This is kinda scary, since we want to believe that our spooks have all the tools necessary to protect us. However, it's very consistent with (a) the government environment/mindset, and (b) the insularity caused by traditional approaches to security. Times have changed -- the CIA needs to change too.
A new unclassified report, titled "Failing to Keep Up With the Information Revolution," offers a withering assessment of the CIA's use of IT for intelligence analysis, calling its networking and information-searching capabilities "primitive" and saying that the agency's emphasis on secrecy fundamentally discourages IT use and adoption by CIA analysts. The study's author, Bruce Berkowitz, interviewed almost 100 CIA employees involved in producing national security analysis, including intelligence analysts, technicians and managers.Among other problems, Berkowitz found that CIA analysts must bounce among multiple, isolated systems to gather information, including separate systems on each desk for accessing the CIA's classified network and using the public Internet.
DI agents have no easy way to share classified information with authorized intelligence personnel outside of the CIA or to access information stored in other classified information networks within the government, such as those at the U.S. Department of Defense. "The result is that DI analysts work in an IT environment that is largely isolated from the outside world. If they need to do work that is classified in any way, there is virtually no alternative other than to use the CIA's own, restricted system," the report said.
Contrary to popular depictions of CIA agents using cutting-edge information-gathering technology, Berkowitz found that DI analysts lack access to even the most common information-searching technology for conducting intelligence analysis, such as Web-based search engines.
Although the glacial pace of government IT purchasing is partly to blame for the slow rate of technology adoption within the agency, it isn't the primary source of the CIA's troubles, Berkowitz said. Instead, he put most of the blame on the CIA's obsession with security, which he charged with creating an approach of "risk exclusion" as opposed to "risk management" regarding technology adoption.
As examples of this approach, Berkowitz noted that Palm handheld devices were forbidden in CIA facilities until recently, and it took the agency years to get Internet access to analysts' desktops.
News article via Computerworld.
Full Berkowitz article via the CIA.
Posted by Alan at May 29, 2003 06:08 PM