ICITE Observations

It seems I have taken October and November off for no apparent reasons other than my day job along with some pro bono work for the ODNI has taken up more time than I thought they would.  When I wrote my last edition of the MazzInt Blog defunding the Affordable Care Act (ACA, aka ObamaCare) was the cause célèbre engaging the Congress as it was trying to avoid a government shutdown. They famously failed and now in the waning legislative days left before the winter holiday recess the Congress is again struggling to get some kind of budget deal in place before the current continuing resolution (CR) runs out on 15 January.  So far over the past two years I have not lost any money betting that the Congress will avoid hard budget choices and eventually agree to a CR with some adjustments.

In the mean time President Basher al Assad has agreed to the enforced destruction of Syria’s chemical weapons in order keep his regime in power and stem international support for the rebels.  Similarly, Iran has agreed to reduce its nuclear enrichment program for six months to get economic sanctions relief and put Israel in a position where it can’t militarily move against the Mullahs’ nuclear weapons program.  Then there is President Kharzhi refusing to sign the status of forces agreement necessary for residual US forces to remain in Afghanistan post withdrawal of combat forces at the end of 2014.  No worries, I am sure a few billion dollars in some kind of aid that he can personally tap into will get this all on track.  Meanwhile over the Thanksgiving Holiday weekend China established a controversial Air Defense Identification Zone (ADIZ) of the East China Sea to thwart Japan from asserting control over the disputed Senkaku Islands north of Taiwan.  In classic Cold War fashion the US immediately challenged this new ADIZ by flying two B-52 (BUFs) into it for over two hours causing the PRC to establish active fighter aircraft patrols in response. This gets dicier when we deploy a carrier strike group into the East China Sea ADIZ and the Peoples Liberation Army Navy (PLAN) responds with surface ships to interfere with flight operations.

Since the government reopened on 18 October though, the dominant national news story has been the botched rollout of Healthcare.gov so especially young healthy Americans could sign up for medical insurance under the Affordable Care Act (ACA).  Both opponents and proponents of the ACA were amazed and dismayed that the Information Technology (IT) necessary to allow uninsured Americans to sign up for the President’s signature program literally did not work because of flaws in the design, development and testing of what is admittedly a complex web site.  This got me thinking about how the DNI’s signature IT initiative  – – –  Intelligence Community Information Technology Enterprise (ICITE; pronounce “eye sight”)  – – –  is doing?  For the record, I view ICITE as essential for delivering an enterprise IT environment required to produce the high quality intelligence needed for decision superiority in the information age that is foundational to the IC remaining relevant.  As PDDNI Stephanie O’Sullivan says about ICITE:  failure is not an option!

In this spirit I have been listening since AFCEA’s Spring 2012 Intelligence Symposium to IC seniors (DNI, PDDNI, ODNI CIO, Agency Directors and CIO/CTO’s) talk about why ICITE is the critical path for moving the IC closer to the integrated end state that all agree with the DNI is necessary for producing better intelligence at lower costs.  What I have not heard any of these seniors say though, is why ICITE will succeed when recent IC IT enterprise efforts such as IC-MAP, GeoScout, Trailblazer, Horizontal Fusion, and JIVA failed to deliver on promised capabilities.  When asked this question IC seniors consistently answer along the following lines: IC leadership is fully committed to ICITE succeeding, budget pressures, and we have burned the boats/we have no other option/failure is not an option.  These bumper sticker responses, however, just reiterate the strategic importance of ICITE to the IC’s collective future without telling anyone how ICITE will avoid the pitfalls of size, cost, interoperability, security, schedule, and program management that got ICITE predecessors “over the breakers.”

But wait, the IC Deputies Executive Committee (DEXCOM) under the leadership of the PDDNI meets weekly to actively steer the direction of ICITE and neither IC-MAP nor those other programs ever had that!  I would feel more confident about the weekly involvement of the DEXCOM in ICITE if the Liberty Crossing II (LX II) “green door” was more transparent regarding decisions being made and the direction being given to individual IC agencies with ICITE Service Provider responsibilities.  Perhaps I have just not been paying attention, but I am not aware of any ICITE activity traceable to DEXCOM direction.  Then there’s the issue of an ad hoc committee of IC Deputy Directors with immediate personal and budget issues to deal with being the management team for a complex and technical effort like ICITE.  Seems like given its importance, running ICITE should be somebody’s full time job.

The DNI regularly describes ICITE as being about tagging the data and tagging the people so information and products can be shared and collaborated on securely across the IC.  Despite the DEXCOM’s prodding, ICITE technical standards for data tagging, security protocols, and identity management have yet to be agreed upon let alone tested.  The cost model for ICITE services and the processes for service providers to be reimbursed for the IT services they provide to other remains under consideration.  Since nothing has been promulgated in open channels, I am presuming ICITE’s acquisition strategy is classified, though I am not sure why it would need to be.  Given that ICITE is going to be developed and delivered as piece parts by individual IC agencies as service providers I am also wondering who/where/how it all gets integrated?  A testing plan for ICITE also needs to be developed, particularly in light of the Healthcare.gov experience.

In its current state and critical importance to IC mission accomplishment, ICITE in corporate speak seems to need an accelerated and vigorous “get fit” program before it can achieve its goals.  Not that anybody is asking (or going to ask) me, I would recommend that the IC DEXCOM direct a strategic pause in order to bring in subject matter experts from across the government (not just the IC) and industry to “RED TEAM” ICITE in order to discern what is working and why, as well as what is lagging and how to correct it.  What the IC doesn’t need is a Walter Pincus column on ICITE missteps or to be answering HPSCI and SSCI questions about why with its importance ICITE can’t deliver basic IT functionality such as Single Sign On (SSO), secure access to data based on identity, authorities, and permissions or is unable to deploy 100,000 Desk Top Environment (DTE) workstations in less than two years.

As the Secretary for Health and Human Services (HHS) now knows, what the DNI can’t allow to happen is for intelligence agencies to be in the situation where ICITE is costing them more than they were spending on IT and providing less capabilities than they had before.  The Healthcare.gov experience is a warning shot across ICITE’s bow that should be heeded!

That’s what I think; what do you think ?