Commentary: 5G risk is about more than simply securing competitive advantage

This op-ed originally appeared in The Hill on May 17, 2019.

By: Nate Snyder

The dawning of 5G capabilities will revolutionize our telecommunications and online networks. Data transport speeds will increase to 10 times faster than what they are with 4G. As countries across the globe discover and develop new 5G innovations, so too will terrorist organizations, private actors, and lone offenders. If there is a new technology breakthrough with the public at large, it will no doubt be leveraged by bad actors who will develop and discover their own insidious innovations and exploitations.

While working on counterterrorism efforts at the Department of Homeland Security during the Obama administration, I became familiar with how private actors and terrorist organizations exploit any vulnerabilities they can, especially when it comes to online networks and using the internet. These bad actors exploit network vulnerabilities to target and disrupt critical infrastructure, and access and exploit information and people.

It is no secret that the Chinese government has built in capabilities to control the online access of its own citizens. It is also widely known that Huawei is essentially state controlled and influenced. Reports note the company is 99 percent answerable to the Chinese government. Various backdoors, control measures, and surveillance applications have been built directly into the “Great Firewall” of Chinese online infrastructure.

Many of these surreptitious access points and controls are coded into core software and engineered into hardware. While at the Department of Homeland Security, I met with a senior Chinese counterterrorism delegation. I asked them how they address online radicalization to violence. Without hesitation, they replied, “We turn the internet off.” If the Chinese government uses these vulnerabilities to its advantage, you can guarantee that terrorist organizations will also seek to exploit them.

That explains why Prime Minister Theresa May announcing that the United Kingdom will allow Huawei to build noncore 5G functions is a significant problem. Not only is it a British security risk, but it also affects American and allied security. Allowing Huawei onto our collective 5G networks would be like inviting inside a Trojan horse that can be exploited by the Chinese government and other bad actors. The British government has cited compromising vulnerabilities in the Huawei supply chain. Several years ago Vodafone discovered security flaws in Huawei software that, while not fatal, continue to compromise the reputation of the company.

Because of these software and hardware vulnerabilities, likely created with purpose, Huawei and the Chinese 5G supply chain cannot be trusted. The supply chain security is beyond suspicious, and some American allies have already banned the use of Huawei 5G technology. Since the Huawei and Chinese 5G supply chain has more holes than Swiss cheese, it is fair to expect not if but when bad actors will exploit these vulnerabilities.

Some of the greatest deterrents we have against terrorists using online networks and the internet are awareness and intelligence. With Huawei potentially holding a monopoly on the flow and curation of 5G information across the globe, who knows if it will allow adequate access to investigate terrorist threats, emerging trends, threat vectors, and critical data. Huawei will essentially become an all knowing information provider and could handicap the United States and allied intelligence communities. Imagine the embarrassment of relying on Huawei for intelligence to investigate domestic terrorist threats in our own backyard, let alone the potential international ramifications. Even if access is given, the information could be suspicious. Needless to say, bad actors will exploit these blind spots.

The United States should lead the fight for shared principles and ensure competition and interoperability among technology vendors. The Trump administration should focus on building a coalition of our closest allies instead of ridiculing them. This key coalition should push for mandating interoperability among technology providers, ensuring that one company does not become the sole provider for unimagined future technologies like 6G, and tackling risks through diversification and threat dispersion.

The coalition should also demand that Huawei provide the interoperable technology to strengthen noncore technology. Without diversity of secure technology in the 5G ecosystem, the United States leaves itself open to exploitation. Should these demands not be met, the coalition will need to develop new information sharing agreements to mitigate the simple fact that Huawei cannot be a trusted reliable information provider. The United States, along with our closest allies, should lead in the race to develop forward looking and competitive 5G infrastructure technology and policy, or risk falling prey to bad actors. If we are able to get our act together, we still have the opportunity to positively impact 5G development, but we must act now before it is too late. Our national security depends on it.

Nate Snyder is a senior advisor with Cambridge Global Advisors. He was a senior counterterrorism official with the Department of Homeland Security and the Countering Violent Extremism Task Force under President Obama.

