Countering Terrorism With Technology

he FBI agent has been working for weeks on a tough counter-terrorism case. Although he's close to cracking it, he is missing crucial information that could help solve it. Stymied, he takes a lunch break, only to return to his desk and find information critical to his case staring at him from his screen. Using information gathered from the computers of other FBI agents, the agent finally fits the pieces of the puzzle together, thwarting yet another terrorist plot before it jeopardizes the safety of U.S. citizens.

Until recently, that kind of information sharing was not only rare, but prohibited at the Federal Bureau of Investigation. But thanks to an increased focus on counter-terrorism and a forward-thinking director, the FBI now employs state-of-the-art knowledge management technology, allowing the agency to gather, organize, share and analyze both its structured and unstructured data.

"We're trying to go from having individual data components to getting that data in an aggregate form so we can produce information relevant to a topic," explains Ken Ritchhart, the FBI's section chief for data engineering and integration. "Then we can apply that information to a problem set, which gives us intelligence or evidence for the next step-taking action."

Using knowledge management technology-a group of tools and methodologies designed to help gather, organize, share and analyze information-FBI agents can make connections they might never have been able to make before. They can access information from other open FBI cases that might be relevant to their own cases, helping them solve cases more quickly. And eventually-once agreements and standards are worked out-agents might even be able to share information with the CIA, Homeland Security Department, and other intelligence-gathering agencies. Once that happens, the possibilities for fighting terrorism will be virtually limitless.

FIGHTING WITH KNOWLEDGE

Knowledge management can be used to fight terrorism in many ways. One of the most valuable is link analysis-the ability to link two or more seemingly unrelated bits of information.

"There is gold buried in an organization's assets, but in most cases, you don't see people turning that gold into jewelry, which has utility to an end user," explains Barak Pridor, CEO of ClearForest Corp., a New York-based knowledge management vendor offering link analysis technology to a number of agencies, including the FBI. Link analysis tools tag unstructured text-based documents to identify relevant entities, events, facts and relationships buried inside them. The technology then puts all relevant information in a central repository so all possible linkages, relationships and insights can be derived.

Link analysis holds great promise in the field of counterterrorism. An analyst working to pinpoint the location of a ticking bomb, for example, must find the person responsible for the bomb as quickly as possible. To do that, the analyst would look for all records that mention the person's name to identify anyone with whom the perpetrator has had a close relationship, through school ties, past experiences or other relationships. After formulating those links, the analyst must prioritize them and begin talking to the contacts he has found. At the same time, the analyst would look for all mentions of the perpetrator's past activities-information that may exist in various databases, newspaper articles and other sources.

Knowledge management technology also can help link people working on the same hypothesis. This category of tools builds profiles of analysts based on the content of outbound e-mails and other systems they use every day. The system looks for patterns-names, phrases and clusters that constitute topics. When another analyst in the organization has a question about a specific topic, he will get that information from the system, minus the name of the analyst whose profile was accessed. The primary tool in this category is from Tacit Knowledge Systems Inc. of Palo Alto, Calif.-one of the technology companies funded by In-Q-Tel, a nonprofit enterprise created by the Central Intelligence Agency that contracts with companies like Tacit to help develop cutting-edge information technologies that serve the country's national security interests. "It's about realizing the significance of what you already have, and that can only happen when people who have bits and pieces of the puzzle can connect with each other and start working together," notes Tacit CEO David Gilmour.

CULTURE SHOCK

The use of knowledge management tools isn't a new practice for government-in fact, knowledge management has been used for years to enhance collaboration, capture and share best practices, and provide e-learning programs. But after Sept. 11, it became abundantly clear that to fight the growing threat of terrorism, such technology must be applied to sensitive and classified information-the type of information the CIA, FBI and the new Homeland Security Department work with every day.

Ruth David, president of Anser Inc., an Arlington, Va.-based public service research institute focusing on national and homeland security issues, notes that some of the shortcomings identified in the recent draft report by the National Commission on Terrorist Attacks upon the United States, known as the 9/11 commission, could have been prevented if knowledge management technology had been in place.

