Jim Danoy, Former Executive, Defense Intelligence Agency
Cipher Brief Expert Jim Danoy is a former defense intelligence executive and served as the National Intelligence Manager for Europe and NATO at the Office of the Director of National Intelligence and was a President’s Daily Brief (PDB) briefer for President Obama.
OPINION — The image of the intelligence officer has always been one of working in the shadows. The operational case officer about to meet her source, cautiously walking through the dark, damp alleyways of a foreign city employing countersurveillance tradecraft to avoid detection by a hostile counterintelligence service. The intelligence analyst and cryptologist toiling away amidst mounds of highly classified data behind an imposing ciphered door in a secured facility hardened against electronic eavesdropping—the so-called ‘SCIF” or Sensitive Compartmented Information Facility.
While these images are based on reality—during my 35+ year career as an intelligence analyst I spent most of my time working in windowless vaults illuminated by the warm glow of computer monitors–this industrial age construct in which intelligence officers commute to and gather in large cubicle-laden brick and mortar facilities need not and should not remain the fate of the Intelligence Community. Technological breakthroughs in information and communications technology, particularly over the first two decades of this century have unshackled businesses from their traditional moorings both in an intellectual sense and a physical sense. The COVID-19 pandemic has accelerated the trend towards remote work by businesses that can conduct their work virtually. To be sure once the pandemic is under control, some of these businesses will choose to resume performing certain functions in traditional in-person office environments, but the remote and telework genie is out of the bottle and there is no turning back to pre-COVID-19 “business as usual”.
If Not Now, When?
Due to the classified nature of the “business of intelligence”, the IC has faced special challenges in addressing the health and safety of its workforce during the pandemic while having to perform its national security mission of providing timely and relevant intelligence to decision-makers. Intelligence is a team sport requiring close collaboration throughout the intelligence process of collection, processing, analysis, and dissemination. Intelligence agencies have resorted to shift work to reduce the office foot print and assigning at home unclassified training course requirements to keep the workforce active and engaged. These efforts have likely had mixed results as the IC business model is simply not compatible with working remotely.
So, what is to be done? The IC is in the “secrets” business. It deals with classified information. There will always be a requirement to have a certain sector of the IC workforce in SCIFs sequestered in large brick and mortar buildings. First, the IC needs to undertake a comprehensive mission analysis on what IC functions must be performed inside a traditional office SCIF on highly classified systems and which functions can potentially be performed remotely via a secure intranet. Mission support functions such as logistics and human resources lend themselves well for such an examination. Time sheets, benefits, and training and education for example could potentially be performed by remote personnel with manageable risk. Second, following this mission review the IC should undertake a “pilot program” to test the feasibility of performing certain functions from remote locations.
OSINT Analysis: Feeding Spook Central
Research and analysis which is the heart and soul of the intelligence business must also be on the table for remote work. The ascendancy of publicly available information (PAI) as a rich source of data and information for the IC, so-called “open-source intelligence” (OSINT), combined with the availability of collaborative information systems is the “perfect storm” for a remote and teleworking construct. As part of the IC review and pilot program the feasibility of establishing a permanent cadre of OSINT analysts who would work remotely should be examined. These OSINT analysts would perform first phase research and analysis on an assigned country, region, or functional area. This analysis, properly caveated could be published and disseminated outright to consumers as first phase open-source analysis. However, the primary mission of these OSINT analysts would be to provide this “first phase” analysis to their respective intelligence agency headquarters for further analysis and fusion with exquisitely-acquired material by intelligence analysts with access to classified data, information, and finished intelligence working in secured facilities on classified secured networks.
The advantages of this approach are multi-fold. OSINT analysts can work remotely. This means the IC can more readily tap into analytic talent which is unwilling or unable to relocate to the primary intelligence centers. OSINT analysts would undergo security background checks; however, they would not require high-level clearances thus reducing the time and funds expended to bring these analysts into the IC. This has an additionally benefit for example of facilitating the in-processing of naturalized U.S. citizen candidates with continuing ties with their native country who possess much desired foreign language skills and cultural knowledge.
We have the Tools and we have the Talent
Let’s be clear we are not talking about risk avoidance, but risk management. There will always be a degree of risk involved but thinking innovatively and working collaboratively the IC can devise a remote/teleworking regime which can increase workforce productively in a secure manner opening up additionally opportunities to tap into the country’s talent. Remote work protocols, tradecraft, and tools such as anonymizers and identity verification will need to be developed and employed. The recent SolarWinds incident in which the Russians allegedly attached malware to the firm’s software update infecting numerous private and government computer networks underscores the risk.
The path is clear. The IC must fully embrace working remotely as part of its architecture and embed it into its DNA. The Industrial Age, bricks and mortar approach will not be agile enough to address the security challenges of the 21st century. Our adversaries will increasingly leverage new and emerging technologies to achieve decisive advantage over the U.S. We must respond in kind. Director of National Intelligence Avril Haines in her Senate confirmation hearing made clear that “promoting innovation” would be a top priority of her tenure. A diverse IC workforce which includes a certain percentage of officers performing designated functions remotely and securely from home or other non-traditional office spaces will strengthen IC resiliency. The pandemic has necessitated innovation and risk taking on the part of corporate America. The IC must follow suit. There is no turning back.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief