New CIA director inherits an agency that is quickly developing cyber capabilities
The CIA’s Directorate of Digital Innovation is now delivering the kinds of cyber-espionage tools and intelligence-gathering capabilities that the agency was seeking when then-Director John Brennan created it two years ago, says a senior official with the program.
The unit has moved beyond its initial period of integration with the spy agency, said Sean Roche, the DDI’s associate deputy director. It’s now “delivering capabilities that will enable CIA to transform the business of intelligence,” he said, at a time when the CIA is transitioning to new leadership.
“We are creating agile digital environments to enhance our ability to collaborate as an Agency and Intelligence Community,” Roche said. “The vision is to create pathways for persistent clandestine and open-source collection that feed data exploitation and curation.”
The Langley, Virginia-based office’s mission is to streamline and integrate digital and cybersecurity capabilities into the CIA’s espionage, counterintelligence, all-source analysis, open-source intelligence collection and covert action operations.
The DDI’s progress also comes as Donald Trump’s administration evaluates the role, responsibility and mission of nearly every federal organization. On Monday, the Senate confirmed Trump’s pick to replace Brennan, Mike Pompeo.
“The DDI is firing on all cylinders,” Roche said of the unit’s momentum.
Pompeo, formerly a House member from Kansas, steps into Langley with the benefit of a DDI that has been working for more than a year to broadly modernize the premier U.S. intelligence agency — an effort that includes the adoption of cloud data-storage technologies and secure dev-ops coding projects, as well as “digital collaboration environments and mobility through wireless,” Roche said.
Roche is a career federal employee with 35 years of service in the government. Prior to his current job, he held various executive positions with the CIA’s Directorate for Science and Technology — a research and development arm with a national security focus. Roche’s boss, DDI Director Andrew Hallman, is CIA veteran with decades of leadership experience.
“A digital world challenges the way we work in a clandestine world. We have to come up with new ways to operate in a much more connected environment and still be clandestine,” Hallman said in an interview with DefenseOne. “The way we help people use digital and cyber techniques, [the DDI] will raise it to a new level.”
Last summer, Brennan said the DDI would help the spy agency succeed in an era of “big data,” which requires that analysts mine through vast volumes of digital information to find actionable intelligence.
“I felt a special responsibility since I served 25 years in CIA to do what I could here on the organizational front to make sure that we’re postured well for the future,” Brennan said in a December interview with NPR. “I’ve talked to Mike [Pompeo] about the modernization program we have underway here. He is very familiar with it … I told him that to me, the modernization process should never end because we have to constantly adapt to the realities that we have to deal with in the outside world.”
The launch of the DDI represented the CIA’s first new Directorate since 1963. Little is known about how the office specifically functions or if it deploys “offensive” cyber capabilities.
The CIA declined to discuss whether the DDI’s staff size has grown since the unit’s conception in early 2015. Publicly viewable CIA job postings show that the spy agency is currently hiring for digital forensic engineers, cyberthreat analysts, cybersecurity officers and operations officers. Qualified applicants for these positions will come with some knowledge of “network penetration testing, network defense, operating systems, communication technologies, network security” and “reverse engineering.”
In the past, the CIA has traditionally worked “very closely with the intelligence community and law enforcement colleagues, including the NSA, FBI, Homeland Security Department, and other agencies, to address” cyberthreats aimed at the U.S., said CIA spokesperson Heather Fritz Horniak.
One of the CIA’s primary responsibilities pertaining to cybersecurity includes the collection of human and digital, or signals, intelligence to identify foreign hackers. What sets the CIA apart from its counterparts is the agency’s ability to collect human intelligence from a clandestine network of agents operating around the globe.
“Cyber-defense is very much a team sport across the [government]. As an all-source overseas collector, CIA leverages the widest range of HUMINT, collection platforms, and technical capabilities to discover the plans and intentions of hostile foreign cyber actors,” Horniak said. “The intelligence reports generated by DDI officers inform our partners across the federal government in order to support their cyber-incident responses.”
According to classified budget documents shared with the Washington Post, the CIA’s computer network operations budget for fiscal year 2013 was $685.4 million. The NSA’s budget was roughly $1 billion at the time.