1 / 23

The Future of Secure Information Sharing Mark Kagan

The Future of Secure Information Sharing Mark Kagan. August 14, 2007. Key Information Sharing Technology Trends. Horizontal Fusion Initiative Identity Management and Authentication Multi-Level Security Secure Information Sharing Architecture (SISA) Service Oriented Architecture (SOA)

hamlet
Download Presentation

The Future of Secure Information Sharing Mark Kagan

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Future of Secure Information SharingMark Kagan August 14, 2007

  2. Key Information Sharing Technology Trends • Horizontal Fusion Initiative • Identity Management and Authentication • Multi-Level Security • Secure Information Sharing Architecture (SISA) • Service Oriented Architecture (SOA) • Wikis and Blogs

  3. The Leader: DIA • The Defense Intelligence Agency believes that true interoperability must occur at the data level, instead of the system level • DIA is building an SOA with a set of common data standards that will use Web services, Extensible Markup Language (XML), metadata tagging and other tools that should ease collaboration DIA is not looking for any technology silver bullets — much of what it is doing involves IT best practices and data tagging that will allow information movement back and forth

  4. Operation Ivy Bells An example of “secure information sharing” until 1980, when NSA analyst Ronald Pelton walked into the Soviet embassy in Washington, DC In a joint NSA-U.S. Navy operation beginning in 1971, U.S. submarines tapped into the undersea telephone cable that connected the Soviet submarine base at Petropavlovsk on the Kamchatka Peninsula to the Soviet Pacific Fleet headquarters on the mainland at Vladivostok

  5. Gen. Buck Turgidson Gen. Curtis LeMay Information Sharing: Reality (Part I)

  6. Information Sharing: Reality (Part II)

  7. Information Organization Information Sharing: Reality (Part III) Which one is secure?

  8. Information Sharing? What Information? What’s the difference between Sunnis and Shi’ites?

  9. “Stuff happens.” “Freedom's untidy and free people are free to make mistakes and commit crimes and do bad things.” Intelligence Sharing? Part I

  10. Intelligence Sharing? Part II A commander from 3rd Infantry Division observed after Operation Iraqi Freedom (OIF): “I had perfect situational awareness. What I lacked was cultural awareness. I knew where every enemy tank was dug in on the outskirts of Tallil. Only problem was, my soldiers had to fight fanatics charging on foot or in pickups and firing AK47s and RPGs. Great technical intelligence…. Wrong enemy.” The U.S. Army did not begin to provide Middle East cultural awareness training until the spring of 2006 — three years after OIF — and only for troops who were going to be deployed in Iraq, not for troops already there

  11. Stovepipes, Silos and Barriers • Bureaucratic • Institutional • Organizational • Psychological • Technology • Information • Cultural Gorillas in the Stovepipes Legacy Systems and Legacy Thinking BIOPTIC DNA

  12. “The intelligence community does not exist except as a figment of Congressional imagination” — A very senior intelligence official Source: U.S. News & World Report, August 2, 2004

  13. Intellectual Property? “The creators of intelligence tend to regard it as ‘intellectual property’ and don’t want to share it. This information — even though you created it — really belongs to the nation… and you really ought to share it.” “Everyone agrees with this, but in practice, the story is different” Lt. Gen. Robert J. Elder, Commander, 8th Air Force and U.S. Air Force Cyber Command (Air Force Magazine, August 2007)

  14. New Term Needed? Knowledge Management X Information Sharing OR Knowledge Centricity* Too Many People Don’t Want to Share Information Sharing or…? * Coined by Gen. Tom Hobbins, Commander, U.S. Air Forces Europe

  15. Requirements • Too much information • Gatekeepers • Different ways of doing things • Comfort levels – ease of use • Workload • Value to users • Pain points • How does this help me to do my job better, more easily? “Need to Know” versus “Need to Share” Rewards vs. Punishments: For sharing For not sharing

  16. Management and Technology • Implementation of new technologies • Often done on top of existing processes, procedures, and practices • Change management and business process reengineering — like security — must be an integral part of the solution and the architecture, not just a bolt-on • Includes the bureaucratic, institutional, organizational, psychological, and cultural changes • Risk management and cost-benefit analyses • Budget cycles vs. technology cycles Policy, Standards, Training

  17. Change Management: Part I “Delivering the Power of Information: Transforming the National Defense Team” David M. Wennergren Deputy Assistant Secretary of Defense (Information Management and Technology) and DoD Deputy Chief Information Officer

  18. Change Management: Part II “Delivering the Power of Information: Transforming the National Defense Team” David M. Wennergren Deputy Assistant Secretary of Defense (Information Management and Technology) and DoD Deputy Chief Information Officer

  19. Summary • Technology is “easy” — people are hard • Solutions, not technologies • Mission-critical goals, not organization-critical goals • Change or eliminate processes, procedures, and practices to enable information sharing/knowledge management/knowledge centricity • Technology and change management/BPR must be integral parts of the solution from the ground up • Policy, policy, policy • Standards, standards, standards • Training, training, training • BIOPTIC DNA (Bureaucratic – Institutional – Organizational – Psychological – Technology – Information – Cultural)

  20. A Last Word… Or Three

  21. Applies to new technologies The Reality of GovernmentTechnology Programs • Government officials and contractors consistently underestimate: • Costs • Complexity • Obstacles • Time • Government officials and contractors consistently: • Over-promise • Under-deliver 50% of the cost is often spent on the last 10% of performance

  22. Scotty’s Rule Always tell them it’s going to take twice as long as you think it will because then they’ll think you’re a miracle worker when you do it in half the time

  23. Questions?

More Related