Saturday, October 31, 2015

A shift in Intelligence Community thinking?? Don't let perfect get in the way of good...

(Photo: Courtesy/ Northrop Grumman)
The Senate passed a bill Tuesday aimed at improving cybersecurity "Senate Passes Cybersecurity Bill Aimed at Hacker Threats". It took roughly six years to win approval for such a program.

This is a big deal. The government, at least on the surface, is radically shifting its position on use of the intelligence community.  Traditionally focused on intelligence assistance to policymakers and the military, the intelligence community (IC) is now coming to the assistance of, and will supply intelligence to, the owner/operators of the US Critical Infrastructure.

What does this mean? Organizations and people who want this kind of intelligence must still undergo security and potentially facility clearance processes, and the data will still come out as classified, but it will now be made available.

What does this mean? It means that companies who are considered critical to the US (the government calls them "critical infrastructure") will be offered opportunities to receive government collected and analyzed intelligence.  For example...

At the top of the new tech heap likely to be targeted heavily by hackers, insiders, and spies?  "Northrop Grumman Wins Air Force's Long Range Strike Bomber Contract"

This was one of those deals that Northrop needed one in the win column… and they did it. But imagine what kind of cyber (and traditional) espionage targeting is going to come with this… China is launching strategic missile submarines (with nukes) as a strategic deterrence and shiny new bombers would give them the ability to project power anywhere in the world. Strategic deterrence and the ability to reach out to anywhere in the world is squarely in the Chinese playbook.... and a shiny new long range stealth bomber is a huge (critical) part of that plan. So pay attention folks… China pays attention to news release in the defense industry.  What happens next? First, my guess is, there's already an airplane that's been built --because that's the way these things work. Several companies build airplanes. Government pilots test them, engineers evaluate them, and they pass the stealth tests, someone gets a contract --yes, an airplane has probably all ready been built. But now that the decision has been made, Northrop will be exploited. And they damn sure better be getting high quality, timely intelligence from the government to help them protect it. At a price tag of $550 mil (2010 dollars) per copy, and a lifetime price tag of over $55 billion (in taxpayer dollars),  if I were sitting in the procurement shop that purchased made this award, I'd want two things:

  1. I want (demand) that the US Government provide Northrop with the intelligence (cyber and other) to protect this enormous investment.  
  2. I'd want how well this program is actually protected using that intelligence. I'd want the ability to know, at any moment, how well protected, and what the threats are, to this new tech and supersized investment of taxpayer dollars. 
What I wouldn't want? I wouldn't want every line in their SEIM sent to the govermnent. I wouldn't want seventeen different government information sharing, regulatory, and LE/CI organizations, banging on their door asking (sometimes demanding) logs from the new program.  I'd want to know that Northrop can, and does use that intelligence in a responsible way and can show the metrics that prove it. Assessing the ability of a defense contractor's use of government intelligence should be a requirement in awarding these contracts. Additionally, as prime, Northrop needs to be ready to assess that their supply chain is also adequately protected --it's a cost of doing business, and yes, intelligence should be used to protect them too.
Back to the point  --This government sharing initiative does nothing for security, but does allow for government intelligence sharing. It offers anti-trust protections (although the FTC has already ruled), and requires intrusions be reported to the government (we'll see how that works.. certainly I have some opinions on this --I bet you already knew that!). So, congratulations to Northrop Grumman, but more importantly, congratulations to us. Aircraft carriers can't turn on a dime, and the government takes a long time to make change, but this massive shift in intelligence community thought is an enormous milestone. It may not be perfect; the government paints with a very broad brush and one *thing* is never detailed enough to make everyone happy.

I had a boss once who used to tell me "don't let perfect get in the way of good'. My thinking? The lawyers and lobbyists will take care of the warts.

I see this as a good thing.