How Uber Could Help Change Spycraft

Uploaded on 2015-08-24 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

The_Intelligence_Process_JP_2-0.png

The US intelligence community wants feedback from the innovative car-sharing company and other commercial startups on its 5-year data-analysis roadmap. The intelligence community quietly released an unprecedented, unclassified five-year-roadmap charting the future of data analysis it wants commercial startups like ride sharing firm Uber to read.

The chart, part of a larger science and technology strategy, is aimed at encouraging unconventional makers like the car service app-developer and traditional tech contractors to help fund answers to oncoming national security problems.
The roadmap is an outgrowth of spring workshops with 40 companies that do classified work and a government analysis of the intelligence community’s science and technology needs.

By syncing private sector research now underway with the Office of the Director of Intelligence’s threat predictions, the right technology will be ready at the right time at the right price, DNI officials say.
The publicly available gap analysis, titled “Enhanced Processing and Management of Data from Disparate Sources,” maps out one of six future growth areas for the spy community. The other graphics are only for the eyes of individuals holding secret security clearances.
“Maybe they’ve got scheduling algorithms that would help us with our logistics problems,” David Honey, DNI director of science and technology, said during a recent interview with Nextgov. “If we can leverage those kinds of tools, maybe we gotta adapt them a little bit, but that certainly beats having to go and pay for those things from scratch.”

Powers U.S. spies need that no one is funding yet include, for example, expertise in determining the biases of social media site moderators, geolocation in the presence of encryption, room temperature quantum computing, and immersive virtual world user experience.
“One of our goals for the coming year is to try and extend our outreach via whichever trade associations are willing to take it on, into the uncleared community as well,” Honey said, sitting inside DNI’s McLean, Virginia headquarters. “That’s why getting this information on to the ODNI’s open website was so important to us. We want to have that outreach to the nontraditional to include the uncleared performer community so that they can gain insight into what the challenges are that we face so that they can come forward with ideas.”

As of four years ago, information technology consumed about 23 percent of intelligence program funding, according to DNI. President Barack Obama has requested $53.9 billion for the program in 2016.
Social Media Overload
Director of National Intelligence James Clapper last month described some information-munching difficulties confronting analysts, such as tracking down lone wolf extremists who have been inspired by Islamic State rhetoric.
“With the way people radicalize on their own, or are radicalized via social media where they don’t leave out a signature, they don’t emit — some attribute or trait or behavior that would lead you to begin watching them,” Clapper said at the Aspen Security Forum in Colorado. “And so we’re lacking that.”
The difficulty is then exacerbated by the use of encrypted, or digitally scrambled, communications, he said.
“Someone is proselyted by an ISIL recruiter sitting in Syria or some place,” and if that potential extremist takes an interest, “then they’ll switch to, you know, encrypted communications that we can’t watch,” Clapper said.
However, it is not believed the homegrown radical Mohammod Abdulazeez, who gunned down five servicemen in Chattanooga, Tennessee, in July, used encryption to hide plotting.
“There’s been no connection made” yet, Clapper acknowledged. He added, it might be beneficial to quantify the use of encryption by terrorists: “I think we probably need to see what we can do to do a better job of keeping some metrics” on incidents “where we ran into an encryption situation and that stymies an investigation,” he said.
The intelligence community is not bankrupt of innovators, by any means.
In-Q-Tel, a CIA-backed venture capital firm, has borne fruit from technologies it helped seed at open source threat analysis firm Recorded Future and data-sleuthing company Palantir, among some roughly 200 startups.
But sometimes, uncleared execs create gadgets and services that have unintentional classified applications, Honey said.
The spy community might look at, for instance, Twitter analytics to discern how a mass civilian casualty incident overseas is affecting foreign sentiment toward America.
Social media “is in many cases an indicator of developments that previously we never would have had access to. One time, the best open source information source would have been CNN,” Honey said. “But today, with all the social media activity that’s out there, we need to understand what’s coming before it gets here — not after it’s already here and now we’re behind the curve in understanding how to interpret it.”
People might ask, “How could you not follow what goes on, on Twitter?” he added. ”Well, it hasn’t been around that long,” he added.
Crowdsourcing Classified R&D
The data analytics roadmap fills up a couple of sheets in a 26-page unclassified 2016-2020 DNI science and technology strategy posted online in recent days.
Bringing the paper to life already has required the use of social media. Contractors and intelligence agencies are crowdsourcing updates to the document and matching agency needs with funded corporate projects on a classified website, Honey said.
The collaboration environment is located on a Top Secret system called Jwics, for Joint Worldwide Intelligence Communications System.
It’s easy to compare this venture to a wiki, but unlike, say, Wikipedia, the spy system must be able to push out edits to relevant agencies and relevant companies in a timely fashion.
Agencies “need to be able to post the challenge in a way that the system automatically alerts the right technology suppliers,” and “if you’re a technology provider and you are posting new solutions, the solutions need to be able to find their way to the customer” without everybody doing a search every day, Honey said.
If feasible, DNI will create a public Web space for individuals without clearances to contribute suggestions for the unclassified strategy, he said.
Other roadmaps designed during the recent contractor workshops chart rifts in, among other things, space capabilities, global proliferation prediction capacity, and the ability of novel sensors to reveal adversary actions.
The businesses that participated in the meetings are gathering a week from Monday to start developing yardsticks for measuring progress in each gap area, Honey said.
Outsiders wanting to help equip spies who have not been briefed on Top Secret intelligence are not necessarily at a disadvantage. They might be more likely to devise technologies that go beyond mere upgrades.
“If you are too close to the classified information, you are going to try to create a faster horse,” Honey said. “Quite often, people who have just a general knowledge of what we’re trying to do are in a better position to help us think about new solutions, than those who are deeply ingrained in the machine.”
DefenseOne: http://bit.ly/1Kpo2bH

