TTIC and Information Sharing TTIC exists, in large part, because before 9/11 the USG didn’t know...
18
TTIC and Information Sharing TTIC exists, in large part, because before 9/11 the USG didn’t know what the USG already knew
-
Upload
myles-lamb -
Category
Documents
-
view
223 -
download
0
description
An Issue of Balance Immediately devolve from the bumper sticker to the security, policy, legal technical issues. No quick fixes. Sources & Methods: ORCON Operational Considerations U.S. Persons/Privacy issues Technical interoperability Everything To Everybody “Data Owner- Ship” ?
Transcript of TTIC and Information Sharing TTIC exists, in large part, because before 9/11 the USG didn’t know...
TTIC andInformation Sharing
TTIC exists, in large part, because before 9/11 the USG didn’t know what the USG already knew
Overview
• General Context to Information Sharing– An Issue of Balance– Keeping Horizontal Integration in Perspective
• The Terrorism Context– Why TTIC?– TTIC and Information Sharing– TTIC initiatives– The Business Process Issue
• Conclusions/Caveats
An Issue of Balance
Immediately devolve from the bumpersticker to the security, policy, legaltechnical issues. No quick fixes.
•Sources & Methods: ORCON•Operational Considerations•U.S. Persons/Privacy issues•Technical interoperability
EverythingTo
Everybody
“DataOwner-Ship”
?
Horizontal Integration: Keeping Perspective
Data
Knowledge
Horizontal Integration
HI, without (a lot of) focus on analytic art, raisesthe specter of the IC simply being wrong faster….
WhatAbout9/11?
IndianNuc test
NK TD-1 launch
ChineseEmbassy
IraqiWMD
Intelligence “Failures”
Some background on TTIC…
Comprehensive Picture of
Terrorist Threats
Homeland Security
Military IntelForeign Intel
TTICLaw
Enforcement
•Presidential Initiative•Independent joint venture
--5 partner orgs--Reporting to DCI
•Mission: “full integration of terrorism information collected domestically or abroad” •Will be subsumed by NCTC
TTIC and Terrorism Info Sharing
• Policy Context• Community
Progress• TTIC access• TTIC
Dissemination
Policy Context (we’re all on notice)•DCID 2/4: “unfettered access” for TTIC•Homeland Security Act: DHS gets access to “all” terrorism info•Information Sharing MOU: terrorism and WMD info “will” be shared.•HSPD 6: TTIC and TSC full access to support identities data base and watchlisting•DCID 8-1, Info Sharing EO….
Community Progress
• Community reporting increases by factor of 2.5 since 911
• ORCON down…but…• Tearlines up…• TTIC’s information sharing
program office working with IC on range of impediments
• Terrorist identities data base
0
8000
16000
1st Qtr 2nd Qtr 3rd Qtr 4th Qtr
0
20000
40000
60000
1994 1997 2000 2003
10 years oftearlines
ORCONIn 2003
State & Local Govt, Law Enf, Private Sector
TTIC* i.e., HHS, USDA, EPA, DOE
STATE
CIA
FBI
NGA
NSA
DIA
DHS
OTHERGOVERNMENT AGENCIES *
DoD
WHITEHOUSE
Information Sharing Framework
TTIC Network Connectivity
Note:Not all analysts access all networks ortools; mission requirements determine access.
