27 November 2011

Intelligence Analysis: Robust and Resilient...

Operational Risks are on the rise for Top Secret America. Now that the "Super Committee" has thrown in the towel, there are several companies beginning to ask what it will mean in the next few years. Intelligence Analysis has been a tremendous windfall for large and small businesses especially in the National Capital Region of the United States.

The analysis of information, from open sources (e.g., information that appears in the news media or on the Internet) to the most sensitive information collected or gleaned from human and technical sources. Since 9/11, there has been an explosion of the amount of information obtained via technical means, particularly imagery and communications intercepts, necessitating new analytic methods of sorting and exploiting incoming information, as well as data mining to discover patterns of information and intelligence contained within huge quantities of data. Document exploitation (DOCEX) and forensic methods are also growing areas of intelligence analysis for captured materials and site exploitation.

39 government organizations and 358 companies are at the nexus of "Intelligence Analysis" according to the work by Dana Priest and William Arkin of the Washington Post. The next 24 months will tell us how this vital discipline begins to morph from agency to agency and company to company based upon who is deemed most essential and what information is most highly valued.

40 large companies, 57 medium companies and 261 small companies, comprise the majority of the firms who are the supply chain to many of the core intelligence apparatus of the U.S. Government. When these supply chains are impacted by the quantity and potential quality of intel, the opportunity for operational risks will increase. If you can imagine a pipeline of information coming from the street and keyboard level, all the way up to the Presidential Daily Brief (PDB) 365 days a year, this is what is at stake.

So what could you expect to happen in the next few years when it comes to the "Intelligence Analysis" pipeline and the rate and quality of information that is flowing to provide "Decision Advantage"? It's going to increase and for good reason. The traditional nation states and the threat of an attack from conventional means is diminishing. The new threats are morphing into the new normal. The asymmetric methods of warfare in the digital domain:

Congress will pay the FBI an additional $18.6 million to better investigate computer hacking cases, following a federal study that found a third of bureau agents probing breaches significant to national security lacked the necessary networking and counterintelligence skills.
A spending package passed Nov. 17 to fund many federal agencies through September 2012 includes President Obama's full request for $166.5 million to tackle computer crimes, an 11.2 percent increase over last year's appropriations. The bureau must use the money to hire an additional 42 computer security professionals, including 14 special agents, according to a report accompanying the legislation.

The new funds will also assist in the continuous analysis of information, to ascertain the origin and the legitimacy of attacks agains U.S. Critical Infrastructure, the next frontier for insider threats and cyber terrorists:

An ongoing investigation into the possible hack of a U.S. water plant should trigger a methodical analysis of the security of the nation's industrial systems to avoid jumping to the wrong conclusions, former federal cybersecurity officials say.
The Homeland Security Department's cyber response team and the FBI are gathering facts about a report of a water pump failure in Springfield, Ill., according to DHS officials. Their actions follow a state fusion center alert, first reported by noted security specialist Joe Weiss and later publicized by media outlets, that apparently suggests intruders may have lingered in the system for weeks. Some security experts familiar with the report are attributing the malfunction to a targeted attack originating from a Russian network access point, or IP address. If the report bears truth, then this incident represents the first known intentional intrusion into a U.S. industrial control system.
But some experts caution that many organizations don't have the computer forensics expertise to pinpoint the cause of suspicious network events, let alone the identities of perpetrators.

Intelligence Analysis is alive and well and the education and quality of the analysis will not be disrupted regardless of what law makers may fail to do behind closed doors. Operational Risk Management in the 358 companies is on high alert, yet diligently working to ensure the supply chain is robust and resilient for a long time to come.