Commentary: 5G Is The Essential National Security Imperative Of Our Time

By: Christopher Burnham

The hype around 5G is real—it will change how we communicate, travel, fight wars, drive (or not drive) cars, and educate our children. It will also change how doctors operate and treat and heal the sick. It is the most important modernization of our infrastructure that we can do until quantum computing is perfected. It is also the single most important national security imperative for the US for the next ten years.

In the race to 5G, it’s clear that the Chinese have an advantage because their government can tell companies “give back the spectrum we licensed to you”, and then reallocate it to where it can be the most effective in winning the 5G race. Spectrum in the US (think radio waves), has been given away or sold for pennies by the Federal Communications Commission (FCC) for decades. President Lyndon Johnson made $20 million getting the FCC to sell him radio and T.V. spectrum for two Texas stations for pennies back in the 1940s. That certainly has ended in recent years—just in the last four years the FCC has auctioned off two spectrum ranges for more than $50 billion.

Over the past forty years, spectrum for mobile phones, satellite communications and T.V., GPS services, and hundreds of other applications has been awarded by the FCC to jump-start the communications revolution we now take for granted. To fully implement 5G across all communities in the U.S., the FCC must now figure out how to allocate spectrum from the very lowest frequency to incredibly high millimeter wave frequency. The backbone will be (for lack of a better way to describe it) in the middle frequency—or the part that was given away for free to government satellite companies back in the 1960s, that then became the struggling satellite companies of today. This is known as “C-band spectrum”, and you will see the numbers 3.7 to 4.2 gigahertz associated with that band. C-band is what enables you to watch the championship basketball game on cable TV as it is the backhaul for ESPN and other networks.

However, C-band is not the only spectrum needed to fully implement 5G. Lower and higher frequencies are also needed. The trouble is, it’s a trade-off. Low frequency is great at going very long distances and can penetrate buildings, forests, even mountains and oceans if ultra-low frequency. That is how our submarines communicate back to the U.S. from deep within the ocean. The trouble is, low frequency also means low bandwidth. High frequency has enormous bandwidth. But it can only go very short distances, and rain, snow, trees, let alone buildings, can disrupt or block it. That is why at that end of the proposed 5G spectrum, you will need an antenna every couple 100 yards or so versus current cell phone towers today, which are miles apart.

What the FCC must now do is figure out how to get back all this spectrum and auction it to those cellular companies building the 5G backbone. Other countries have recently held highly successful auctions for this spectrum range. Some of the mid-band spectrum is also controlled by the U.S. military—and is essential for radar. Unused portions of this will need to be reallocated to the FCC for auctioning to 5G companies.

This piece originally appeared in Forbes on April 12, 2019.

Commentary: A Centralized, National 5G Network Would Pose More Harm Than Good

By: Frank Taylor

This op-ed originally appeared in Homeland Security Today, March 20, 2019.

5G wireless technology is poised to become a critical piece of infrastructure at home and abroad, and the efforts well underway by U.S. wireless carriers to develop and deploy 5G are not only a matter of economic security, but also of national security. Not only will 5G mean lightning-fast data speeds upward of 20Gbps that will usher in a host of innovations, but the fifth generation of connectivity will allow for more secure and better connections among Internet of Things, enterprise networking and critical communications. 5G will only grow in importance as federal agencies, like the Department of Homeland Security (DHS) or the State Department, continue efforts to modernize current systems and processes.

However, there has been some recent advocacy for the development of a single, government-owned and managed 5G network. This idea has grown based on fears that China is both leading in the race to 5G and that Chinese network equipment poses a security threat. To be clear, American leadership and security are paramount for the best development of the 5G network, but a nationalized commodity is the wrong approach to ensure the safety and security of American mobile network users. As FCC Commissioner Brendan Carr recently wrote, this is a race between two very different models, “the central planning and industrial policies of China versus America’s free markets.”

Beyond the anti-American nature of a nationalized 5G network, there are already security risks and implications of the increased connectivity between 5G devices. A government network would create more harm than good for several reasons. 

First, a nationwide government network would take years to deploy, launching long after American wireless carriers roll out their own. The U.S. was first to deploy 4G wireless technology, and is already on the cusp of nationwide deployment of 5G technology, as all national wireless carriers have announced plans to deploy a 5G network, with some beginning as early as this year.