CIA ADNCIA AIN
CIA JWICSFBIS PRINCE
ION
INSCOM IDCNetSIPRNet
JWICSStone Ghost
NSANet
NGANet
DoE SEAS
State INRSSState OpenNet
Dial-Up networks:
TECSSecret ServiceUSCG Intranet
ADNetDoJ JCONDoJ OASISFBI Internet CafeFBINetFBI SCIONNCIC
OSIS
NRO GWAN
In Pursuit of “Unfettered Access”
• Good…and Bad News• TTIC “rules of the road”:
allow broad internal sharing
• Cumbersome: technical and security policy issues
• Sanctum Architecture will allow federated search
TTIC Strength: Information Sharing
• TS/SCI HCS• Full range of
products: finished reports; disseminated traffic; data bases
• A data mart• The primary source of
terrorism information for the USG
• 120 participating organizations and growing
CT Link Sept 2001 TTOL Oct 2004400+ users 3500+ users20 sessions/week 1000 sessions/week4 products types 92 product types14 FBI reports/month 450 FBI reports/month1 million documents 3.5 million documents
TOL Customers by OrganizationOct 04: 3500+ Active Users
DIA (216)8%
TTIC (129)5%
CIA (503)19%
Other DOD (895)34%
FBI (416)16%
NSA (83)3%
DHS (220)8%
Other Federal Groups (128) 5%
STATE (50)2%
Other DOD OrganizationsAir ForceAir Force Office of Special InvestigationsArmyCentral CommandDefense Logistic AgencyDefense Threat Reduction AgencyEuropean CommandJoint Chiefs of StaffJoint Counter-intelligence Analysis GroupJoint Forces CommandJoint Special Operations CommandJoint Warfare Analysis CenterMarinesNational Ground Intelligence CenterNational Imagery and Mapping AgencyNational Military Joint Intelligence CenterNaval Surface Warfare Development GroupNavyNorthern CommandPacific CommandSouthern CommandSpecial Operations CommandTransportation Command
Other Federal AgenciesAgricultureBureau Alcohol, Tobacco, & FirearmsCapitol PoliceEnergyFederal Aviation AdministrationFederal Reserve BoardGeneral Services AdministrationHealth & Human ServicesInteriorJusticeNational Recon OfficeNational Security CouncilNASANuclear Regulatory CommissionTransportationTreasuryUS Postal Service
WARN 7CIADIAFBINSAState/INRTTIC
DHSCoast GuardCustoms/ICEDepartment of Homeland SecurityINSSecret ServiceTransportation Security Agency
Information Sharing of Terrorist Identities Intelligence
• 4 Separate terrorist identities data bases– CIA– DoD– State/TIPOFF– FBI
• Dozen watchlists, haphazardly maintained
• A single USG repository of international terrorist identities, foreign and domestic
• Supporting Terrorist Screening Center’s watchlisting effort
Pre 9/11 TTIC/HSPD-6
Terrorist Watchlist Business Process - Phase II
DHS(IBIS)
FBI(NCIC)
DoS(CLASS)
DoD
SelectedForeignGov'ts
CLASSIFIED SBU
Terrorist ThreatIntegration Center
Feedback
BTS: Border SecurityTSA: Common CarrierCritical InfrastructureHomeland SecurityAdvisor
Local Law Enforcement
Consular Affairs
Military Bases
InternationalCooperation
Data ElementsExtracted
11/11/03
FTTTF
24 X 7 Telephonic Support to End Users
Terrorist ScreeningCenter
TIDEONLINE
IntelligenceCommunity
Law EnforcementJTTTFs
Accept/Reject
FBI(State and Local Gov't)(Foreign Gov't)
CIA(Foreign Gov't)
NSA
DoD
DIA
Treasury
DoS
DHS(State and Local Gov't)
Public Source
ScreeningDatabase
JWICS
OperationalSupport
Adjudication
Review &Create/UpdateRecord
EnhanceRecord
NominationDecision
TIDE
FBI DomesticTerrorism
Information
ExpeditedNominations
UNCLASSIFIED // FOUO
TS/
SCI
DHS FBI
Secr
etSB
U
Collaboration viaTTIC Online
Collaboration viaTTIC Online
Inte
llige
nce
Com
mun
ity
Dep
artm
ent
of D
efen
se
Information Sharing
Collaboration viaTTIC OnlineBo
rder
& T
rans
port
atio
n Se
curi
ty
Scie
nce
& T
echn
olog
y
Emer
genc
y Pr
epar
edne
ss &
Re
spon
se FBI-J
TTFs
Law
Enf
orce
men
t
Info
rmat
ion
Anal
ysis
&
Infr
astr
uctu
re
Prot
ecti
on
Offi
ce o
f the
Pre
side
nt
INFORMATION SOURCES
Some Final Caveats
Information Sharing: Necessary but Not Sufficient
Problem: A Lack of Critical Mass
• Tooth to tail problem• Analysis: adding new
knowledge vs packaging and situational awareness
• “Analyst” population small•Production Staff•Care & Feeding•Mgment overhead•Info technology
AnalyticTooth
Tail
Watch
AM BriefWarning
Analysts
Typical Terrorism Analytic Org
Unfettered sharing without the appropriate business process can have pernicious downside impact
IMPACT•Shallow/redundant analysis•Enthusiastic amateur
Conclusions/Caveats
• Substantial progress/many initiatives…• …Much work to do• TTIC 2nd to none in support of info sharing• Caveats:
– Be wary of the “bumper sticker”– Information sharing is no panacea
• Dots won’t get randomly connected• Be careful: Not all opinions are equal• “Effective” info sharing of growing concern
Must get the Business Process Right: NCTC
