TTIC and Information Sharing
description
Transcript of TTIC and Information Sharing
TTIC andInformation Sharing
TTIC exists, in large part, because before 9/11 the USG didn’t know what the USG already knew
Overview
• General Context to Information Sharing– An Issue of Balance– Keeping Horizontal Integration in Perspective
• The Terrorism Context– Why TTIC?– TTIC and Information Sharing– TTIC initiatives– The Business Process Issue
• Conclusions/Caveats
An Issue of Balance
Immediately devolve from the bumpersticker to the security, policy, legaltechnical issues. No quick fixes.
•Sources & Methods: ORCON•Operational Considerations•U.S. Persons/Privacy issues•Technical interoperability
EverythingTo
Everybody
“DataOwner-Ship”
?
Horizontal Integration: Keeping Perspective
Data
Knowledge
Horizontal Integration
HI, without (a lot of) focus on analytic art, raisesthe specter of the IC simply being wrong faster….
WhatAbout9/11?
IndianNuc test
NK TD-1 launch
ChineseEmbassy
IraqiWMD
Intelligence “Failures”
Some background on TTIC…
Comprehensive Picture of
Terrorist Threats
Homeland Security
Military IntelForeign Intel
TTICLaw
Enforcement
•Presidential Initiative•Independent joint venture
--5 partner orgs--Reporting to DCI
•Mission: “full integration of terrorism information collected domestically or abroad” •Will be subsumed by NCTC
TTIC and Terrorism Info Sharing
• Policy Context• Community
Progress• TTIC access• TTIC
Dissemination
Policy Context (we’re all on notice)•DCID 2/4: “unfettered access” for TTIC•Homeland Security Act: DHS gets access to “all” terrorism info•Information Sharing MOU: terrorism and WMD info “will” be shared.•HSPD 6: TTIC and TSC full access to support identities data base and watchlisting•DCID 8-1, Info Sharing EO….
Community Progress
• Community reporting increases by factor of 2.5 since 911
• ORCON down…but…• Tearlines up…• TTIC’s information sharing
program office working with IC on range of impediments
• Terrorist identities data base
0
8000
16000
1st Qtr 2nd Qtr 3rd Qtr 4th Qtr
0
20000
40000
60000
1994 1997 2000 2003
10 years oftearlines
ORCONIn 2003
State & Local Govt, Law Enf, Private Sector
TTIC
* i.e., HHS, USDA,
EPA, DOE
STATE
CIA
FBI
NGA
NSA
DIA
DHS
OTHERGOVERNMENT AGENCIES *
DoD
WHITEHOUSE
Information Sharing Framework
TTIC Network Connectivity
Note:Not all analysts access all networks ortools; mission requirements determine access.
CIA ADNCIA AIN
CIA JWICSFBIS PRINCE
ION
INSCOM IDCNetSIPRNet
JWICSStone Ghost
NSANet
NGANet
DoE SEAS
State INRSSState OpenNet
Dial-Up networks:
TECSSecret ServiceUSCG Intranet
ADNetDoJ JCONDoJ OASISFBI Internet CafeFBINetFBI SCIONNCIC
OSIS
NRO GWAN
In Pursuit of “Unfettered Access”
• Good…and Bad News• TTIC “rules of the road”:
allow broad internal sharing
• Cumbersome: technical and security policy issues
• Sanctum Architecture will allow federated search
TTIC Strength: Information Sharing
• TS/SCI HCS• Full range of products:
finished reports; disseminated traffic; data bases
• A data mart• The primary source of
terrorism information for the USG
• 120 participating organizations and growing
CT Link Sept 2001 TTOL Oct 2004
400+ users 3500+ users
20 sessions/week 1000 sessions/week
4 products types 92 product types
14 FBI reports/month 450 FBI reports/month
1 million documents 3.5 million documents
TOL Customers by OrganizationOct 04: 3500+ Active Users
DIA (216)8%
TTIC (129)5%
CIA (503)19%
Other DOD (895)34%
FBI (416)16%
NSA (83)3%
DHS (220)8%
Other Federal Groups (128) 5%
STATE (50)2%
Other DOD Organizations
Air Force