Second, the government is not known for being at the forefront of technological advances, nor for having the tightest cyber and data security. For example, one of the largest government data breaches in the history of this country occurred in 2015 when the Chinese hacked the Office of Personnel Management (OPM) database, exposing the sensitive data of more than 21 million Americans. With such a track record, how can we trust the government to secure a single nationwide 5G network?

Furthermore, a single network creates one centralized target for bad actors, like a giant bull’s-eye. Rather, decentralized networks create redundancy and offer a more secure approach to wireless communications.

American companies have also been steadfast in leading the global standard setting necessary for an interconnected 5G platform. Through umbrella standards groups like the Third Generation Partnership Project (3GPP), U.S. companies have been advocating for open and transparent standards for 5G, much as they did with 4G connectivity in the early 2000s. This commitment to open, transparent and impartial standards is necessary to ensure that the American homeland, individual citizens, companies, and the government do not face undue cybersecurity risks.

By its nature, 5G architecture’s unique specifications add many security layers, which is in addition to the many security features that wireless carriers are adding within their networks. These features are necessary to protect the capabilities that 5G brings with it — whether that be enhanced machine learning or driverless vehicle-to-vehicle technology. American wireless carriers have a longstanding history of protecting networks from cyber risks and vulnerabilities, which the federal government does not.

According to 5G Americas, “The mobile wireless industry’s longstanding emphasis on security has been a strong market differentiator against many other wireless technologies which have network architectures that are inherently more vulnerable. Even mobile’s use of licensed spectrum provides a powerful additional layer of protection against eavesdropping on data, voice and video traffic.”

While a government-owned 5G network has some inherent weaknesses, there is a clear role for the government to play in the rollout of 5G. To ensure that our data is secure, and that Americans are not subject to malicious actors through backdoors of foreign technology, the government can maximize its long-established private-public partnerships (P3s). The government can, and should, aid in information-sharing, standard-setting, and adoption of best practices to ensure that our national security needs are met while simultaneously allowing industry to continue leading through innovation. Through the latest reorganization at DHS, which includes establishing the Cybersecurity and Infrastructure Security Agency (CISA), we can ensure that the telecom companies have the latest in cybersecurity intelligence and best practices so that not only will 5G be lightning fast, but also secure. 

Rather than pursuing a centralized network that will take years to build and create unnecessary vulnerabilities, the federal government should facilitate the ongoing industry efforts to usher in the next generation of secure wireless connectivity. Government should not be in the middle of innovation — instead, government should exist to foster innovation.

Press Release: CGA's Jake Braun Testifies Before U.S. House Homeland Security Committee

Washington, DC (February 13, 2019) - Today, Jake Braun, co-founder of the Voting Village at DEF CON -- the world’s largest and longest running hacker conference -- testified before the U.S. House Homeland Security Committee about the cybersecurity threats facing our nation’s elections infrastructure.  Citing DEF CON’s own groundbreaking research that it has conducted over the last two years in the aftermath of the Russian hacking during the 2016 elections, Braun’s testimony represented one of the first times DEF CON was invited to play a prominent role in informing and educating Washington lawmakers on issues of national security.

The testimony also represented a first foray into Washington for the University of Chicago’s Cyber Policy Initiative (CPI), launched last year at DEF CON 26 and currently led by Braun, who serves as its Executive Director. Housed within the Harris School at the University of Chicago, CPI serves as a forum through which hackers, technologists, academics, and the cyber research community can engage policy makers at all levels of government to strengthen our voting systems and our democracy.

“It’s an honor to be here on the Hill wearing both hats today,” said Braun. “Over the last two years, DEF CON has done cutting-edge research to expose and elevate the vulnerabilities in our voting systems -- and now CPI is playing a critical translator role, taking findings out of the ‘hacker’ world and explaining threats and solutions to lawmakers in policy terms, helping to tackle what’s become one of the biggest national security concerns of our time.”

