Intelligence is a communal topic
- By Wilson P. Dizard III
- Oct 08, 2003
William F. Dawson, techie to the nation's sleuths
When William F. Dawson became the CIA's deputy CIO for the intelligence community in December 2001, he brought a background in engineering, intelligence and business management.
Dawson reports to the agency's CIO but actually supports the IT needs of the loose confederation of all government intelligence organizations under the mantle of the intelligence community.
This is Dawson's second stint with the CIA. He had worked as a systems engineer focusing on digital communications for a four-year period that began in 1979.
But between 1983 and when he rejoined the CIA in 1999 as deputy for information assurance, Dawson held a variety of industry IT jobs.
These included working as a software development manager for Inco Inc. of McLean, Va.; developing software for HRB-Singer Inc. of State College, Pa.; and managing systems engineering and security for Braddock, Dunn and McDonald Inc.
Dawson holds a bachelor's degree in electrical engineering from Brooklyn Polytechnic Institute and a master's in electrical engineering from Pennsylvania State University.
GCN senior editor Wilson P. Dizard III interviewed Dawson at CIA headquarters in McLean, Va.GCN: How do you draw a distinction between the CIA's CIO operation and that of the intelligence community? Do these overlap?
DAWSON: They are actually very separate responsibilities. The CIA's CIO enhances support of the agency's intelligence users across the country. The staff is responsible for systems that the CIA develops for its mission to support the president.
The intelligence community CIO focuses on interagency systems, so you are talking about the Intelligence Community System for Information Sharing (ICSIS), how everything ties together.
If something is internal to an intelligence agency, the intelligence community CIO staff doesn't get involved. We get involved as the agencies have to talk together, share information, common standards, so that we can do more and more information sharing.
Alan Wade is the CIO for both the CIA and the intelligence community. He has a deputy for the CIA, Bob Grady, and a deputy for the intelligence community, me.GCN: Do you have a CIO council within the intelligence community?
DAWSON: We have something called the Intelligence Community CIO Executive Council with CIOs from across the community. IT issues that are across the community come to that council. We also have an Information Assurance Policy Board, an Intelligence Community Communications Board and an ICSIS Integration Board that all feed up to the executive council.
The CIA CIO and intelligence community CIO programs have totally separate staffs. That's critical. The people who work for Bob and the people who work for me on this side are totally separate and distinct. We are a community organization but we are housed in the CIA.GCN: What steps have you taken to build the IT operations of the Terrorist Threat Integration Center and weave together the systems of the CIA, FBI, Homeland Security Department and other intelligence agencies?
DAWSON: Remember, again, we are doing community things. So what we have done is work with TTIC to develop an overall architecture that will take advantage of the enterprise architectures of the ICSIS enablers to make sure that as they bring their systems together, they are compatible with the rest of the community.GCN: How is TTIC coming along? Is it established technically yet?
DAWSON: TTIC has an operational capability right now.GCN: By what means does the intelligence community provide terrorist threat information to first responders such as firefighters, police organizations and other state and local officials?How do you strip information about sources and methods from raw intelligence files?
DAWSON: First, in the intelligence community, our primary means is not to go directly to any of these people.
We go through the appropriate government departments that are responsible, such as the FBI and the departments of Justice and Homeland Security. That is how we interface today'through our existing contacts, existing connectivity.
Second, from a perspective of how we get stuff down to them, we use tear line reporting. When a report is put together, it is put together at multiple levels. So there may be the top-secret report, but then there's a tear line that says secret and a tear line that says sensitive but unclassified.
So when reports go out, the appropriate level of the report goes to the users at each level.
It's a longstanding method, but we haven't really employed it that much until recently. We have so many more users now at the sensitive but unclassified level than we ever had.GCN: How do you use rights management to control the dissemination of intelligence, and what technologies have you used to develop this rights management?
DAWSON: The primary technology we use is something we have developed inside the community called secure communities of interest. They are Web-based communities of interest that have people that have the same level of need to know and can share information at that level. It's based on public-key certificates, the intelligence community public-key infrastructure we have rolled out and access control lists.GCN: How do you approach systems security for the multiple operating systems in use?
DAWSON: We use probably every kind of operating system and platform somewhere. We do have standards that apply to all our systems.
We have a whole set of what I'll call gold and platinum standards for configuring operating system, applications and intrusion detection systems so everybody is at the same level because obviously a risk that one [user] takes goes across the entire community.
We use the defense-in-depth concept. We implement that by having multiple ways to protect systems.GCN: What are the remaining challenges for systems security and information sharing in homeland security and intelligence?
DAWSON: The biggest challenge that we have is to provide our analysts with more-effective and more-interoperable tools that allow them to enhance their ability to rapidly evaluate, produce and disseminate actionable intelligence.
The key is, there are a lot more consumers than we used to have in the homeland security area, and those consumers operate at a lot of different security levels.GCN: Could the intelligence community provide more-specific terrorist threat warnings to state and local government agencies without compromising security?
DAWSON: We think we are providing that to those agencies that we talk to. As I said, we are not going to go directly to police chiefs. We are going to go to the FBI, Justice Department and DHS.
Our objective is to provide information that is at an actionable level that protects our sources and methods. It's up to them to then send it out to the state and local level and the first responders. That's not what we do.GCN: What are the intelligence community's most important IT achievements in homeland security, especially with regard to information sharing?
DAWSON: I think it is the secure interconnectivity we have done by implementing ICSIS.
What we have done is we have gotten all the agencies in the community to have a common standard for exchanging information. We built something called IC E-Mail for example, which is a mail package that sits at the community level that lets an individual agency's mail package communicate with another agency directly, in that agency's native language, by doing the conversion for them.
That is probably our greatest achievement, and extending it down to the other security levels. When we first looked at ICSIS, we said, 'Let's concentrate on the top-secret level.'
As things changed, we said, 'We have a lot of customers at the secret level, a lot of military customers and also a lot of customers like Homeland Security at the unclassified level.' So we extended that model down to all security levels, and we can now distribute across all those levels at the same time, using common standards and common tools.