National Intelligence Program FY 2015 Congressional Budget Justification Volume NATIONAL AGENCY MARCH 2014 DRY FROM Muhiplc Scum DECI 0N numb mm or SPECIAL TOPIC ENTERPRISE 1C ITE Roles and Responsibilities Introduction and W1C inferrnation Technology Enterprise 1C ITE represents the lC's investment in changing the culture to promote intelligence integration and information at the community level NGA sees the success of the IC initiative as an opportunity to increase investment and focus on the agency s core competency As an IC ITE service provider and adopter NGA is a strategic player in ensuring the success of this initiative Partnered with NGA provides EMT and DTE services to the community As much as possible NBA has subscribed to the other services While the tactical advantages are slight at this early stage the strategic investment in the community is critical to the success ol'thc lC ITE initiative IC Desktop Environment IC DTE We EC features a common desktop look and feel for all users thick and thin client Users will experience a single sign-on and can operate using the some email and sector phone for the duration of their career A common set of of ce Intonation communication and tools will be available to increase information sharing and interoperability between agencies as well to mess to legecy applications data and services The numerous features delivered by it DTE are Communications interface between voicumil and entail - for One sector phone number assigned for one s career Mobile desktop log in at any ltf site where DTE has been implemented and print capability print locally I Conununity wide Global Address List I Hi-Standard Classification Management Tool - U-Hlomc directories and pro les I Hi-Virtual Desktop Infrastructure I Mobile devices -81 Electronic content and records management I Hi-Improved security posture I Enhanced collabomion with community members and data stores worse use 3142 moron 1 1 3 0 3142 - trust s 1376 3142 tbL The expected bene ts of H DTF as part of the EC ITF are - memo u s_c 3142 - 3142 u-s c 3142 use 3142 bxar use 5 3142 8- Enterprise Management EMT Uri-Support the eta-rent integrated sen-ice provider Change Control Board to process change requests coming from Initial Operating Emeline in accordance with the 1C Change Control Process The joint DUUNGA EMT effort will provide cost ef ciencies for the IC while delivering improved user experience The vision is to facilitate a one number to call centralized 1T operltinns with real-time health and status situational awareness across the entire lC shared space EMT also supports the current inmgrateri service provider Change Control Board to process change requests coming from Initial Operating Baseline in accordance with the EC Change Control Process- Aer the transition progresses the K3 will bene t from EMT services in multiple ways I GEM-19569- Better coordination between service providers by establishing common processes to enable interoperability and consolidate service desk reporting 0 We Reduced costs through use of a single coherent view of the service providers' status providing transparency and clear accountability for the level of service Reduced risk by providing a focal point for enterprise risk analysis and coordinated pmblern management analysis to determine root causes For system outages A formal coordinated change management process will reduce downtin and risk of operational failure ab-Other NGA Roles We NGA is a consumer for the other It services provided by the ether lC members FY 2015 overall budget request includes resomees for preparing data and applications for migrating to cloud and applications mail services These mom-es will support the operation and sustainrnent of existing NGA enterprise capabilities but will also be leveraged to transition to the 1C framework These efforts include mis t use 3142 u s c 3142 - enema use 5 3142 use 3142 unwise 314i2 use 5 3142 2015 Budget Request This section includes IC ITE service provider information directly related to the FY 20 5 budget request 'Kbm bl l 417 bki BExpected Accomplishments u s o 3142 u s c 3142 u s c 3142 QIC Enterprise Management U S C 3142 o U51 5 3142 a use 5 3142 c1 u s c 3142 Ith 3 250 o U S C 3142 - mac 5 3142 a U S C 3142 o U S C 3142 1 U S C 3142 SPECIAL TOPIC f3 CYBER ACTIVITIES MAPPED TO OMB TAXONOMY 1 1 Cyber Overview flat-3 Mission 1 The NGP Cyberseeurity program ensures that all National System for Geospatial-lnteiligmce NSC networks IT systems and geoslmtial data worldwide are safe secure and compliant with applicable laws and regulations In addition cyberseeurity efforts defend NSG networks and perimeter from eyba' intrusions from state and nonvstate actors and guard against national security breaches by adversaries 1 1 OMB Cyber Taxonomy FY 2014 0MB adapted it arbor-taxonomy for cybet activities that includes all activities Formerly identi ed within the Connorehemtive National Cybersecutity Initiative CNCI some speci c FISMA resource data end all other activities or operations The NGP has no activities that were not previously counted as CNCI nor does it have any activities that have been removed from the cyber program resulting from the new taxonomy FY IBIS Request th mm 419 Funding also