, can be monitored legally and morally I guess, to maintain that security clearance?

Elaine Fitch: Well, there’s sort of two sides to the continuous vetting. One is enrolling people. We know DoD enrolled all of its military and civilian that was completed last year. They’re busy enrolling contractor employees right now, we don’t know what the other agencies are doing. We know there’s a goal, we know that, ostensibly, they’re getting people enrolled. But we aren’t getting notice about that in quite the same way. But at least at DoD, we know that there’s a population civilian and military. So that’s half of it. The other half is what databases are they searching. And right now, it’s a fairly limited number of databases that can be very effective. But it’s a limited number. It is FBI, its court databases, its information on arrest, on convictions, and so forth. They expect to expand this to foreign travel, presumably through the Department of State passport control, and they also expect to expand this to tax records, IRS, but also presumably state tax records. They haven’t done that yet. That’s just the place they’re going to next. And after that, they’re even talking about, but I think they haven’t, dealt with the privacy issues of social media. Using this to search social media. That one, I think, will be controversial. They’re not there yet.

Tom Temin: And with respect to say, the tax records, then, that would be how they could get at, say, some large financial transaction that someone made, say they paid sales tax on a boat, and out-of-band financial transactions for the person’s pay grade, for example. Isn’t that considered a at least a red flag for a possible security violation?

Elaine Fitch: It is, but a much more common one might be say, gambling debt, okay? Which you might claim on tax, and they’re very concerned about gambling winnings and gambling debt, and if that showed up. But they’re also simply concerned about, did you file your taxes? Have you paid your taxes? That alone is an important part of the vetting.

Tom Temin: A little bit tighter thread? What about say, alimony? Or child support judgments that would be in court records that could indicate someone in financial trouble as a result? You hear that hypothetical, but you haven’t seen that yet?

Elaine Fitch: I haven’t seen alimony, though I’m assuming that those records are brought in presently, because the court records are being searched. What I’ve seen are, practically overnight, calls on people who got arrested in some bar fight or something. They get arrested, they get released, the next day they go home, they find that personnel security has already contacted them and asked them to come explain themselves. That sort of overnight vetting is very different than the periodic re-investigation that people have enjoyed in the past.

Tom Temin: So given the establishment of Workforce 2.0, the new continuous vetting, the new process that happens from the Defense Department now, a new agency instead of OPM, if you add it all up, what is the trend in the cases that you’re seeing brought to you where people feel wronged in the whole process?

Mary Kuntz: You don’t know that we’re seeing a trend in cases changing as a result of the continuous vetting. What we’re seeing, as Mary just described, is that things are happening faster. So, whereas people would come to us and say, Hey, do I really need to report this? I mean, my clearance isn’t up for reinvestigation for another three, four or five years, can I just sit on this? You should not sit on it. There’s guidance out there about what’s required in self reporting. DCSA even has a great new fact sheet on it. And people need to know that things are being caught in real time. And if they are proactive and head straight into their security officer and say, “Hey, this happened. I need to let you know”. If it’s a financial issue, here are the steps I’m taking to correct the situation. That is gonna play a huge, important role in being able to mitigate whatever is found through continuous vetting.

Tom Temin: And if someone is a knucklehead, and somehow gets into an altercation in a bar, and arrested, that’s not necessarily grounds for losing their clearance if they can explain it. “I didn’t say anything to anyone. I just threw a shot glass at some guy.”

Elaine Fitch: That may not explain it, but I think you’re right. There’s always a chance to explain yourself in the security clearance process and continuous vetting does not take that opportunity away. You’ve got all the same due process rights you ever had. What it does is just mean that you can’t save things for five years or more, until your periodic re-investigation, they’re gonna pick up on these things. If you get a DUI, they’re gonna know it, you might as well just go ahead and report it. They will pick it up in the next week.

Tom Temin: Anything else people need to know. I mean, would you say overall, that the changes, and you’ve outlined a bunch of them in the latest publication, are good for the government and good for the cleared people? Or how would you characterize all of this?

Elaine Fitch: I think that the trend towards trying to standardize the clearance process to make sure even this trend, we’re hoping we’re going to see come September, with military and civilian employees enjoying the same due process rights as contractors, and bringing those processes together. I think that is giving us greater fairness, and is allowing people to feel a little bit less like this is kind of random. And so I think that is resulting in, you know, some positive outcomes here.

Tom Temin: So if we ever get real full reciprocity, then it might feel like Nirvana.

Elaine Fitch: That’s going too far. But yes, we can hope.

Tom Temin: And Elaine, a final question. The pandemic has said to have produced psychological stress in large numbers of people. It has caused financial issues for a large number of people. Has that had any relationship to the clearance and maintenance process for clearance?

Mary Kuntz: It has, and actually, the government is being fairly generous in addressing these issues. It was the National Counterintelligence and Security Center director came out with a little tweet/memo, acknowledging that the pandemic is going to affect people financially, and that that should not result in the denial or revocation of a clearance under the right circumstances. So they’re still looking at the same mitigating conditions which are, are you self reporting? Are you taking proactive action to fix the problem? And is the problem pandemic-related? And if that’s the case, and if you can meet all those criteria, you should be okay.

Tom Temin: But still stay out of bar fights.