 

 

« Investors Pour $Billions in to Cybersecurity
Addressing the Predictive Analytics Skills Gap »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Ahope

Ahope

Ahope is a mobile security solution provider in Korea with a long history of security solution development.

Avatier

Avatier

Avatier identity management software products automate identity access management, user provisioning and IT governance to ensure information security and compliance.

CryptoCodex

CryptoCodex

Cryptocodex has developed Counter-Fight, the most advanced, yet simple to implement, counterfeit detection system.

Syhunt Security

Syhunt Security

Syhunt is a leading player in the web application security field, delivering its assessment tools to a range of organizations across the globe.

ACET Solutions

ACET Solutions

ACET Solutions delivers a wide range of Automation, Cyber Security and Enterprise IT/OT Integration Solutions to industrial clients.

Delfigo Security

Delfigo Security

Delfigo Security, a pioneer in intelligent authentication, provides a strong, multi-factor authentication solution to prevent identity theft and reduce fraud.

Shearwater Group

Shearwater Group

Shearwater Group is an award-winning organisational resilience group that provides cyber security, advisory and managed security services to help secure businesses in a connected global economy.

Phished

Phished

Phished is an AI-driven platform that focuses on the human side of cybersecurity. By combining fully automated training software with personalised, realistic simulations of cyberattacks.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

CYGNVS

CYGNVS

CYGNVS is a guided cyber crisis response platform providing anytime, anyplace access. A SaaS platform for cyber crisis management – a safe way to connect and control your response.

Catalyst Campus For Technology & Innovation

Catalyst Campus For Technology & Innovation

Catalyst Campus is a collaborative ecosystem to create community, spark innovation and stimulate business growth.

Aegis Cyber Defense Systems

Aegis Cyber Defense Systems

AEGIS is a powerful cybersecurity tool that can help protect your devices and networks from cyber threats, and increase performance.

Brightside AI

Brightside AI

Brightside AI is a Swiss cybersecurity SaaS that helps teams combat AI-enabled phishing threats. Protect your team today.

CyberNut

CyberNut

CyberNut are a security awareness training solution built exclusively for schools.

Twilio

Twilio

Twilio are the customer layer for the internet, powering the most engaging interactions companies build for their customers. We provide simple tools that solve hard problems.

Digital Technologies Group (DTG)

Digital Technologies Group (DTG)

DTG are a digital transformation company helping process organisations embrace smarter manufacturing through the adoption of industry 4.0 technologies and solutions.