In addition to highlighting the link between national security and protection of our nation’s election infrastructure, Braun highlighted specific vulnerabilities found by the DEF CON Voting Village demonstration, which represented the first public, third-party security assessment of voting machines.

Braun also added, “The attacks on our election infrastructure are not solely an election administration nuisance but rather a national security threat,” said Braun. “This is about our national security apparatus marshalling its resources to do what our nation expects it to do, which is protect our country from existential threats to the United States.”

The hearing, called by Representative Bennie G. Thompson (D-MS), sought to kick-off debate on H.R. 1, the For the People Act of 2019.  Braun was joined by notable election leaders including California Secretary of State Alex Padilla; former Cook County, Illinois, Director of Elections Noah Praetz; Alabama Secretary of State John Merrill; Christopher C. Krebs, Director, Cybersecurity and Infrastructure Security Agency, Department of Homeland Security; and Thomas Hicks, Chairman, U.S. Election Assistance Commission.

Additional Resources:

For a full video of the proceedings, please visit https://youtu.be/EXosdmRSsNA

For Braun’s full testimony, please visit: https://homeland.house.gov/sites/democrats.homeland.house.gov/files/documents/Testimony-Braun.pdf

For the full 2017 DEF CON report, please visit https://defcon.org/images/defcon-25/DEF CON 25 voting village report.pdf

For the full 2018 DEF CON report, please visit https://defcon.org/images/defcon-26/DEF CON 26 voting village report.pdf

###


We’ve Spent Billions on Cybersecurity: How Are We Doing?

This commentary originally appeared in Homeland Security Today, January 30, 2019.

Protecting America’s critical infrastructure — essential to our everyday life — from cyber attacks remains one of our nation’s most important missions. How are we doing?

Not so good, by some accounts. In 2017, a major MIT report concluded that after spending billions of dollars over the past few decades, our infrastructure is somehow less secure than we were 30 years ago. Its authors conclude that “the vulnerability of the systems that power our nation is a national disgrace.”

And this is not merely a theoretical risk. Last April, the U.S. Department of Homeland Security (DHS)  and the Federal Bureau of Investigation issued an alert regarding the worldwide cyber exploitation of network infrastructure devices by Russian state-sponsored cyber actors. In May, the U.S. Department of Justice announced they had stopped a network of more than half a million worldwide web-connected infected devices or “botnets.” And the Office of the Director of National Intelligence has concluded that they “expect that Russia will conduct bolder and more disruptive cyber operations” against our critical infrastructure in 2019.

Despite the recent re-opening of the federal government, Washington will likely remain gridlocked with no consensus plan to protect our critical infrastructure. Without the federal government acting, we will likely end up with a patchwork of potentially confusing and conflicting state and local regulations, which would create a nightmare landscape for business.

Progress, however, is possible and achievable. The same MIT report that paints such a grim picture also concludes that “the pathway to higher ground has been charted.” In addition, a new law was passed in October that formally creates a new federal agency at DHS, the Cybersecurity and Infrastructure Security Agency (CISA), which will become the federal government’s focal point to more strategically catalogue national critical functions and better advise on risk. And while properly organizing and planning is necessary to taking action, so is process. Fortunately, embedded in CISA is a cross-sector, collaborative approach to improving cybersecurity. DHS calls it providing for a collective defense.

So, where do we go from here? Such a process could lead to more widespread adoption of voluntary best practice standards, like the CIS Controls, the set of internationally recognized prioritized actions that form the foundation of basic cyber hygiene — cyber network defense that is demonstrated to prevent 80-90 percent of all known pervasive and dangerous cyber attacks. The Controls, compiled by cybersecurity experts around the world, help implement the goals of the NIST Cybersecurity Framework by providing a blueprint for network operators to improve cybersecurity by identifying specific actions to be done in priority order.

In the oil and natural gas industry – obviously a key sector – most companies already adhere to the NIST framework, and other voluntary standards. For example, a majority of the natural gas pipeline companies that operate about 200,000 miles of pipelines have committed to implementing the updated Transportation and Security Administration (TSA) voluntary pipeline cybersecurity guidelines, further demonstrating the success of public-private collaboration. But not all sectors possess the same resources. Greater adoption of the Controls would further boost critical infrastructure by increasing their ability to defend against common attacks.

