How Uber Could Help Change Spycraft

The_Intelligence_Process_JP_2-0.png

The US intelligence community wants feedback from the innovative car-sharing company and other commercial startups on its 5-year data-analysis roadmap. The intelligence community quietly released an unprecedented, unclassified five-year-roadmap charting the future of data analysis it wants commercial startups like ride sharing firm Uber to read.

The chart, part of a larger science and technology strategy, is aimed at encouraging unconventional makers like the car service app-developer and traditional tech contractors to help fund answers to oncoming national security problems.
The roadmap is an outgrowth of spring workshops with 40 companies that do classified work and a government analysis of the intelligence community’s science and technology needs.

By syncing private sector research now underway with the Office of the Director of Intelligence’s threat predictions, the right technology will be ready at the right time at the right price, DNI officials say.
The publicly available gap analysis, titled “Enhanced Processing and Management of Data from Disparate Sources,” maps out one of six future growth areas for the spy community. The other graphics are only for the eyes of individuals holding secret security clearances.
“Maybe they’ve got scheduling algorithms that would help us with our logistics problems,” David Honey, DNI director of science and technology, said during a recent interview with Nextgov. “If we can leverage those kinds of tools, maybe we gotta adapt them a little bit, but that certainly beats having to go and pay for those things from scratch.”

Powers U.S. spies need that no one is funding yet include, for example, expertise in determining the biases of social media site moderators, geolocation in the presence of encryption, room temperature quantum computing, and immersive virtual world user experience.
“One of our goals for the coming year is to try and extend our outreach via whichever trade associations are willing to take it on, into the uncleared community as well,” Honey said, sitting inside DNI’s McLean, Virginia headquarters. “That’s why getting this information on to the ODNI’s open website was so important to us. We want to have that outreach to the nontraditional to include the uncleared performer community so that they can gain insight into what the challenges are that we face so that they can come forward with ideas.”

As of four years ago, information technology consumed about 23 percent of intelligence program funding, according to DNI. President Barack Obama has requested $53.9 billion for the program in 2016.
Social Media Overload
Director of National Intelligence James Clapper last month described some information-munching difficulties confronting analysts, such as tracking down lone wolf extremists who have been inspired by Islamic State rhetoric.
“With the way people radicalize on their own, or are radicalized via social media where they don’t leave out a signature, they don’t emit — some attribute or trait or behavior that would lead you to begin watching them,” Clapper said at the Aspen Security Forum in Colorado. “And so we’re lacking that.”
The difficulty is then exacerbated by the use of encrypted, or digitally scrambled, communications, he said.
“Someone is proselyted by an ISIL recruiter sitting in Syria or some place,” and if that potential extremist takes an interest, “then they’ll switch to, you know, encrypted communications that we can’t watch,” Clapper said.
However, it is not believed the homegrown radical Mohammod Abdulazeez, who gunned down five servicemen in Chattanooga, Tennessee, in July, used encryption to hide plotting.
“There’s been no connection made” yet, Clapper acknowledged. He added, it might be beneficial to quantify the use of encryption by terrorists: “I think we probably need to see what we can do to do a better job of keeping some metrics” on incidents “where we ran into an encryption situation and that stymies an investigation,” he said.
The intelligence community is not bankrupt of innovators, by any means.
In-Q-Tel, a CIA-backed venture capital firm, has borne fruit from technologies it helped seed at open source threat analysis firm Recorded Future and data-sleuthing company Palantir, among some roughly 200 startups.
But sometimes, uncleared execs create gadgets and services that have unintentional classified applications, Honey said.
The spy community might look at, for instance, Twitter analytics to discern how a mass civilian casualty incident overseas is affecting foreign sentiment toward America.
Social media “is in many cases an indicator of developments that previously we never would have had access to. One time, the best open source information source would have been CNN,” Honey said. “But today, with all the social media activity that’s out there, we need to understand what’s coming before it gets here — not after it’s already here and now we’re behind the curve in understanding how to interpret it.”
People might ask, “How could you not follow what goes on, on Twitter?” he added. ”Well, it hasn’t been around that long,” he added.
Crowdsourcing Classified R&D
The data analytics roadmap fills up a couple of sheets in a 26-page unclassified 2016-2020 DNI science and technology strategy posted online in recent days.
Bringing the paper to life already has required the use of social media. Contractors and intelligence agencies are crowdsourcing updates to the document and matching agency needs with funded corporate projects on a classified website, Honey said.
The collaboration environment is located on a Top Secret system called Jwics, for Joint Worldwide Intelligence Communications System.
It’s easy to compare this venture to a wiki, but unlike, say, Wikipedia, the spy system must be able to push out edits to relevant agencies and relevant companies in a timely fashion.
Agencies “need to be able to post the challenge in a way that the system automatically alerts the right technology suppliers,” and “if you’re a technology provider and you are posting new solutions, the solutions need to be able to find their way to the customer” without everybody doing a search every day, Honey said.
If feasible, DNI will create a public Web space for individuals without clearances to contribute suggestions for the unclassified strategy, he said.
Other roadmaps designed during the recent contractor workshops chart rifts in, among other things, space capabilities, global proliferation prediction capacity, and the ability of novel sensors to reveal adversary actions.
The businesses that participated in the meetings are gathering a week from Monday to start developing yardsticks for measuring progress in each gap area, Honey said.
Outsiders wanting to help equip spies who have not been briefed on Top Secret intelligence are not necessarily at a disadvantage. They might be more likely to devise technologies that go beyond mere upgrades.
“If you are too close to the classified information, you are going to try to create a faster horse,” Honey said. “Quite often, people who have just a general knowledge of what we’re trying to do are in a better position to help us think about new solutions, than those who are deeply ingrained in the machine.”
DefenseOne: http://bit.ly/1Kpo2bH

