DNI Orders “Integrated Defense” of Intelligence Information
The Director of National Intelligence is calling for the “integrated defense” of intelligence community (IC) information and systems to protect against unauthorized disclosures of intelligence sources and methods.
While every intelligence agency already has its own security procedures, a new Intelligence Community Directive (pdf) issued by the DNI would require a more coordinated and consistent approach, involving “unified courses of action to defend the IC information environment.”
“The IC information environment is an interconnected shared risk environment where the risk accepted by one IC element is effectively accepted by all,” the new Directive said. Therefore, “integrated defense of the IC information environment is essential to maintaining the confidentiality, integrity, and availability of all information held by each IC element.”
The Directive does not specify the defensive measures that are to be taken, but states that they should address “the detection, isolation, mitigation and response to incidents, which include spills, outages, exploits, attacks and other vulnerabilities.” An IC Incident Response Center will maintain “situational awareness of network topology, including connection points among IC element networks; threats, vectors, and actions that could adversely affect the IC information environment; and the overall health and status of IC information environment defenses.”
See “Integrated Defense of the Intelligence Community Information Environment,” Intelligence Community Directive (ICD) 502, March 11, 2011.
Although intelligence agencies are not waiting for security policy guidance from Congress, the intelligence oversight committees seem determined to provide it anyway.
In its initial markup of the FY2011 intelligence authorization bill, the House Intelligence Committee has prescribed the establishment of an Insider Threat Detection Program “in order to detect unauthorized access to, or use or transmission of, classified intelligence.”
The Senate Intelligence Committee reportedly wants to require a revised or supplemental non-disclosure agreement for intelligence employees, by which they would consent in advance to surrender their pension benefits if they were found to have committed an unauthorized disclosure.
As far as is known, neither Committee has advanced any new proposals for reducing unnecessary classification or strengthening protections for national security whistleblowers.
At a time when universities are already facing intense pressure to re-envision their role in the S&T ecosystem, we encourage NSF to ensure that the ambitious research acceleration remains compatible with their expertise.
FAS CEO Daniel Correa recently spoke with Adam Marblestone and Sam Rodriques, former FAS fellows who developed the idea for FROs and advocated for their use in a 2020 policy memo.
In a year when management issues like human capital, IT modernization, and improper payments have received greater attention from the public, examining this PMA tells us a lot about where the Administration’s policy is going to be focused through its last three years.
Congress must enact a Digital Public Infrastructure Act, a recognition that the government’s most fundamental responsibility in the digital era is to provide a solid, trustworthy foundation upon which people, businesses, and communities can build.