Government // Cybersecurity
News
3/31/2014
12:10 PM
Connect Directly
RSS
E-Mail
50%
50%

Feds To Improve Threat Information Sharing

Project Interoperability aims to develop and standardize formats for sharing security and threat information among organizations.

Most Wasteful Government IT Projects Of 2013
Most Wasteful Government IT Projects Of 2013
(Click image for larger view and for slideshow.)

The government has established an online collaboration called Project Interoperability to help develop tools and technologies for sharing threat information among organizations inside and outside of government.

The project, recently launched by the Information Sharing Environment (ISE), a partnership between the defense and intelligence communities, addresses the need to make intelligence useable by many parties to counter increasingly sophisticated threats to national and cyber-security.

The need for better information sharing was one of the primary lessons learned from the September 11, 2001 terrorist attacks. Increased dependence on the Internet and the recent emergence -- and convergence -- of cloud and mobile computing to make systems and data accessible anytime from anywhere have stepped up the need for automated collaboration against attacks.

The ability to share information effectively could also help the management of cloud environments, where data and applications can be housed in multiple locations.

[Despite two administration's progress, more must to be done to advance the national strategy for information sharing. Read Information Sharing: Applying What We've Learned Since 9/11.]

"Information interoperability is the ability to transfer and use information in a consistent, efficient way across multiple organizations and IT systems," read a statement on the project's website. "From a technical perspective, interoperability is developed through the consistent application of design principles and design standards."

The project represents the administration's intent to provide a public platform for the development of standardized tools and techniques.

ISE program manager Kshemendra Paul. (Source: Office of Information Sharing Environment)
ISE program manager Kshemendra Paul.
(Source: Office of Information Sharing Environment)

Although the Obama administration has directed agencies to incorporate cloud computing into their IT operations to lower government costs, security remains a barrier to widespread adoption of the cloud, said Pamela J. Wise-Martinez, senior strategic enterprise architect for the Office of the Director of National Intelligence.

"We're going to see over the next few years a lot of work done [to improve cloud adoption]," Wise-Martinez said during a March 25 conference on cloud computing and mobility hosted by the National Institute of Standards and Technology.

Because of the distributed nature of modern computing, as well as the interdependence of information networks and other critical infrastructure, the need to share threat information is growing. The ISE's Project Interoperability is one effort to enable sharing, she said.

The NIST conference brought together experts from government, industry, and academia to discuss the convergence of the cloud and mobility -- two trends dominating computing today, said Keith Trippie, executive director of Homeland Security's Enterprise System Development Office. The consensus among speakers was that security of cloud infrastructure and of mobile devices remains a challenge to realizing the benefits of these trends, and better sharing of information is needed to improve security.

The ISE was established by the Intelligence Reform and Terrorism Prevention Act of 2004 as a result of 9/11 Commission recommendations. Mission partners include the Defense, Homeland Security, Justice, and State departments, along with ODNI and state and local governments.

Project Interoperability will build on existing work such as the National Information Exchange Model (NIEM) and other standards schemes to help government and the private sector identify terms, tools, and techniques to normalize information sharing technology and create a mission-agnostic information sharing network.

"If we're all using different terms, we aren't going to end up with interoperable systems, and we're going to pay for duplicative systems and excessive costs," ISE Program Manager Kshemendra Paul said when announcing the program.

By hosting the project on GitHub, a Web-based collaboration tool, Paul expects to generate ideas from specialists and non-specialists. Subject matter experts will review the suggestions and try to develop tools that capture high-level languages for describing programs and systems, standards compliance programs, reference architectures, architectures for aligning geospatial systems, and threat-sharing tools.

Find out how a government program is putting cloud computing on the fast track to better security. Also in the Cloud Security issue of InformationWeek Government: Defense CIO Teri Takai on why FedRAMP helps everyone.

William Jackson is a technology writer based in Washington, D.C. He has been a journalist for more than 35 years, most recently covering the $80 billion federal government IT sector for Government Computer News. His coverage has ranged from architecture to international ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
3/31/2014 | 11:39:34 PM
Re: Sounds good in theory
Ironically, the post-9/11 increase in information gathering was a response to the need for better information sharing.

"Oh, I still can't figure out how to hammer these nails in.  I better get more screwdrivers!"
jgherbert
50%
50%
jgherbert,
User Rank: Ninja
3/31/2014 | 6:40:27 PM
Re: Sounds good in theory

"At least they've got the information gathering part down..."

Yeah, apparently so ;-) I'm sure that this was something mentioned as an aim as of, say, September 12, 2001, and honestly I don't hold out much hope. The government agencies are still, I believe, too full of paranoia, empire building, politics and plain old "information is power so I'm keeping this" for info sharing to work. Still, I wait to be impressed and proven wrong!

Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Author
3/31/2014 | 4:42:43 PM
Sounds good in theory
I hope it works. Information sharing is a perenial problem in federal agencies. At least they've got the information gathering part down...
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.