Intel strategy targets cyber threats
- By Derek B. Johnson
- Jan 24, 2019
Cybersecurity and disruptive technology issues are at the heart of the 2019 National Intelligence Strategy, meant to guide the nation's intelligence agencies over the next four years.
Despite a growing awareness of cyber threats, "nearly all information, communication networks and systems will be at risk for years to come" and in the current environment, adversary nation states "are already challenging public confidence in our global institutions, governance and norms."
The document highlights cyberspace and emerging "disruptive" technologies like artificial intelligence, automation and high-performance computing as areas that intelligence agencies must invest in heavily over the coming years. The strategy calls for expanded reliance on both quantitative and qualitative analysis to forecast threats, the production of more tailored, actionable cyber threat intelligence and the exploration of novel emerging technologies to advance tradecraft.
In particular, the strategy makes the case that intelligence agencies can make better use of the abundance of data now available, including modernization of data management policies to make such information easier to use and share between components agencies and other stakeholders.
"As a community, we must become more agile, build and leverage partnerships, and apply the most advanced technologies in pursuit of unmatched insights," said Director of National Intelligence Dan Coats in a statement.
Curtis Dukes, former director of the Information Assurance Directorate at the National Security Agency, said the new strategy demonstrates how intelligence leaders believe cybersecurity threats are now on par with other top priorities like terrorism and the proliferation of weapons of mass destruction. It also shows a desire on the part of intelligence leaders to move to more data-driven cybersecurity operations in the future.
"We've spent decades collecting data and putting them in silos, and so now we're trying to start mining that data," said Dukes, now an executive vice president at the Center for Internet Security.
Dukes said the strategy lacked details on how the intelligence community plans to disseminate threat data down to uncleared stakeholders outside the government and get around longstanding classification issues that have traditionally hampered more widespread information sharing.
"Typically, when you look at threat intelligence, mostly it's classified at a fairly high level," he said. "Then they start trying to water it down to get to unclassified or [for official use only] to share, but when they do that, you lose a lot of the context. That's the piece that we have to solve as a nation."
This article was first posted to FCW, a sibling site to GCN.
Derek B. Johnson is a former senior staff writer at FCW.