18
TTIC and Information Sharing TTIC exists, in large part, because before 9/11 the USG didn’t know what the USG already knew

TTIC and Information Sharing

  • Upload
    danyl

  • View
    47

  • Download
    0

Embed Size (px)

DESCRIPTION

TTIC and Information Sharing. TTIC exists, in large part, because before 9/11 the USG didn’t know what the USG already knew. Overview. General Context to Information Sharing An Issue of Balance Keeping Horizontal Integration in Perspective The Terrorism Context Why TTIC? - PowerPoint PPT Presentation

Citation preview

Page 1: TTIC and Information Sharing

TTIC andInformation Sharing

TTIC exists, in large part, because before 9/11 the USG didn’t know what the USG already knew

Page 2: TTIC and Information Sharing

Overview

• General Context to Information Sharing– An Issue of Balance– Keeping Horizontal Integration in Perspective

• The Terrorism Context– Why TTIC?– TTIC and Information Sharing– TTIC initiatives– The Business Process Issue

• Conclusions/Caveats

Page 3: TTIC and Information Sharing

An Issue of Balance

Immediately devolve from the bumpersticker to the security, policy, legaltechnical issues. No quick fixes.

•Sources & Methods: ORCON•Operational Considerations•U.S. Persons/Privacy issues•Technical interoperability

EverythingTo

Everybody

“DataOwner-Ship”

?

Page 4: TTIC and Information Sharing

Horizontal Integration: Keeping Perspective

Data

Knowledge

Horizontal Integration

HI, without (a lot of) focus on analytic art, raisesthe specter of the IC simply being wrong faster….

WhatAbout9/11?

IndianNuc test

NK TD-1 launch

ChineseEmbassy

IraqiWMD

Intelligence “Failures”

Page 5: TTIC and Information Sharing

Some background on TTIC…

Comprehensive Picture of

Terrorist Threats

Homeland Security

Military IntelForeign Intel

TTICLaw

Enforcement

•Presidential Initiative•Independent joint venture

--5 partner orgs--Reporting to DCI

•Mission: “full integration of terrorism information collected domestically or abroad” •Will be subsumed by NCTC

Page 6: TTIC and Information Sharing

TTIC and Terrorism Info Sharing

• Policy Context• Community

Progress• TTIC access• TTIC

Dissemination

Policy Context (we’re all on notice)•DCID 2/4: “unfettered access” for TTIC•Homeland Security Act: DHS gets access to “all” terrorism info•Information Sharing MOU: terrorism and WMD info “will” be shared.•HSPD 6: TTIC and TSC full access to support identities data base and watchlisting•DCID 8-1, Info Sharing EO….

Page 7: TTIC and Information Sharing

Community Progress

• Community reporting increases by factor of 2.5 since 911

• ORCON down…but…• Tearlines up…• TTIC’s information sharing

program office working with IC on range of impediments

• Terrorist identities data base

0

8000

16000

1st Qtr 2nd Qtr 3rd Qtr 4th Qtr

0

20000

40000

60000

1994 1997 2000 2003

10 years oftearlines

ORCONIn 2003

Page 8: TTIC and Information Sharing

State & Local Govt, Law Enf, Private Sector

TTIC

* i.e., HHS, USDA,

EPA, DOE

STATE

CIA

FBI

NGA

NSA

DIA

DHS

OTHERGOVERNMENT AGENCIES *

DoD

WHITEHOUSE

Information Sharing Framework

Page 9: TTIC and Information Sharing

TTIC Network Connectivity

Note:Not all analysts access all networks ortools; mission requirements determine access.

CIA ADNCIA AIN

CIA JWICSFBIS PRINCE

ION

INSCOM IDCNetSIPRNet

JWICSStone Ghost

NSANet

NGANet

DoE SEAS

State INRSSState OpenNet

Dial-Up networks:

TECSSecret ServiceUSCG Intranet

ADNetDoJ JCONDoJ OASISFBI Internet CafeFBINetFBI SCIONNCIC

OSIS

NRO GWAN

Page 10: TTIC and Information Sharing

In Pursuit of “Unfettered Access”

• Good…and Bad News• TTIC “rules of the road”:

allow broad internal sharing

• Cumbersome: technical and security policy issues

• Sanctum Architecture will allow federated search

Page 11: TTIC and Information Sharing

TTIC Strength: Information Sharing

• TS/SCI HCS• Full range of products:

