The National Geospatial Intelligence Agency is undertaking several major technology shifts this year in cloud, cybersecurity and machine learning, as it continues to look at ways to take advantage of an “explosion” in commercial service and products, according to the agency’s chief information officer.
NGA is “pivoting across the board, from system by system, sensor by sensor, to an enterprise operating system and sensor-agnostic data ingest, storage and dissemination,” NGA Chief Information Officer Mark Andress said at a Jan. 6 event hosted by the Intelligence and National Security Alliance.
A “big event” for the agency this year is the rollout of a new “common operating environment” providing a “service-centric platform” for GEOINT access, according to Andress.
He said NGA will also shift workloads this year from the “C2S” cloud program to the intelligence community’s new “C2E” cloud contract. The CIA awarded C2E in November 2020 to Amazon Web Services, Google, IBM, Microsoft and Oracle. The C2S contract, awarded in 2013, was exclusive to Amazon.
“That presents huge opportunities,” Andress said of the shift to C2E.
Artificial intelligence and machine learning continue to be major priorities for NGA. The agency released a new data strategy last year. Andress said a key priority for his office is “laying out the IT infrastructure to support this integration of AI and ML.”
NGA has been successful so far in adopting natural language processing, which has allowed the agency to “eliminate countless man hours” by automating the processing and dissemination of GEOINT, according to Andress.
But another major initiative for NGA is using computer vision to analyze imagery for objects of interest, patterns of life and other intelligence.
“This big goal in the near term is to take those, I’m not going to say ‘mundane,’ because they require skill, but transfer those fundamental skills to the machine,” Andress said. “And then let the analyst shift to, what does that mean? What does it mean that that movement is happening?”
The agency is also looking to continue integrating commercial products and data into its workflows. NGA’s new commercial geospatial intelligence strategy directs agencies to consider commercial sources as primary sources of intelligence. That’s a shift for agencies that have traditionally first looked to government capabilities, like images taken by top-secret spy satellites.
Andress said NGA is looking to “harness and manage” the explosion of geospatial intelligence occurring in the commercial sector.
“We’re putting a lot of emphasis in what we’re calling the supplier matrix, and that is around how do how do we leverage technology to pair the knowledge needed, to match the right request, from the right customer at the right security domain with the right solution,” he said.
Andress also said the emphasis on commercial orchestration goes beyond traditional images to a range of analytic products, like object detection and macro-economic analysis.
Within the next few months, Andress said the agency will also release an updated version of its software strategy, called the “NGA Software Way.” The document describes how NGA wants to develop software, both for its internal developers as well as industry partners.
The agency put out an initial version of the strategy as a request-for-information last year, and it’s now incorporating more than 350 pages of feedback from industry, according to Andress.
“It really focuses on two things,” he said. “[One] how we want our software development. Before you write, through the development, the first deliverable and then operationally through the iterations. And then it says, ‘We’re going to need some common metrics from you.’ This doesn’t sound like much but it’s a big deal. And these will be the two big drivers this year.”
NGA is additionally shifting to a zero trust cybersecurity model in line with the Defense Department’s April 2021 “Zero Trust Reference Architecture.”
Andress said NGA is in “an excellent starting position” to begin adopting zero trust. He said the agency has a “robust” Identity, Credentialing, and Access framework in place.
“Where we have got a lot of work to do, and I know this is going to take a lot of time, is really getting at that relationship in zero trust between an individual and a data element,” he continued. “And how you scale that at the enterprise level? Trust no one for any piece of knowledge unless that connection has been validated. So that’s going to be where we focus a lot in the near term.”