Another sign of progress is the evolution of the Integrated Justice Information Systems (IJIS) Institute Springboard, which helps certify that information systems used by public safety agencies can exchange information according to common technical standards agreed to by government and industry groups. Springboard gained visibility last December when it was used to certify a new Web-based information exchange developed for state public health agencies to collect and analyze information on the prescription, dispensation and use of prescription drugs.

"Today 60% of the costs and 80% of the management risks are around legacy systems," and identity and access management, Paul said. IJIS Springboard makes it easier for government agencies to buy commercial technology by streamlining the work involved in ensuring systems comply with information exchange standards. Paul noted that Springboard was also an example of increasing efforts to work with industry in refining technical standards for exchanging information.

Perhaps one of the most promising advances Paul is seeing in this effort is the construction of new information-sharing environments at the state and local level. He pointed to a project in New Jersey to build an operations and intelligence center to support statewide law enforcement, homeland security and emergency management efforts. The project makes use of ISE's national information sharing architecture. "We think this is leading edge," he said.

There's also progress with federal agencies to gather and analyze information more quickly. The FBI's Guardian system, for example, aggregates and processes leads and tips generated by FBI field offices, state and local police forces, and the public.

After a news conference following the Boston Marathon bombings on April 18, the FBI received more than 5,700 tips on that day alone and about 15,000 tips in the days following, enabling the FBI to generate 119 investigative leads for assessment, according to the ISE report to Congress. ISE earlier this year introduced its interoperability framework, which defines information requirements and offers baseline standards for networks and the services that use them to exchange information. The framework is significant, Paul said, because it aligns guidelines for making systems interoperable with underlying architectures used by the government, including the Federal Enterprise Architecture Framework. The final version of the ISE Interoperability Framework is due to be delivered in November.

Paul acknowledges that the ISE's "Annual Report to Congress on National Security Through Responsible Information Sharing" is hardly light reading. But it's important reading for CIOs in and outside of government, he said, in that it "provides an enterprise view of where we've been, where we are and where we're going" in exchanging information more effectively.