Air Force Office of Special Investigations
Army
Central Command
Defense Logistic Agency
Defense Threat Reduction Agency
European Command
Joint Chiefs of Staff
Joint Counter-intelligence Analysis Group
Joint Forces Command
Joint Special Operations Command
Joint Warfare Analysis Center
Marines
National Ground Intelligence Center
National Imagery and Mapping Agency
National Military Joint Intelligence Center
Naval Surface Warfare Development Group
Navy
Northern Command
Pacific Command
Southern Command
Special Operations Command
Transportation Command
Other Federal Agencies
Agriculture
Bureau Alcohol, Tobacco, & Firearms
Capitol Police
Energy
Federal Aviation Administration
Federal Reserve Board
General Services Administration
Health & Human Services
Interior
Justice
National Recon Office
National Security Council
NASA
Nuclear Regulatory Commission
Transportation
Treasury
US Postal Service
WARN 7
CIA
DIA
FBI
NSA
State/INR
TTIC
DHS
Coast Guard
Customs/ICE
Department of Homeland Security
INS
Secret Service
Transportation Security Agency
Information Sharing of Terrorist Identities Intelligence
• 4 Separate terrorist identities data bases– CIA– DoD– State/TIPOFF– FBI
• Dozen watchlists, haphazardly maintained
• A single USG repository of international terrorist identities, foreign and domestic
• Supporting Terrorist Screening Center’s watchlisting effort
Pre 9/11 TTIC/HSPD-6
Terrorist Watchlist Business Process - Phase II
DHS(IBIS)
FBI(NCIC)
DoS(CLASS)
DoD
SelectedForeignGov'ts
CLASSIFIED SBU
Terrorist ThreatIntegration Center
Feedback
BTS: Border SecurityTSA: Common CarrierCritical InfrastructureHomeland SecurityAdvisor
Local Law Enforcement
Consular Affairs
Military Bases
InternationalCooperation
Data ElementsExtracted
11/11/03
FTTTF
24 X 7 Telephonic Support to End Users
Terrorist ScreeningCenter
TIDEONLINE
IntelligenceCommunity
Law EnforcementJTTTFs
Accept/Reject
FBI(State and Local Gov't)(Foreign Gov't)
CIA(Foreign Gov't)
NSA
DoD
DIA
Treasury
DoS
DHS(State and Local Gov't)
Public Source
ScreeningDatabase
JWICS
OperationalSupport
Adjudication
Review &Create/UpdateRecord
EnhanceRecord
NominationDecision
TIDE
FBI DomesticTerrorism
Information
ExpeditedNominations
UNCLASSIFIED // FOUO
TS
/S
CI
DHS FBI
Secr
et
SB
U
Collaboration viaTTIC Online
Collaboration viaTTIC Online
Inte
llig
en
ce
Com
mu
nit
y
Dep
art
men
t of
Defe
nse
Information Sharing
Collaboration viaTTIC OnlineB
ord
er
& T
ran
sp
ort
ati
on
Secu
rity
Scie
nce &
Tech
nolo
gy
Em
erg
en
cy P
rep
are
dn
ess &
R
esp
on
se FB
I-JT
TFs
Law
En
forc
em
en
t
Info
rmati
on
An
aly
sis
&
In
frastr
uctu
re
Pro
tecti
on
Offi
ce o
f th
e P
resid
en
t
INFORMATION SOURCES
Some Final Caveats
Information Sharing: Necessary but Not Sufficient
Problem: A Lack of Critical Mass
• Tooth to tail problem• Analysis: adding new
knowledge vs packaging and situational awareness
• “Analyst” population small•Production Staff•Care & Feeding•Mgment overhead•Info technology
AnalyticTooth
Tail
Watch
AM BriefWarning
Analysts
Typical Terrorism Analytic Org
Unfettered sharing without the appropriate business process can have pernicious downside impact
IMPACT•Shallow/redundant analysis•Enthusiastic amateur
Conclusions/Caveats
• Substantial progress/many initiatives…
• …Much work to do
• TTIC 2nd to none in support of info sharing
• Caveats:– Be wary of the “bumper sticker”– Information sharing is no panacea
• Dots won’t get randomly connected• Be careful: Not all opinions are equal• “Effective” info sharing of growing concern
Must get the Business Process Right: NCTC