New intel strategy stresses data collection, cyber threats

The 2019 National Intelligence Strategy, meant to guide the nation's intelligence agencies over the next four years, puts cybersecurity and technology issues front and center.

The document highlights cyberspace and emerging "disruptive" technologies like AI and quantum computing as areas that intelligence agencies must invest in heavily over the coming years. The strategy calls for expanded reliance on both quantitative and qualitative analysis capabilities to forecast threats, the production of more tailored, actionable cyber threat intelligence to the rest of the government and the exploration of novel operational applications of emerging technology to advance tradecraft.

Despite a growing awareness of cyber threats, "nearly all information, communication networks and systems will be at risk for years to come" and in the current environment, adversary nation states "are already challenging public confidence in our global institutions, governance and norms."

In particular, the strategy makes the case that intelligence agencies can make better use of the abundance of data that has been created in the information age. That includes modernization of data management policies to make such information easier to use and share between components agencies and other stakeholders.

"As a community, we must become more agile, build and leverage partnerships, and apply the most advanced technologies in pursuit of unmatched insights," said Director of National Intelligence Dan Coats in a statement.

Curtis Dukes, former Director of the Information Assurance Directorate at the National Security Agency, told FCW the new strategy demonstrates how intelligence leaders believe cybersecurity threats are now on par with other top priorities like terrorism and the proliferation of weapons of mass destruction. It also shows a desire on the part of intelligence leaders to move to more data-driven cybersecurity operations in the future.

"We've spent decades collecting data and putting them in silos and so now we're trying to start mining that data," said Dukes, now an executive vice president at the Center for Internet Security.

Some intelligence agencies have already begun to move in that direction.

The National Geospatial Intelligence Agency plans to release a solicitation this year for research proposals around "techniques, algorithms, methods and approaches to harvesting and analysis of information" in order to better anticipate threats and reduce decision times. NGA, per the announcement, "recognizes the need to move from a world of data scarcity to data abundance."

Dukes said the strategy lacked details on how the intelligence community plans to disseminate threat data down to uncleared stakeholders outside the government and get around longstanding classification issues that have traditionally hampered more widespread information sharing.

"Typically, when you look at threat intelligence, mostly it's classified at a fairly high level," he said. "Then they start trying to water it down to get to unclassified or [for official use only] to share, but when they do that, you lose a lot of the context. That's the piece that we have to solve as a nation."