provides a W GEOINT crisis support and on cyber threats om 0 Support transition from 63 Protecting Sensitive Cmnpa mcnted Information 1within Information Systems to IC Dircctivc 503 Intelligence communin lnfonnution Technology Systems Security Risk Management Certi cation and Accreditation per public law fl Cybersccurlty -11- Description K11 mm W111i- NGP Security program cosmos that all NSG notworlcs IT systems and gcospalial data worldwide are safe sccun and compliant with applicable laws and regulations in addition cybor scourity efforts defend NSC- nctworlts and trimmer 'om cyber intrusions from state and non-state actors W NGA is also aggressive in protecting NSG information and systems from compromise This includes monitoring systems for potential misuse violations of policy data es ltmtion malicious cod - and data spills Bj- Spcci caiiy FY2015 mourns will libl l use 5 3142 - u s c 3142 u s c 3142 - onaxso 11 3 0 15 3142 - 11 3 0 3142 U S C 3142 U S C 3142 - U S C 3142 422 11 5 0 5 3142 'i' iil U S C 3142 warm use 3142 Kb 1 UfAccomplishments In FY 2013 NGP accomplishme in cyber security included the following U s c 3142 - museum Cuntinucd tn NGA using NGA intcr lcc and cnlc'lprisc cross domain plalfm al the NCE Continual NGA ODNI and DOD support for AM c b s mu fall-W 423 Kb In FY 2014 NGP expects to accomplish the following but - amount u s c 3142 use a 3142 1 1 3 0 3142 I - mm Continue NGA IBM and DOD support for Assessment and Authorization AM efforts I Maintain a 90 percent accreditation rating for FISMA reportable systems o I W Establish an NBA Of ce of Security Forensic Lab at West location and reach initial operating capability 10C This will serve as the primary forensic 11th for the Of ce of Security in St Louis and the COOP location for the Forensic Lab at NCE It will process and investigate requests related to Personal Electronic Device FED entry into space as well as requests from CSOC related to malicious activity on NGA networks TO The NGP expects to accomplish the following outcomes in FY 20 I 5 - Continue to develop a formalized analysis training program to ensure GEOINT cyber have a working level understanding of technical aspects of cyber intentions and network defense as well as an of GEOINT lrsdecru as it relates to analysis 0 ll - Achieve cyber-dcl'cnsc goal of 100 percent with no successful intrusions to prevent cyher intn NGA networks from state and non-state actors and to guard against national security breaches of NGA networks by adversaries I W Enhance NGA cyber defenses by adding additional functionality to the Enterprise Controlled Interface and fully instantiating the Enterprise Cross Donnin Service at the NBA Campus East NCE and NGA Campus West NCWJ- The Enterprise Cotiuollod Interface provides centrally monitored managed and scalable perimeter defense capabilities at all security dormins The Entetwise Cress Domain Service implements IoW-to-high and high-to-low redundant load- balanccd dour and audited onme services to include support for National System for Geospatiul Intelligence Cortsolirlated Library and consolidates 70 percent to 80 percent of targeted systems I We Strengthen the Intrusion Detection System on NGA nehvorlrs to mitigate insider threats and fortify NGA cyber defenses prevent malicious attacks thwart malware intrusions track cyber-atraek messages to origin upgrade tools for detection of data tampering to enable information sharing in it trusted secure environman I W Develop and transition to on N56 crumprise-wide security access and control system This Will meet KI and objectives for information sharing ICD - Haiti-GHQ Maintain ldAM as the enterprise authentication service continue to expand interfaces with NSG systems capabilities and services to include multiple security domains u 1m18upportthe transition from 3 $50 U-S C- 3142 3 50 U S G 4 3142 29 50 u_s c_ 314 Certi cation and Accreditation per public law rum I W Reach FOC in NGA Of ce of Scmu'ty Forensic Lab-Won W Establish an cum-wise forensic capability in the NGA Of ce ofSecm'ity Forensic Lab- West Enhance the NGA Security s cngimc ng capability and reach inkial operating capability 10C Mn 16' Cybersccurity Resource Summary l 'axu -3 Cyber Operations Hi Description cyber operations include the research and developmm of the necessary requirements to exploit current new and future sensor systems in ways that Support new analytic trailecruft Sources Sensors and Phenonwnologies to operation-alive the viwaliaation related and network topology in three dimensions Speci cally FY15 resources will be used to I Develop a capabilin to operationalim GEOINT data extracted from cyber-sourced raw data and build cyber topologies with automated mapping translation capabilities to support analysis on hard intelligence problem 1 9 Accomplishment -U-l-in FY 2013 and FY 2014 NGP accomplishments in Operations included the following I may There was banding in cyber operations for FY 2013 ml 20M ll-Ri e NGP expects to accomplish the following outcome in FY 2015 WHO Operationalize data extracted from cyberciourced raw data and build cyber tOpologies with automated mapping tramlatioo capabilities to support GEOINT analysis on hard intelligence problems Operations Resource Summary ill