There will be no single, silver bullet that magically protects our critical infrastructure from cyber harm. But the CIS Controls and other voluntary best practices are known pathways to stronger cybersecurity. We should redouble our efforts to implement them today.

Brian de Vallance, a former Assistant Secretary for Legislative Affairs at the U.S. Department of Homeland Security, is a senior fellow at the Center for Cyber and Homeland Security at the George Washington University.

Commentary: Energy Sector Cyber Threat Is Real; Greater Collaboration Is Part of the Answer

By: Christopher Burnham & Brian deVallance

This piece originally appeared in Homeland Security Today, October 9, 2018.

In June of 2017, when Wired magazine published a harrowing account of Russia’s hack of the Ukrainian electrical grid, it quickly generated broad discussion about the state of our nation’s cyber defense in the critical infrastructure (CI) sectors. But Washington is nearly 5,000 miles from Kiev, and Russia’s ability to take control of a Ukrainian power company through its IT helpdesk seemed even more remote.

Remote no longer. Dan Coats, the director of National Intelligence, recently testified before Congress that “the warning lights are blinking red again” and that “today the digital infrastructure that serves this country is literally under attack.” In March, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) issued a joint alert of Russian cyber activity seeking to disrupt the energy and other CI sectors.

While much remains to be done, the U.S. is headed in the right direction on cyber. First, there is growing consensus about what constitutes basic cyber hygiene or cyber defense – for example, the Critical Security Controls from the nonprofit Center for Internet Security. In addition, following the release of the federal government’s National Security Strategy last December, the White House issued its new National Cyber Strategy in September.

Earlier this year the Department of Energy unveiled its new Office of Cybersecurity, Energy Security, and Emergency Response (CESER), and the Senate has confirmed cyber-savvy Karen Evans as the office’s first assistant secretary. Just last week, DOE announced $28 million in technologies intended to improve the cybersecurity of power and energy infrastructure.

At the DHS Cyber Summit in July, Secretary Kirstjen Nielsen announced the creation of the National Risk Management Center (NRMC), DHS’s intended home for collaborative, sector-specific and cross-sector risk management efforts to better protect critical infrastructure. It is significant that DHS is highlighting the need to continue to build and strengthen partnerships as a part of fortifying American cybersecurity. As former DHS Deputy Secretary Jane Lute has noted, we have not yet decided, as a society, the precise role that government will play in protecting our national cyber resources. This is consistent with DHS’s enterprise approach of needing more than a single federal department to secure the homeland. Instead, we need the active partnership of all of us: state, local, tribal, and territorial (SLTT) governments; federal and SLTT law enforcement; nonprofit best-practice providers; the private sector; and the American public.

Jeanette Manfra, DHS’s assistant secretary for cyber, provides a cogent roadmap: We need to “create this collective defense model, where we all provide capabilities, authorities, and competencies to make cyberspace safer.”

For their part, the various CI sectors have been diligent in working to combat cybersecurity risk. Some CI sectors, like the natural gas industry, have been investing millions in new technologies to improve distributed control systems, cloud-based services, and data analytics. Additionally, sector-specific Information Sharing and Analysis Centers (ISACs) have allowed for improved information sharing between industry and the federal government. Top ISACs include the Multi-State ISAC, the Oil and Natural Gas ISAC, and the Financial Services ISAC, among other ISACs. Other positive industry actions include adopting voluntary best practices like the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity; participating in cross-industry exercises like Grid-Ex, where CI sectors practice responding to cyber-attacks; and continually educating employees on the latest cyber risks and threats.

With the establishment of the NRMC, Secretary Nielsen has issued a challenge and an invitation: private industry and the various national security agencies need to work together to help make this cross-sector, public-private partnership model a successful approach to increasing cyber defense in critical infrastructure.

The individual partners are making progress. We must now work together to create a collective defense.

