"Some people say we've just got to get some better tools. Well, tools come and tools go," said NSA CIO Lonny Anderson in an interview with InformationWeek at the agency's National Cryptologic Museum in Fort Meade, Md. "The key is architecture. You build an architecture, then it doesn't matter that tools come and go. There's no doubt in my mind that when we connect architectures, we'll never look back."
In its dual mission of signals intelligence (intercepting foreign communications and electronic signals) and securing the military's IT systems, NSA is a sophisticated IT organization. As head of NSA's technology directorate, Anderson works closely with NSA director Gen. Keith Alexander, with whom Anderson served in the Army before retiring in 2001. NSA, like other organizations within the 17-member U.S. Intelligence Community (IC), has redoubled its efforts at information sharing with other intelligence agencies following the attempted bombing of a Northwest Airlines flight from Amsterdam to Detroit on Dec. 25, 2009.
Anderson said he believes that technology teams in the IC can foster collaboration by working together on IT architecture and infrastructure. One such project, called "the Quad," is a joint initiative between NSA, the National Reconnaissance Office, the National Geospatial-Intelligence Agency, and the Defense Intelligence Agency to develop a shared development environment. A first step, underway now, is development of a role-based identity management framework to provide database access across agency lines. Developers are being trained to use the new framework.
Another cross-agency effort is the Integrated Intelligence Pilot, or I2P, which involves deploying software and servers on the IC's classified network, the Joint Worldwide Intelligence Communications System, so developers can share applications and run database queries across agencies. "Instead of taking data from CIA-specific or NSA-specific repositories, or FBI or DIA, you'll be able to query via the cloud into those organizations and ask, 'Do you have information that meets this question?', and they'll be able to say, 'Yes or No'," Anderson said.
NSA's CIO is optimistic that such efforts will lead to a new level of integration and data sharing. "Come back a year from now, and it'll be a much different discussion on what data we can share and how," he said.
Anderson is contemplating making some of the code developed for the intelligence cloud available as open source, similar to what NASA did with its Nebula cloud software and, more recently, the Office of Management and Budget with its Web dashboard. "I want to take advantage of developers not just across the IC, but developers everywhere," he said. A "security wrapper" would protect sensitive code.
Planning is underway to replace NSA's code-deciphering cryptologic centers in Texas, Georgia, and Hawaii, which house IT and communications systems dating to the 1980s, with three new centers. Anderson said he sees it as a "once in a lifetime" opportunity for IT overhaul. The centers' new IT infrastructure will include thin clients, wireless networking, and private clouds. "What we don't want to do is just lift and shift that legacy infrastructure and processes and ancient servers over to these brand-new facilities," Anderson said. "We're using this as a forcing function."
Thin clients should improve productivity, manageability, and security, he added. They will let the agency ditch the multiple computers needed by employees to access different security domains, while making machines easier to secure and more secure. NSA is rewriting some of its apps to work in the thin client environment.
Mobility is a big thrust, too. Laptops, seldom used in the past, will become commonplace, and NSA's information assurance directorate is developing technology to secure top secret information on smartphones and tablets. The agency has launched a project, called Ozone and being tested internally and by the Army and the Navy, to create a "marketplace" where users can find and download apps. Outside developers will be able to write and publish apps to the marketplace using an Ozone software development kit.
At the same time, the agency seeks to accommodate employees who want to use consumer technologies at work. "We can't keep pace with the Googles, and we're not going to out-Apple Apple," says Anderson. "But we need to take advantage of what they're doing, and make sure our workforce is exposed to the same technologies."
The agency's data centers are getting a fresh look as part of the infrastructure upgrade tied to the new cryptologic centers. "It gives you a chance to look at all of your data centers and servers, identify those that are at end of life, replace or get rid of them, and virtualize them if you can," says Anderson.
NSA operates three private clouds: a utility cloud, a storage cloud, and a data cloud. The utility and storage clouds are pooled resources, while the data cloud uses security-cloaked versions of the Hadoop and MapReduce open source programs to manage and sift through massive data volumes.
Like all federal agencies, NSA is also working to bolster its cybersecurity posture. Chief information security officer Martha Mahan oversees 24x7 network monitoring and risk management efforts such as software testing. "There's a belief that if you discover information via [signals intelligence], it's going to be accurate because people believe they're talking securely," says Anderson. "We now understand that may not be the case, so we've got to make sure that our networks are secure and that someone's not trying to steal our information, deceive us, or lead us down a wrong path."
NSA's IT team works closely with the agency's Information Assurance Directorate, with DoD's Cyber Command unit (led by Gen. Alexander), and with Homeland Security, as well as with academia and the private sector to secure DoD systems and critical U.S. infrastructure.
"We get a unique insight through our foreign intelligence mission that takes place across the globe," says Anderson. "Attacks include state and non-state actors, and some of those groups, people, organizations or countries have very developed technical capabilities and organizational functionality. To counter that, you've got to have active defense. We can't do it alone."
NSA is building a $1.5 billion data center at Camp Williams in Utah to help protect Uncle Sam’s computer systems, including those of civilian agencies. NSA's technology directorate will manage the data center’s IT infrastructure.