Mary Kuntz: Definitely stay out of bar fights. Psychological conditions as well, you know, you read any newspaper article on the stressors that have resulted, and many people are suffering, because of the pandemic. Many people are afraid to go to counseling, because of that fear of losing their clearance or not getting a clearance, but government is encouraging people to seek counseling if they need it. And if you’re seeking counseling for pandemic related stressors, that is not something you need to self-report. It’s considered sound judgment and is a strong mitigating factor.

Tom Temin: Mary Kuntz and Elaine Fitch are partners at the law firm Kalijarvi, Chuzi, Newman & Fitch.

]]>
https://federalnewsnetwork.com/workforce-rightsgovernance/2022/03/theres-a-lot-of-new-you-need-to-know-about-the-security-clearance-scene/feed/ 0
Five key provisions in the just-signed 2022 intelligence authorization bill https://federalnewsnetwork.com/intelligence-community/2022/03/five-key-provisions-in-the-just-signed-2022-intelligence-authorization-bill/ https://federalnewsnetwork.com/intelligence-community/2022/03/five-key-provisions-in-the-just-signed-2022-intelligence-authorization-bill/#respond Tue, 15 Mar 2022 22:30:16 +0000 https://federalnewsnetwork.com/?p=3961719 The 2022 Intelligence Authorization Act hitched a ride on the $1.5 trillion omnibus spending bill signed into law by President Joe Biden on Tuesday.

The bill authorizes funding for intelligence agencies, provides new legal authorities for priorities like emerging technologies, enacts new restrictions in some cases and gives Congress some additional oversight measures. Here are some highlights from the 2022 bill:

Progress wanted on Trusted Workforce 2.0

The legislation requires the director of national intelligence and the director of the Office of Personnel Management to publish a “policy with guidelines and standards for Federal Government agencies and industry partners to implement the Trusted Workforce 2.0 initiative” in the Federal Register within six months.

The initiative is aimed at streamlining and updating government-wide security clearance policies, and the Biden administration sees it as a banner year for the reform effort. 

But Congress clearly wants to see more progress on Trusted Workforce 2.0, which started during the Trump administration. The bill directs an independent study of the 2.0 effort, including an appraisal of “how effective such initiatives are or will be in determining who should or should not have access to classified information.”

New program office for commercial geospatial data

Intelligence agencies were directed to consider commercial satellite remote sensing capabilities and services before they turn to governmental systems as part of the Fiscal Year 2021 National Defense Authorization Act.

The 2022 intelligence bill takes the commercial-first focus a step further by directing the National Reconnaissance Office and the National Geospatial-Intelligence to develop a plan for establishing an “integrated commercial geospatial-intelligence data program office” within 90 days.

Both the NRO and NGA have made efforts to work more closely with the burgeoning commercial satellite industry. The NGA is already working on a commercial systems buying guide for use across the intelligence community, the Defense Department and other federal agencies.

The intelligence bill sketches out how the integrated data program office will be housed within the NRO, which is responsible for purchasing commercial space imagery. But the bill also indicates the agencies should plan for the office to be embedded with NGA personnel, as it’s the agency responsible for setting geospatial-intelligence requirements as the government’s “functional manager” for GEOINT.

Strengthening protections for IC whistleblowers

The new law also strengthens protections for intelligence community whistleblowers by ensuring standard protections apply for employees across all agencies. It also clarifies that whistleblowers are protected from having their clearance revoked for reporting mismanagement, even if it’s not “gross mismanagement.”

The bill also clarifies that the inspectors general have the “sole authority” to determine whether any complaint or information is a matter of “urgent concern.”

But the final bill also left out several protections that were included in the Senate’s initial version of the bill, including language that would have explicitly provided whistleblowers the ability to contact the congressional intelligence committees.

“On the whole, these are a step in the right direction,” Melissa Wasser, policy counsel at the Project on Government Oversight, said on the Federal Drive with Tom Temin last week. “We’re going to have to figure out next steps for including those fixes that were not included this time.”

Data sharing on unidentified aerial phenomena

After directing the establishment of a formal Unidentified Aerial Phenomena office as part of the FY 22 NDAA, lawmakers directed more action on the unidentified flying objects front in this year’s intelligence bill.

Specifically, the new law directs the DNI and the secretary of defense to require that “each element of the intelligence community and component of the Department of Defense with data relating to unidentified aerial phenomena makes such data available immediately” with the Navy’s UAP task force, as well as the National Air and Space Intelligence Center at Wright-Patterson Air Force Base, Ohio.

The bill also directs the UAP task force or the successor entity to report to Congress on all new unidentified aerial phenomena events going forward.

New post-employment restrictions

The legislation enacts new restrictions on certain intelligence agency officials seeking work as a contractor for a foreign government after they leave the intelligence community.

It includes a 30-month cooling off period for employees who occupy particularly sensitive positions at U.S. intelligence agencies. During that time, the new law prohibits such employees from working directly or indirectly for foreign governments on work related to national security, intelligence, the military, or internal security.

The bill allows the Director of National Intelligence to issue a waiver on the 30-month prohibition on a case-by-case basis.

Employees who do accept such jobs would also have to report on their employment to their former agency annually for at least five years from when they left their U.S. intelligence position.

The new restrictions were spurred on by reporting from Reuters that revealed former U.S. intelligence officials helped the United Arab Emirates surveil other governments, human rights activists and even some Americans.

]]>
https://federalnewsnetwork.com/intelligence-community/2022/03/five-key-provisions-in-the-just-signed-2022-intelligence-authorization-bill/feed/ 0