DNI Orders “Integrated Defense” of Intelligence Information
The Director of National Intelligence is calling for the “integrated defense” of intelligence community (IC) information and systems to protect against unauthorized disclosures of intelligence sources and methods.
While every intelligence agency already has its own security procedures, a new Intelligence Community Directive (pdf) issued by the DNI would require a more coordinated and consistent approach, involving “unified courses of action to defend the IC information environment.”
“The IC information environment is an interconnected shared risk environment where the risk accepted by one IC element is effectively accepted by all,” the new Directive said. Therefore, “integrated defense of the IC information environment is essential to maintaining the confidentiality, integrity, and availability of all information held by each IC element.”
The Directive does not specify the defensive measures that are to be taken, but states that they should address “the detection, isolation, mitigation and response to incidents, which include spills, outages, exploits, attacks and other vulnerabilities.” An IC Incident Response Center will maintain “situational awareness of network topology, including connection points among IC element networks; threats, vectors, and actions that could adversely affect the IC information environment; and the overall health and status of IC information environment defenses.”
See “Integrated Defense of the Intelligence Community Information Environment,” Intelligence Community Directive (ICD) 502, March 11, 2011.
Although intelligence agencies are not waiting for security policy guidance from Congress, the intelligence oversight committees seem determined to provide it anyway.
In its initial markup of the FY2011 intelligence authorization bill, the House Intelligence Committee has prescribed the establishment of an Insider Threat Detection Program “in order to detect unauthorized access to, or use or transmission of, classified intelligence.”
The Senate Intelligence Committee reportedly wants to require a revised or supplemental non-disclosure agreement for intelligence employees, by which they would consent in advance to surrender their pension benefits if they were found to have committed an unauthorized disclosure.
As far as is known, neither Committee has advanced any new proposals for reducing unnecessary classification or strengthening protections for national security whistleblowers.
This rule gives agencies significantly more authority over certain career policy roles. Whether that authority improves accountability or creates new risks depends almost entirely on how agencies interrupt and apply it.
Our environmental system was built for 1970s-era pollution control, but today it needs stable, integrated, multi-level governance that can make tradeoffs, share and use evidence, and deliver infrastructure while demonstrating that improved trust and participation are essential to future progress.
Durable and legitimate climate action requires a government capable of clearly weighting, explaining, and managing cost tradeoffs to the widest away of audiences, which in turn requires strong technocratic competency.
FAS is launching the Center for Regulatory Ingenuity (CRI) to build a new, transpartisan vision of government that works – that has the capacity to achieve ambitious goals while adeptly responding to people’s basic needs.