IN-THE-NEWS: CGA President Douglas Lute and CGA Senior Advisory Francis Taylor co-author report for the IBM Center for the Business of Government

Recently CGA President Amb. Douglas Lute and CGA Senior Advisor Gen. Francis X. Taylor authored a report for the IBM Center for the Business of Government. The report, “Integrating and Analyzing Data Across Governments - The Key to 21st Century Security: Insights from a Transatlantic Dialogue,” focuses on data gathering, analysis, and dissemination challenges and opportunities across the homeland security enterprise. It especially looks at how improved information sharing could enhance threat prediction and prevention in a transatlantic context.

Lute and Taylor address how stakeholders in the U.S. and Europe can increase the understanding of effective ways to leverage channels involving technology, human capital, organizations, and private sector coordination that meet strategic, mission, and operational needs. The report highlights opportunities for governments to leverage data integration and analytics to support better decision making around cyber and homeland security.

The authors draw primarily on findings from two roundtable discussions with current and former government leaders and stakeholders. The first meeting, held in Washington, D.C. in October 2017, focused on how the U.S. Department of Homeland Security (DHS) information sharing enterprise can have the greatest impact and interaction with partners. The second meeting, held at the U.S. Mission to the European Union (EU) in Brussels in March 2018, focused on how the European Union and other European organizations and member states can work with U.S. agencies to enhance outcomes from improved information sharing.

Given the imperative for transatlantic and cross-sector collaboration to understand and respond to an increasingly complex set of threats facing governments, we hope that this report provides timely insights for public sector leaders and stakeholders.

Download and read the report here.

Commentary: Next frontier of Russian meddling: energy intimidation

By: Doug Lute

This commentary originally appeared in The Hill, August 28, 2018.

Russian meddling in the 2016 U.S. elections is now largely beyond debate. But this focus is too limited in scale and too narrow in scope. This is more than just a challenge to American elections. Russia has interfered repeatedly with democracies in Europe, including a number of our NATO allies. Putin has used cyberattacks, misinformation campaigns and support for rightist parties. He even attempted an overthrow of the government in Montenegro as they approached a national decision to join NATO.  

Another key vulnerability for many in Europe is their dependence on Russian energy, particularly natural gas. While Putin has yet to play this card beyond Ukraine, energy intimidation must be a national security concern among many of our NATO allies. In July, NATO leaders met in Brussels and reaffirmed the role that energy security plays in the common security of the alliance.

 

The European Union, which includes most of our NATO allies, gets about 40 percent of its natural gas from Russia. While Germany has been critiqued for importing about a third of its gas from Russia, allies in Lithuania and Estonia are 100 percent dependent on Russian gas. Concerns increase as the Nord Stream 2 pipeline would increase Russian imports to Europe. If Russia decided to manipulate these energy streams, or even intimidate by threatening to do so, it could cripple the European allies.

NATO is alert to this vulnerability, reaffirming during the recent summit that “it is essential to ensure that the members of the Alliance are not vulnerable to political or coercive manipulation of energy, which constitutes a potential threat.”

Given the dependence of our European allies on Russian energy, it is in U.S. national security interest to reduce Russian potential for influence by diversifying gas sources to Europe. U.S. liquid natural gas (LNG) production has nearly doubled since 2010 and exports of LNG quadrupled in 2017, with exports to Europe accounting for the third-largest share. This is a big step in the right direction as Europe seeks to diversify its energy sources. 

While the U.S. itself remains a massive consumer of LNG, production is expected to grow 59 percent between 2017 and 2050, increasing further the capability of the U.S. to export LNG to our allies. This is, of course, dependent upon adequate infrastructure for exporting and importing LNG, but the U.S. has opened two export terminals since 2016, with four more on the way. On the European continent there are now 28 LNG import terminals, with 22 more terminals planned or under consideration. 

The first tankers carrying U.S. LNG docked at Polish and Lithuanian terminals last year, and we can expect this to increase. This is a classic case where U.S. security interests and economic interests are mutually supportive.  

While expanding American LNG exports to Europe will help, other vulnerabilities remain for energy security. For example, cyberattacks can wreak havoc on energy infrastructure and some critics claim that American LNG companies face particular vulnerabilities. Cyber experts agree that any activity reliant on the internet can be at risk and must be protected. All forms of energy infrastructure face this challenge. As Professor Chris Bronk, an expert in computer and information systems at the University of Houston, recently told Reuters: “coal plants, train deliveries and transmission systems are just as susceptible to hackers as gas pipelines… [and] the stakes involved in a successful nuclear cyber attack are enormous.” 