finished reports; disseminated traffic; data bases

• A data mart• The primary source of

terrorism information for the USG

• 120 participating organizations and growing

CT Link Sept 2001 TTOL Oct 2004

400+ users 3500+ users

20 sessions/week 1000 sessions/week

4 products types 92 product types

14 FBI reports/month 450 FBI reports/month

1 million documents 3.5 million documents

Page 12: TTIC and Information Sharing

TOL Customers by OrganizationOct 04: 3500+ Active Users

DIA (216)8%

TTIC (129)5%

CIA (503)19%

Other DOD (895)34%

FBI (416)16%

NSA (83)3%

DHS (220)8%

Other Federal Groups (128) 5%

STATE (50)2%

Other DOD Organizations

Air Force

Air Force Office of Special Investigations

Army

Central Command

Defense Logistic Agency

Defense Threat Reduction Agency

European Command

Joint Chiefs of Staff

Joint Counter-intelligence Analysis Group

Joint Forces Command

Joint Special Operations Command

Joint Warfare Analysis Center

Marines

National Ground Intelligence Center

National Imagery and Mapping Agency

National Military Joint Intelligence Center

Naval Surface Warfare Development Group

Navy

Northern Command

Pacific Command

Southern Command

Special Operations Command

Transportation Command

Other Federal Agencies

Agriculture

Bureau Alcohol, Tobacco, & Firearms

Capitol Police

Energy

Federal Aviation Administration

Federal Reserve Board

General Services Administration

Health & Human Services

Interior

Justice

National Recon Office

National Security Council

NASA

Nuclear Regulatory Commission

Transportation

Treasury

US Postal Service

WARN 7

CIA

DIA

FBI

NSA

State/INR

TTIC

DHS

Coast Guard

Customs/ICE

Department of Homeland Security

INS

Secret Service

Transportation Security Agency

Page 13: TTIC and Information Sharing

Information Sharing of Terrorist Identities Intelligence

• 4 Separate terrorist identities data bases– CIA– DoD– State/TIPOFF– FBI

• Dozen watchlists, haphazardly maintained

• A single USG repository of international terrorist identities, foreign and domestic

• Supporting Terrorist Screening Center’s watchlisting effort

Pre 9/11 TTIC/HSPD-6

Page 14: TTIC and Information Sharing

Terrorist Watchlist Business Process - Phase II

DHS(IBIS)

FBI(NCIC)

DoS(CLASS)

DoD

SelectedForeignGov'ts

CLASSIFIED SBU

Terrorist ThreatIntegration Center

Feedback

BTS: Border SecurityTSA: Common CarrierCritical InfrastructureHomeland SecurityAdvisor

Local Law Enforcement

Consular Affairs

Military Bases

InternationalCooperation

Data ElementsExtracted

11/11/03

FTTTF

24 X 7 Telephonic Support to End Users

Terrorist ScreeningCenter

TIDEONLINE

IntelligenceCommunity

Law EnforcementJTTTFs

Accept/Reject

FBI(State and Local Gov't)(Foreign Gov't)

CIA(Foreign Gov't)

NSA

DoD

DIA

Treasury

DoS

DHS(State and Local Gov't)

Public Source

ScreeningDatabase

JWICS

OperationalSupport

Adjudication

Review &Create/UpdateRecord

EnhanceRecord

NominationDecision

TIDE

FBI DomesticTerrorism

Information

ExpeditedNominations

UNCLASSIFIED // FOUO

Page 15: TTIC and Information Sharing

TS

/S

CI

DHS FBI

Secr

et

SB

U

Collaboration viaTTIC Online

Collaboration viaTTIC Online

Inte

llig

en

ce

Com

mu

nit

y

Dep

art

men

t of

Defe

nse

Information Sharing

Collaboration viaTTIC OnlineB

ord

er

& T

ran

sp

ort

ati

on

Secu

rity

Scie

nce &

Tech

nolo

gy

Em

erg

en

cy P

rep

are

dn

ess &

R

esp

on

se FB

I-JT

TFs

Law

En

forc

em

en

t

Info

rmati

on

An

aly

sis

&

In

frastr

uctu

re

Pro

tecti

on

Offi

ce o

f th

e P

resid

en

t

INFORMATION SOURCES

Page 16: TTIC and Information Sharing

Some Final Caveats

Information Sharing: Necessary but Not Sufficient

Page 17: TTIC and Information Sharing

Problem: A Lack of Critical Mass

• Tooth to tail problem• Analysis: adding new

knowledge vs packaging and situational awareness

• “Analyst” population small•Production Staff•Care & Feeding•Mgment overhead•Info technology

AnalyticTooth

Tail

Watch

AM BriefWarning

Analysts

Typical Terrorism Analytic Org

Unfettered sharing without the appropriate business process can have pernicious downside impact

IMPACT•Shallow/redundant analysis•Enthusiastic amateur

Page 18: TTIC and Information Sharing

Conclusions/Caveats

• Substantial progress/many initiatives…

• …Much work to do

• TTIC 2nd to none in support of info sharing

• Caveats:– Be wary of the “bumper sticker”– Information sharing is no panacea

• Dots won’t get randomly connected• Be careful: Not all opinions are equal• “Effective” info sharing of growing concern

Must get the Business Process Right: NCTC