“It would be like trying to clap with one hand.”
That is how the man tasked with leading the U.S. government’s effort to share and safeguard information describes the prospect of trying to accomplish that goal without collaboration from the geospatial community. Kshemendra Paul, program manager for the government’s Information Sharing Environment, says that while the government’s role in cybersecurity has been all over the news lately, the ISE is in no way new to the information-safeguarding landscape. Born out of the events of 9/11, the ISE was created to help various government agencies share data with an eye toward enhancing national security.
On the sidelines of Esri’s FedGIS conference this week in Washington, Paul highlighted some of the initiatives the ISE has undertaken to help federal, state, local and tribal level authorities collect, share and safeguard what Paul describes as “a tsunami of data.” Paul also noted how close work with groups outside the government has paved the way for ISE best practices to spread beyond the realm of counterterrorism into areas like domestic policing and disaster preparedness.
At the forefront of the ISE’s efforts is the National Strategy for Information Sharing and Safeguarding (download here). Signed by President Barack Obama in December, the NSISS provides a framework of goals, best practices and industry standards that promote responsible information sharing and safeguarding in support of our national security. Paul says the NSISS represents more than a decade of lessons learned by the ISE.
“Post 9/11, we did a lot to share information. A lot of it was manual. A lot of it was expedient,” Paul explains. “In the last three to five years, it has just accelerated. We are going up a learning curve about how we share information and how we manage information. … We are moving up a maturity curve in terms of organizational governance.”
According to the ISE, three guiding principles form the foundation of the NSISS:
- Information is a national asset. In addition to gathering, storing and using information to complete their own missions, departments and agencies must view information as a national asset that should be shared with other agencies, departments and partners who have a national security mission — all while protecting individual rights.
- Information sharing and safeguarding requires shared risk management. To achieve responsible information sharing, risk must be managed among departments and agencies, not avoided. Shared policies and standards, increased awareness and training, effective governance, and enhanced accountability help agencies and departments to share and manage the risk associated with information sharing.
- Information informs decision making. The value of information sharing is measured by its contribution to proactive decision making. Informed decision making requires the ability to discover, retrieve and use accurate, timely, relevant and actionable information. The policies, guidelines, standards and frameworks promulgated by this strategy will strengthen our nation’s ability to make proactive, informed decisions.
The NSISS also sets forth five goals:
- Drive collective action through collaboration and accountability.
- Improve information discovery and access through shared standards.
- Optimize mission effectiveness through shared services and interoperability.
- Strengthen information safeguarding through structural reform, policy and technical solutions.
- Protect privacy, civil rights and civil liberties through consistency and compliance.
Paul says the establishment of a standards coordinating council is just one example of how the ISE has tapped the geospatial community for critical input.
“We can do a lot of our work outside the four walls of government and we do that. … It’s critical for getting the industry buy-in for the standards-based approach.”