wfedstaff | April 17, 2015 11:24 pm
The improved sharing of law enforcement and homeland security information across federal, state and local governments is having the intended effect 10 years after Congress created a new office to guide the effort.
And for evidence, look no farther than what happened right after the tragic and deadly attack at the Boston Marathon in April 2013. In the 20 months since that terrorist attack, the impact of all the changes to law, policies, regulations and, most importantly, culture, now only can been understood.
“In the immediate aftermath, the training, the tools, the infrastructure that the government has been working with our state and local partners to put in place started to pay off in terms of the immediate incident response and the investigatory response,” said Kshemendra Paul, the program manager of the Information Sharing Environment (ISE), in a recent interview with Federal News Radio. “A key aspect of it, that maybe wasn’t fully understood, but was very important, was the degree to which the national fusion center network provided shared situational awareness across the country to every governor, to mayors in major cities within hours of the event. It was critical to keep things calm and providing that confidence of the way forward in the aftermath of that event.”
Additionally, Paul said the inspectors general from the FBI and the intelligence community highlighted the integrated approach to all aspects of the response effort.
Federal News Network's Cyber Industry Exchange: Where does cybersecurity end and physical security begin for federal agencies? Find out at Federal News Network’s Industry Exchange: Cyber.
He said the Boston Marathon example is one of several highlighted in the annual report to Congress from the ISE, which is celebrating its 10th anniversary.
“Information sharing has improved tremendously within the federal government, between the federal government and our state and local partners in both directions and with the private sector,” he said. “We are reducing fragmentation, overlap and duplication, and getting more unity of effort around terrorism related information sharing more broadly. We also are seeing reuse of this infrastructure that has been put in place, almost a public safety platform where that investment is being reused for things like countering heroin and there are some initial efforts around countering human trafficking. That’s really exciting to see because what we are seeing is the investment we‘ve made in terrorism information sharing across a distributed, decentralized and coordinated information sharing environment, agencies that make up that information sharing environment whether they are federal, state or local are under their own authorities are leveraging their investment across their mission space and that’s enhancing the safety of the public and our national security.”
Less complex, works better
The ISE dedicated an entire section of its annual report on the lessons learned from the Boston Marathon attack. The report stated that the IGs findings and other observers offered insights and recommendations to help continue to improve information sharing within relevant communities of interest, particularly in the proactive, bi-directional, and uniform sharing of intelligence and information with state and local law enforcement.
The annual report focuses across five other main areas ranging from mission effectiveness through shared services to protecting privacy and civil liberties to making information easier to find through the use of commons standards.
Paul said the ISE highlighted progress against each of these areas. He said the initiatives are helping to tie all the disparate resources and initiatives together.
“So a decade plus after 9/11, it’s way less complex and it works way better than it used to, and even more important, we are on a great trajectory,” he said. “Progress is starting to compound.”
One area Paul highlighted was within the Maritime Domain Awareness community of interest.
He said ISE supports the Navy, the Coast Guard, the Homeland Security Department, the Transportation Department and state and local communities to use the assortment of information sharing tool developed over the last decade.
The MDA community developed an architecture that relies on the common profile, use of the National Information Exchange Model (NIEM) and will implement the back-end attribute identity exchange model. The common profile describes common processes and information exchanges, while integrating all of the data within and across different lines of businesses.
“We’ve also been involved in a couple of pilot projects — a maritime information broker in the Port of Baltimore. We have a project that’s been going pretty well in the Puget Sound [Washington] area to test out these concepts,” Paul said. “Some of that testing out involves technology, some of it involves bringing stakeholders together to develop requirements and buy-in to an approach.”
Two-way cyber sharing
Another area the ISE is bringing people together around is cybersecurity.
Paul said the FBI has been piloting with Utah and New York State the idea of investigatory referrals through the iGuardian system.
Typically under iGuardian, state and local law enforcement officers share potential cyber crime incidents with the bureau.
But under the investigatory referrals program, the FBI’s National Cyber Investigative Joint Task Force (NCJTF) finds certain clues and shares that data with state and local authorities so they can investigate.
“The protocols are worked out to make sure that there is the shared information that goes back and forth as these things develop, to make sure there is full coordination within policy, to make sure privacy is protected and the information is dealt with securely,” Paul said. “The goal is here is for the states to be the force multiplier. Also, the states want to have an independent capability to be able to look at cyber related issues that have a nexus in their state and to be able to pursue those and tie that to law enforcement activities like prosecutions.”
The FBI launched iGuardian in 2013.
ISE sponsored a summit last fall and 38 states showed up to learn about this pilot and figure out how they can take part.
“There was a lot of use of ISE tools and frameworks,” Paul said. “The interesting thing about information sharing is that it’s an open ended problem because there are always opportunities to do better. Information sharing is buzz word. It’s really about secure, trusted collaboration, which is inherently a person centric kind of activity. I collaborate with you or my organization with yours and scale that up in a multi-lateral way. As threats evolve, as technology evolves, there’s always opportunities to do better and we saw that.”