The U.S. LNG industry takes responsible steps on cyber security. In line with new guidance from the Department of Homeland Security, the LNG industry orients its cybersecurity to the national standards and implements cybersecurity programs based on established best practices, including following the National Institute of Standards and Technology (NIST) Cybersecurity Framework, and sharing information through the Oil and Natural Gas Information Sharing and Analysis Center (ONG-ISAC). While there is no perfect cybersecurity, such steps reduce the risk as we expand LNG production.

Energy security is national security. This means reducing the dependence of our European allies on Russian energy.  It is in the national interest of the U.S. to stand with our allies to do all that we can to help diversify their energy sources, and increased U.S. LNG export capacity provides the means to do so.

Douglas Lute was the U.S. ambassador to NATO from 2013 to 2017. He is a senior fellow at the Belfer Center at Harvard University, and president of Cambridge Global Advisors, a consulting firm with a special focus on national security, and experience at the global, national, state and local levels. 

Commentary: DHS’ Big Data Integration Challenge

By Francis X. Taylor

This commentary originally appeared in The Cipher Brief, August 8, 2018.

Department of Homeland Security Secretary Kirstjen Nielsen recently traveled from Washington D.C. to New York with her senior team in tow, to announce the creation of the National Risk Management Center.  It is intended to be DHS’ tip of the spear when it comes to information sharing between the public and private sectors about emerging and sometimes urgent, cyber security threats. 

In an opinion piece posted on CNBC, Nielsen said that the U.S. is not “connecting the dots” quickly enough and said “Between government and the private sector, we have the data needed to disrupt, prevent and mitigate cyberattacks.  But we aren’t sharing fast enough or collaborating deeply enough to keep cyberattacks from spreading or to prevent them in the first place.”

As DHS takes on a new collective defense strategy by putting a premium on public-private information sharing efforts, The Cipher Brief wanted to know a little more about how DHS itself stores and accesses the vast amounts of data it holds. 

Francis Taylor served as DHS’ Under Secretary for Intelligence and Analysis during President Obama’s second term.  One of his priorities was to figure out how DHS could better use data technology tools to increase its operational effectiveness.  It was an issue that he also had to tackle during his time in the private sector, where he worked as Vice President and Chief Security Officer for General Electric. 

Taylor shared his insights with The Cipher Brief, offering a better understanding of the current efforts within DHS to strengthen its capacities, especially at the enterprise level.  We also wanted him to explain what makes integration such a vexing task.

The Cipher Brief: Can you give us some strategic context around data analysis and integration?

Taylor:  Data analysis and integration is critical to how we protect our country and our border. After 9/11 the discussion was about “connecting the dots.” Today there are trillions of dots of information that are available to help us understand what individual, organization or nation- state represent a threat to our people, our country and way of life. Much of that information comes from around the world and allows us to push our analysis beyond our border to regions across the globe. Not only must DHS integrate the data that it collects in the performance of its mission, it must integrate that data with other data from open source, our international partners, and the intelligence and law enforcement communities to have a full picture of the threats we face.

The Cipher Brief:What kinds of data does DHS collect and store?

Taylor: DHS is the third largest department of our government.  DHS components comprise the largest number of federal law enforcement officers in our government and the department conducts its law enforcement mission worldwide.  It interacts daily (and collects information on) U.S. citizens, foreign nationals and U.S. and foreign businesses applying for benefits from the U.S. Government.  DHS also collects data in conjunction with its law enforcement and security missions enforcing U.S. immigration and trade security regimes, immigration violations, citizenship, refugee and asylum applications, and trusted traveler programs.  DHS stores all of this data in more than 900 unconnected databases and the information is kept in silos that are then accessed by the components to perform daily missions. Many of these databases were created long before DHS was established in 2003 and contain old technology that make it difficult to update and integrate.

The Cipher Brief:  How does the issue of data overload negatively impact DHS’ mission to protect the country?