 

 

« Investors Pour $Billions in to Cybersecurity
Addressing the Predictive Analytics Skills Gap »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

April 4, 2024 | 11:00 AM PT: Join this webinar to find out about six emerging trends dominating the cloud cybersecurity landscape.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Fuel Recruitment

Fuel Recruitment

Fuel Recruitment is a specialist recruitment company for the IT, Telecoms, Engineering, Consulting and Marketing industries.

Verisec International

Verisec International

Verisec International AB is a Swedish Tech company focused since inception in enabling Trust in Digital Transactions, through the development of proprietary cutting-edge technologies and services.

Qualitèsoft Technology

Qualitèsoft Technology

Qualitèsoft Technology is a leading Software Development and Quality Assurance organization. We specialize in Custom Development, Mobile Application, Software Testing and Quality Assurance.

Redbud

Redbud

Redbud is a specialist search and recruitment firm for Information Security professionals.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Industrial Cyber-Physical Systems Center (iCyPhy)

Industrial Cyber-Physical Systems Center (iCyPhy)

The goal of iCyPhy is to conduct pre-competitive research on architectures and design, modeling, and analysis techniques for cyber-physical systems.

FarrPoint

FarrPoint

FarrPoint is a specialist telecoms consultancy providing a range of services including cyber security assessments and technical assurance to safeguard your data.

Windscribe

Windscribe

Windscribe is a Virtual Private Network services provider offering secure encrypted access to the internet.

Ensign InfoSecurity

Ensign InfoSecurity

Ensign InfoSecurity is Southeast Asia’s largest pure-play cybersecurity firm.

Threatspan

Threatspan

Threatspan is a cybersecurity firm helping shipping and maritime enterprises achieve and maintain nautical resilience in an age of increasing cyber threats.

GlassSquid

GlassSquid

glasssquid.io simplifies your cyber security job search. We want to help you find your next perfect fit opportunity by removing the confusion.

Adarma Security

Adarma Security

Adarma are specialists in threat management including SOC design, build & operation.

SecureAge Technology

SecureAge Technology

We’re a rapidly growing cybersecurity company with an 18-year history of ZERO Data breaches. Our security solutions place security and usability on equal footing. Learn more about our technology.

Psybersafe

Psybersafe

Psybersafe is a hands-on, behaviour-changing training system that keeps your people and your business cyber safe.

CyberCatch

CyberCatch

CyberCatch provides an innovative cybersecurity Software-as-a-Service (SaaS) platform designed for SMBs.

SecureTeam

SecureTeam

SecureTeam are a UK-based information security practice, specialising in all areas of cybersecurity.