In a much anticipated move, President Obama on Wednesday issued a national strategy designed to balance the sharing of information with those who need it to keep the country safe, while protecting the same data from those who would use it to cause harm.
The National Strategy for Information Sharing and Safeguarding (NSISS) outlined how to responsibly share and safeguard data that enhances national security and protects the American people, the White House said in a memorandum released with the report on Wednesday. The national strategy will define how the federal government and its assorted departments and agencies share their data.
Security depends on sharing the right information with the right people at the right time, the White House said in its memo that accompanied the document. However, it is important to remember that information is being shared for the sole purpose of making better decisions. The strategy treats information as a national asset that must be protected and shared, as appropriate to the situation.
“This strategy makes it clear that the individual privacy, civil rights and civil liberties of United States persons must be – and will be – protected,” the President wrote.
Sharing and safeguarding are often seen as mutually exclusive, when they are actually mutually reinforcing, Obama added. The strategy emphasizes how strengthening the protection of classified and sensitive information can help build confidence and trust so that it can be shared with authorized users, he said.
The strategy recognizes that information sharing and safeguarding requires shared risk management. Since threats to national security are constantly evolving, the policies on how to this information is used and protected must also evolve, according to the strategy document.
“We will therefore keep working to maintain an environment in which information is shared in a manner that is responsible, seamless and secure,” according to the document.
The NSISS provides guidance for more effective integration and implementation of policies, processes, standards, and technologies that promote secure and responsible national security information sharing.
The strategy has five goals to accomplish: collective action through collaboration and accountability, a set of common standards to improve information discovery, optimize effectiveness by sharing services, define new policies and processes to protect data, and protect user privacy and civil rights.
“This includes protecting private and personal information about United States persons and upholding our commitment to transparency,” the strategy said.
The strategy calls for everyone to work together, using governance models that enable mission achievement, adopting common processes where possible to build trust, simplifying the information sharing agreement development process and supporting efforts through performance management, training and incentives.
Agencies can also share services and work towards data and network interoperability to be more efficient, the President’s strategy said.
There also needs to be clear policies and common standards for making information available to approved individuals and a rigorous process to certify they are being used correctly. Identity, authentication and authorization controls, data tagging, and enterprise-wide data correlation will improve information discovery.
The program of information sharing relies on trust, so there must be policies and clear processes in place to identify and prevent insider threats and external intrusions. Departments and agencies need to work together on data level controls, automated monitoring, and cross-classification.
Even more importantly, privacy, civil rights and civil liberties protections must be applied across the government, and corresponding safeguards need to be built into information sharing operations and compliance mechanisms.
“As we execute the Strategy together, we will harness our collective resolve to treat information as a national asset, make it discoverable and retrievable by all authorized users, and arm those charged with preserving the security of our nation with all information available to drive decisions that protect our country and its people,” the document concludes.
The “National Strategy for Information Sharing and Safeguarding” is available as a PDF from the White House website.
Related: Department of Defense Expands Information Sharing Initiative
Related: Taking the Blinders Off – The Value of Collective Intelligence
Related: Combating Emerging Threats Through Security Collaboration