Taylor: I believe that DHS has all the information it needs to proactively defend our country, but the information that is collected is not available to the operators for data analytics that would improve their understanding of threats to our homeland.  The amount of valuable intelligence sitting in DHS data systems is staggering and would be invaluable to DHS and the rest of the U.S. government if it was better analyzed and shared with the appropriate stakeholders.

The Cipher Brief:What is the DHS Information Sharing Enterprise and how does the National Vetting Center (NVC) support the overall mission?

Taylor: The DHS Information sharing enterprise is embodied in the DHS Information Sharing and Safeguarding Governance Board (ISSGB) which is chaired by the DHS Chief Information Officer and the DHS Under Secretary for Intelligence and Analysis. All of the components of the Department are represented on the ISSGB. Unfortunately though, the ISSGB has been largely ineffective in moving the needle within the Department to improve information sharing across the enterprise.  DHS component elements generally do not see value in integrating information across the enterprise.  And there is little incentive to change this paradigm, absent dedicated funding for the enterprise and a clear prioritization of this integration from the Department’s leadership.

The NSC established the National Vetting Center (NVC) in DHS to serve as a focal point for all USG vetting to support travel and border security. It is a logical enhancement to CBP’s National Targeting Center (NTC) that has developed and deployed significant capability in data analytics and integration that improves our understanding of threats to our travel and trade activities as well as our border. NVC envisions building on the NTC foundation to develop even more sophisticated tools and processes to vet individuals applying for benefits within our country.  As the Obama administration was transitioning, former DHS Secretary Jeh Johnson asked all senior staff what we would have done differently, based on what we had learned during our time at the helm.  My answer was that we should have moved ALL vetting for benefits administered by the Department to the National Targeting Center as a government-wide shared service.  My rationale was simple, the Secretary of DHS is the one official in our government that has the final say over who is allowed into our country, but the Secretary does not own the process to ensure that the vetting is effective and continues to improve.  I believe the NVC begins that process and will significantly improve how we make decisions across our government on applications for benefits.

The Cipher Brief: What is the state of DHS data integration and information sharing (i.e. HSIN)?

Taylor: The DHS Data Framework is a joint endeavor by the DHS CIO and Under Secretary for Intelligence and Analysis to build a data lake with the top 20 databases essential to the Department’s vetting and assessment mission. I understand the momentum of the data framework has slowed significantly. I also understand that CBP is driving the data framework as the next level of improvement in information sharing but that DHS headquarters support for initiative is lacking.

The Homeland Security Information Network (HSIN) continues to be the most effective system for DHS to communicate with its state, local, tribal, territorial and private sector partners. But it has real shortcomings.  It needs continued investment to make it more a data sharing platform and not just a communication platform.  HSIN does not allow for data searching and online queries.  This needs to change if the system is to continue to be valuable to DHS stakeholders at every level.

The Cipher Brief:Why is creating DHS-wide searchable data stores so difficult for the Department? Would DHS benefit from a data integration acquisition and standards czar?

Taylor: Most law enforcement organizations are organized to pursue investigating and interdicting wrong doers.  It is the most important aspect of the mission, and I share focus on these priorities.  However, the absence of an integrated data system denies DHS components and others the ability to fully exploitat the information stored in Department systems.  This is inefficient. The lack of an integration function at the headquarters-level makes fixing this shortcoming harder.  The original vision for the Department was to have little centralized-control of operations and to keep operational power within the components.  Each DHS component approaches its missions from its own narrow organizational mission perspective. The components have built processes and procedures from their individual operational perspectives and not from the perspective of how these procedures can be more effectively integrated to meet the collective mission of the Department.  Add to this the fact that budgeting and oversight of the Department is controlled by more than 80 Congressional oversight committees and you can imagine the dysfunction and disincentive to collaborate.

The Cipher Brief: Finally, how do blockchain, advanced encryption or other types of algorithms increase the likelihood of safe data sharing across the DHS Information Sharing Enterprise?

Taylor:  All of the new information analysis technologies will greatly improve information sharing in the Department. Some of this technology is already in use in some of the components; yet it is not systematic and does not optimize the use of these technologies.