The CIA’s Classified Cloud Is Reducing Tasks from Months to Minutes

IBM servers newly added to a metal cloud environment, Sept. 18, 2015.

PRNewsFoto/IBM/via AP

AA Font size + Print

IBM servers newly added to a metal cloud environment, Sept. 18, 2015.

Launched in April, the intelligence community's 10-year, $600 million Amazon-built infrastructure project is already producing results.

The classified cloud computing infrastructure delivered two and a half years ago by Amazon Web Services to the CIA continues to pay dividends for the intelligence community. AWS’ newest service—a classified marketplace for applications—is exponentially reducing the time it takes to bring new software into the IC.

“This is a game-changer for us,” CIA Chief Information Officer John Edwards told Nextgov. “Things that used to take us months take us minutes.”

For the 17 agencies that comprise the IC, time is critical. Before AWS launched the IC Marketplace for the CIA in April, it could take “nine to 12 months to bring in a new application,” Edwards said.

The classified marketplace for applications is similar to AWS’ public marketplace. Applications required market surveys, a contract or purchasing vehicle, and testing time. The process left analysts and data scientists waiting—and generally using outdated technologies compared to leading industry counterparts.

“We’d spend tens of millions of dollars and still be six or seven years behind where everyone else is in the commercial world,” Edwards said. “These guys are driving us to operate at their speed. We need to not act like the government, but more like commercial [companies], and operate at the speed of mission and not the speed of government.”

A recent demonstration of the IC Marketplace to the CIA’s top three officials left them impressed, Edwards said. In less than 3 minutes, an analyst sat down, downloaded a DevOps workspace and application from the marketplace and populated the environment with data. That kind of speed matters in national security.

The marketplace allows analysts, data scientists and developers to quickly select tools for specific problems or use the try-before-you-buy feature from AWS’ public marketplace. Software licensing typically precludes this kind of agility—an issue the Government Accountability Office has repeatedly identified as costing the government billions—with acquisition officials handcuffed by costly upfront agreements. No agency wants to be left short on licenses, so acquisition officials sometimes overestimate how many to purchase, potentially resulting in overspending millions of dollars.

Users can spin up approved applications in the C2S cloud to deal with specific mission needs, and if they don’t work, “blow up that instance and download another application,” Edwards said.

The intelligence agency is only billed for storage and compute used, which skirts the problematic nature of estimating how many licenses of a software product to purchase. That frees up analysts and others to “play” around in the C2S environment, testing applications and preparing for whatever mission needs might arise.

“Once you have that [application], it works with my mission data, and it solves a problem,” Edwards said. “I can lease that for as long as I want, and use for as little or long as I want to. I can buy exactly what I need, for exactly as long as I need it.”

Edwards echoed peers at the CIA in saying the cloud infrastructure opened the doors to software offerings from startups and other companies that previously felt the government too burdensome a customer to pursue. Companies are busting down the virtual door trying to get their offerings before the CIA now because there’s an easy way for them to do it.

That’s also one of the big challenges, Edwards said. While AWS’ public marketplace has 3,500 commercial applications, the IC Marketplace only has 72. Both AWS and the IC vet applications, looking for things like foreign ownership in companies. Edwards said while the CIA is “tweaking the process to make it faster,” resource hurdles exist.

“Some of that is resources, and we’ll apply more to processes, but you can only do so much,” Edwards said.

Nonetheless, 200 applications are in the IC Marketplace pipeline at some stage of vetting, prioritized “based on their bang for the buck” to the IC. The CIA is striving for commercial parity, but it’s only interested in applications “with relevance to the intelligence community,” Edwards said. That means big data, analytics and geospatial applications have the inside track.

Transactions are handled by the IC Marketplace, and the IC pays through the original 10-year C2S contract, initially valued at $600 million for a classified cloud computing infrastructure. Because that contract has options for additional services like the IC Marketplace, it’s likely the value will increase over time.

Edwards said the C2S contract is “not so much about savings of dollars, but more about the impact to mission.” He estimated there would indeed be dollar savings over time—by less use of costly internal data centers, for example—but said the CIA’s partnership with AWS better positions itself to deal with the fiscal realities of today.

At the same time, budgets have decreased, mission demand has increased, so innovation that improves agility and speed-to-market are very real ways the CIA is trying to balance between those stark realities.

“As demand goes up and budgets go down, we’re still meeting mission demand,” Edwards said. “It’s allowing us to absolutely operate within those two lines.”

Close [ x ] More from DefenseOne
 
 

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.

    Download

When you download a report, your information may be shared with the underwriters of that document.