"There were a number of areas [described in the report] where data initially weren't deemed relevant by an analyst because they were looked at in isolation," she says. "As a result, pieces of data weren't reported, so subsequent analysts didn't have an opportunity to look at those pieces of data in a broader context with the benefit of related fragments of information that might have raised some alerts."

Those missteps are just the types of mistakes the intelligence community aims to correct through better sharing of information-and the first step is changing the long-standing, rigid culture of keeping information close to the vest.

The FBI is one of the first agencies to change that culture. FBI Director Robert S. Mueller said in a June 30 speech at a National Press Club luncheon that the Sept. 11 attacks required a dramatic shift in priorities. As a result, Mueller has called for not only a comprehensive revamping of the FBI's counterterrorism program, but a complete overhaul of the agency's information technology systems, including a greater reliance on knowledge management and collaborative technologies.

Earlier this year, Mueller made a fundamental shift in policy by mandating that all information must be shared unless an agent can explain why it shouldn't be-a move that makes it much easier for the agency to apply knowledge management and other analytical tools to their processes.

That's changed things for the better. Until recently, all FBI case files were restricted to individual agents, preventing all others from viewing them. Agents also had to get permission to access information from other cases, making information sharing difficult. If three agents were working on similar types of cases, there was little chance they could pool their knowledge.

"It used to be exclusion unless proven otherwise, and now it's inclusion unless proven otherwise," Ritchhart says. "With the old way, you couldn't apply knowledge management and analytical tools because you couldn't see the trends across the board."

Now that the policy has been changed, the agency is taking the next logical step, moving data into the Secure Collaborative Operational Prototype Environment for Counterterrorism (SCOPE), a data mart with more than 34 million documents related to counterterrorism. To access and share data contained in SCOPE, the FBI uses a variety of technologies, including ClearResearch, a knowledge management tool from ClearForest, and collaboration tools from Convera of Vienna, Va., and Ezenia Inc. of Burlington, Mass.

"Before we made the changes, an agent who was sending information out had to know exactly who to send it to, and somebody working a similar case would never see that information," Ritchhart says. "Now analysts have defined their profiles and areas of interest, so if I'm working a case, anything that fits the areas I've defined will be tagged and sent directly to me."

WARNING: CHALLENGES AHEAD

Agencies have significant challenges in finding ways to best use knowledge management to fight terrorism. Each agency must find ways to validate information, determine which information should be accessible to others, deal with issues of information ownership and security, and track how information is being accessed and used. In addition, changing the way agencies have shared-or not shared-information for dozens of years can cause a bit of culture shock.

But the biggest challenge, experts say, is how to share data effectively and securely among agencies. Solving the knowledge management challenge at the FBI is an important first step, but if an FBI agent can't access important information from a CIA analyst or the Homeland Security Department, the case may remain unsolved.

The Homeland Security Department faces even greater challenges than those of the intelligence community. While it must access information and resources both horizontally (with other federal agencies) and vertically (with state and local government as well as industry), the department is relatively immature. Once there is consensus on the nature and operational role of the department, it will be in a better position to roll out key cross-agency and intra-agency initiatives, according to Jocelyn Young, program manager for the vertical markets research group at Framingham, Mass.-based International Data Corp. That will increase the effectiveness of information sharing and promote greater collaboration, Young noted in a recent report on knowledge management in government.

Progress is being made on the inter-agency front, however. Intelligence agencies now exchange liaison officers and keep in close contact with each other and with the Homeland Security Department. When the FBI conducts a briefing on any aspect of counterterrorism, a CIA representative now attends the briefing-and vice versa.

On the technology front, the intelligence organizations are participating in the Intelligence Community System for Information Sharing, a Web-based framework for sharing sensitive and classified data. Intelligence operations also have agreed on common eXtensible Markup Language (XML)-based standards for data exchange, enhancing agencies' information sharing abilities.

For the FBI, these changes are just the tip of the iceberg. Next, Ritchhart says, is tailoring information in ways or formats that make it most valuable to users. With that capability, the entire counterterrorism process could move more quickly.

But all in all, things are moving along. "It's been an uphill battle until recently, but things have changed since 9/11," Ritchhart says. "After 32 years in intelligence, I've never seen collaboration better than it is today."