Amazon-CIA Deal Would Fit Intel Community Strategy - InformationWeek
03:05 PM
Connect Directly
Building Security for the IoT
Nov 09, 2017
In this webcast, experts discuss the most effective approaches to securing Internet-enabled system ...Read More>>

Amazon-CIA Deal Would Fit Intel Community Strategy

Reported deal for Amazon to help develop CIA's private cloud infrastructure squares with intelligence community strategy to work with public cloud vendors.

Spy Tech: 10 CIA-Backed Investments
Spy Tech: 10 CIA-Backed Investments
(click image for larger view and for slideshow)
A report that the CIA has turned to Amazon to build and manage a private cloud computing environment for the agency is consistent with the IT strategy outlined by intelligence officials over the past two years.

The CIA declined comment on the report by government tech trade publication FCW that the Central Intelligence Agency has agreed to a multi-year deal with Amazon to help the CIA build a private cloud computing infrastructure, nor did Amazon respond to InformationWeek by publication time.

However, such a deal aligns with plans, publicly discussed by the CIA and Intelligence Community (IC) officials over the last two years, to bring commercial cloud computing technology and methodologies inside IC firewalls.

"As a general rule, the CIA does not publicly disclose details of our contracts, the identities of our contractors, the contract values or the scope of work," a CIA spokesperson told InformationWeek. The CIA also offered no comment on whether the agency is, more broadly, integrating or planning to integrate public cloud computing technology into the CIA's own private cloud computing infrastructure.

[ Recent VMware cloud announcements have caused a stir. Read Will VMware Challenge Amazon Head On? ]

The Office of the Director of National Intelligence said only in response to a similar query that it plans to use "cloud technologies" as part of the broader IC enterprise IT strategy, and that such plans would involve "leveraging partnerships with industry partners."

An effort to work with large public cloud computing vendors to bring their technology in-house squares with past statements by IC officials about the cloud computing plans of the CIA and the IC. Those statements indicate that the IC has been working toward something similar to the deal reported by FCW, which FCW estimated at 10 years and as much as $600 million.

The idea of working with a public cloud computing vendor might have first publicly surfaced in October 2011, when CIA CTO Gus Hunt said at InformationWeek Government's GovCloud event that the CIA was looking to work with vendors to bring their public cloud computing environments inside IC firewalls.

Hunt said at the time that he was looking to "work with commercial cloud vendors to bring, inside our world at the classified level, some level of the efficiencies and scales that they have developed outside." Hunt added that vendors had been receptive to the idea.

Days before the GovCloud event, Hunt spoke about the CIA's cloud computing plans at Amazon's AWS Gov Summit conference, though, at that event, he made no mention of bringing Amazon technology inside the CIA.

In May 2012, U.S. Intelligence Community CIO Al Tarasiuk said that the IC more broadly was developing "an architecture where we're going to bring some commercial cloud capabilities inside our fence lines," and would use "the provider's business processes with the provider driving those to help us" alongside some government-managed cloud technologies.

This work would be part of a broader IC plan called the Intelligence Community IT Enterprise to integrate and consolidate intelligence community IT and turn the five highest-spending intelligence agencies into IT service providers for the rest of the IC.

Tarasiuk said in an August interview with InformationWeek that the idea to bring "commercial cloud capabilities" inside IC firewalls originated with the CIA, which, he said, "was on a path to leverage commercial industry to bring within their fence line an Internet-scale [cloud computing] capability."

Even if the specific deal between the CIA and Amazon continues to go unconfirmed, given recent remarks of intelligence officials, an effort to work with public cloud computing vendors in some way is likely underway.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Strategist
3/22/2013 | 10:41:16 PM
re: Amazon-CIA Deal Would Fit Intel Community Strategy
Who's more likely to keep the Chinese hackers out of the CIA's data? The CIA IT staff or the Amazon Web Services security team? I don't know for sure, but I can see how the Amazon team would have some advantages. It would be managing a more uniform environment. It would be able to build defenses in depth over that standard environment and maintain a strict set of behaviors that were unreasonable or suspicious for that environment. With automated, real time monitoring, it might isolate an attack as it starts instead of responding after it's done damage, This is not to diss a federal agency's security. I'm sure it's very good. But the cloud vendor starts off with the advantage of a environment on which it's imposed and maintained certain requirements. Over many years, most federal IT and most enterprise IT ends up with more of a mixed bag, meeting many different momentary needs. Charlie Babcock, editor at large, InformationWeek
John Foley
John Foley,
User Rank: Apprentice
3/22/2013 | 4:01:09 PM
re: Amazon-CIA Deal Would Fit Intel Community Strategy
If it happens that Amazon builds a private cloud within the fence lines of the CIA/IC, that would be among the newest and most compelling examples of public sector adoption of private sector best practices. The model itself isn't new -- there are plenty of government-owned, contractor-operated (GO-CO) data centers. But it may be the first example of an Amazon cloud in a federal data center, and an intelligence cloud at that. Many unanswered questions, but a real cloud first if true.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll