DHS Proposal - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

DHS Proposal

Description:

Akamai, VP Public Sector, Betsy Appleby ... Participants: Sheryl Nicely-DNI, Ron Ross-NIST, Jim Simon/David Waldrop/Joe Rosack-Microsoft, ... – PowerPoint PPT presentation

Number of Views:545
Avg rating:3.0/5.0
Slides: 22
Provided by: ich4
Category:
Tags: dhs | betsy | proposal | ross | timeline

less

Transcript and Presenter's Notes

Title: DHS Proposal


1
Institute For Information Sharing
A Public/Private Partnership for Cross Sector
Information Sharing
An architecture advisory and inclusive knowledge
exchange required to leverage implementation best
practices while mitigating risk
Linda Millis, Markle Foundation John Weiler,
ICHnet.org Info_at_ICHnet.org 703 768 0400
www.Markle.org www.ICHnet.org www.SecurE-Biz.net
June 15th, 2006 Stake Holders Meeting at Markle
Foundation
This document is confidential and is intended
solely for the use and information of the
membership to whom it is addressed.
2
IIS Vision
to advance collaborative
processes that assure successful implementation
of cross-sector information sharing solutions
aligned with business drivers
in a timely, inclusive, and conflict free
environment
3
Agenda
  • Welcome - Linda Millis, Director National
    Security, Markle Foundation
  • Background, Scope, Drivers of IS Partnership
    Linda Millis, John Weiler
  • IS Policy Governance Steering Committee Tom
    Springer-Verizon
  • IS Common Services (Use Cases) IPT Rahul
    Gupta-PRTM
  • Information Exchange IPT - Michael Daconta
    Oberon, Robert Greeves-DOJ
  • IS Immersion and Certification SAWG - Robert
    Steele-Symantec,
  • Concept of Operations Bob Babiskin-ICH
  • Conclusions Next Steps Linda Millis

4
Emerging IIS Stake Holders and Partners
  • AF XC Deputy CIO, David Tillotson, Col Williamson
  • CIFA, Brandon Williamson for Alan Golombek
  • DHS NCSD, Director of Software Assurance Joe
    Jarzombek
  • DHS Office of Intelligence, Grace Mastalli,
    Theresa Philips, Carter Morris
  • DHS HSOC, Steve Wilson for Frank DiFalco,
  • DHS Preparedness, Mike Nicholson for Charlie
    Church
  • DHS USCG, MDA Guy Thomas for Dana Goward
  • DISA Tom Ainsworth, Michael Artis, Dennis
    McGinness
  • DNI Deputy CTO for Analysis, Andrew Shepard
  • DNI OCIO, Chief of Staff Rich Russell, Tarrazzia
    Martin
  • DoC Secretary of Technology Robert Cresanti
  • DOJ/FBI Ken Ritchhart DCIO, Bob Greeves NIEM
  • FBI Sentinel Program, Mio Lazarevich
  • GSA Smart Buy PM, Tom Kireilis
  • HUD CIO, Lisa Schlosser
  • Joint Staff, J6 Col Brian Hamilton, Col Snead
  • Navy Capt (Ret) Tim Traverso, Tim Johnson
  • NIST Computer Security Division, Matt Scholl
    CISSP
  • Council for Excel. In Govt, Lynn Jennings for
    Fred Thompson
  • Markle Foundation, National Security Director,
    Linda Millis
  • Former Executive Director, Homeland Security
    Institute, Randall Yim
  • Information Systems Security Association, EVP
    Robert Daniels,
  • Aerospace Industry Association, Asst. VP, Bruce
    Mahone
  • Open Geospatial Consortia, Sam Bacharach
  • Akamai, VP Public Sector, Betsy Appleby
  • Input Strategies Group President, and AFCEA NCR
    Vice Chair, Alan Balutis
  • Former Federal CIO Council Chair, Dan Matthews,
    Lockheed Martin
  • Sun Federal, James Laurent, Barry Sheldon, Guy
  • Oracle Federal, VP Emerging Technologies, Joe
    Bardwell, Tom Mayhew
  • IBM Tivoli, Chief Scientist, Dr. Robert Blakley
  • Microsoft Federal, Curt Kolcun, Carolyn Brubaker,
    Scott Suhy, Kim Nelson
  • EDS, VP Intelligence Operations, Michael Finn
  • HP Public Sector Bob Gatanis, Jeff Hall, Willie
    Coleman
  • Oberon Associates, Michael C. Daconta
  • HPTI Bill Vajda, Former NSA CIO
  • PRTM Partner, Rahul Gupta
  • Search for Common Ground, Professor Chip Hauss

5
Information Sharing Challenges being addressedto
overcome the common failure patterns that
undermine 80 of all major Government IT
programs.
  • Our leadership seeks a collaborative approach to
    effectively transform and inform the solution
    engineering and acquisition processes
  • Cross Sector Outreach and Collaboration cannot be
    contracted (State, Federal, Industry) Cross
    sector information sharing requires a trusted
    public/private partnership structure that cannot
    be compromised by inherent conflicts of
    interests.
  • IS Stake Holders need standardized architecture
    views that represents stake holder needs in terms
    of IS policies, business processes, information
    exchanges and viable COTS solutions. (ref GAO
    Rpt on Information Sharing, DHS Strategic Plan,
    E-Gov Act, ISE Interim Plan, OMB A119, HSAC Aug
    10th report). These views much be actionable and
    free of vendor bias.
  • Missing Performance Metrics and SLAs In context,
    actionable metrics (security, interoperability,
    business fit, latency) are absent from program
    planning, architecture and acquisition processes,
    making Performance Based Contracts very risky.
  • COTS Capability Obfuscated by the SLDC process
    COTS research, assessment and certification take
    too long, cost too much, and often inhibits
    ability to leverage proven COTS solutions. Result
    is costly and brittle custom solutions that govt
    cannot afford to operate, and perpetuate
    contractor lock-in.
  • Industry expertise and best practices not
    accessible Accessing required expertise to
    inform the planning and architecture. are
    required for actionable planning and architecture
    processes. Current contracting mechanisms and
    trade associations rarely reach outside their own
    organization or the defense industrial base.
  • Leadership Education Any transformation effort
    requires training and education to overcome
    cultural impediments.

6
The path forward is now self evidentwith only
rice bowls and self interests standing in the way
  • General Dale Meyerrose, DNI CIO, "The goal is not
    to protect the information or the network the
    goal is to use the information No single
    agency has all the answers or resources, nor can
    any one agency control all information sharing.
  • General Charles Croom, Director, DISA and JTF-GNO
    The commercial world is rapidly implementing
    information technologies and services the
    government can use without any modification. I
    hope to establish a process that will rapidly
    evaluate commercial technologies and make them
    available to our customers.
  • The HSAC August 10, 05 Report on Information
    Sharing recommends for DHS
  • DHS and the Private Sector should work in
    collaboration to develop a formal, and
    objectively manageable, homeland security
    intelligence/information requirements process.
  • This process should place a premium on, and
    leverage, superior Private Sector information
    resources, expertise in business continuity
    planning, and understanding of the operations of
    infrastructure sectors.
  • DHS should partner with the Private Sector in
    developing an integrated architecture for
    information collection and sharing.
  • DNIs Information Sharing Environment (ISE),
    Interim Implementation Plan
  • State, local, and tribal governments and private
    sector entities must be full partners in this
    effort.
  • Implement common standards and architectures to
    further facilitate timely and effective
    information sharing

Can We Share?
Out paced by fast paced IT market Overwhelmed by
IT offerings? Ill-equipped to evaluate? Best
Practices? Security?
7
Drivers, Scope for an IS Public/Private
Partnership
  • Why a PPP Honest Broker is recommended by GAO,
    HSAC, E-Gov Act, DNI, DHS to advance Information
    Sharing across communities of interest. Stand up
    a collaborative research institute, that can
    speak for the combined interests of state,
    federal, local, tribal industry and other
    relevant stake holder. Summary of existing IS
    studies and recommendations (Homeland Security
    Advisory Council, Markle Foundation, Council for
    Excellence in Govt, EO 13388, 911 Commission
    Recommendation, E-Gov Act).
  • Establish integrated product teams (IPT) and
    virtual centers of excellence (COE) that allows
    govt PMs to tap into the needed expertise to
    solve real world problems. Leverage existing
    ICHnet.org collaboratory, OMB/GAO/OSD recommended
    processes and Govt-wide FFP contract vehicles.
  • Define set of operational scenarios with stake
    holders that guide focus IPT activities and
    development of cross sector architectures.
  • Scope Assist agencies/industry in informing and
    vetting their respective IS Architecture Views
    that clearly define business needs, information
    exchanges and existing solutions. Define the gaps
    and mitigate risk.
  • Outreach and Education. Expand existing Secure
    E-Biz Summit and Leadership Awards to promote
    work products and successes of members.
  • Overview of Steering Committee and Solution
    Architecture Working Group (SAWGs)
    Structure/Outputs Purpose, White Papers,
    Standards of Practice, Agency IS Engagements,
    Hill Education/Outreach

8
Institute for Information Sharing Focus Areas
informing and assuring the IS planning
architecture process
  • Information Sharing Policy and Governance Our
    congressional and agency leadership are seeking
    an objective view of how to optimize current IS
    policies and programs. Focus Leverage existing
    implementations, innovations, and successes.
    (see Recommendations out of HSAC, Markle, CEG,
    GAO, DHS IG)
  • Cross Sector Collaboration (State, Federal,
    Industry) Establish an open and inclusive,
    trusted partnership structure and common
    architecture views that represents stake holder
    needs in terms of policies, business processes
    and viable solutions.
  • Solution Architecture Roadmap Establish
    standards of practice for agency specific IS
    Roadmaps. Inform critical stages of the Solution
    Development Lifecycle so as to expose the realm
    of the possible and lessons learned.
    Collaborate in the definition of common IS
    business processes, Information Flows,
    Information Exchange Models, Performance Metrics
    and associated SLAs derived from implementation
    best practices.
  • Information Exchange Establish innovative
    methods and meta data models that enable sharing
    of broadly distributed and unstructured and
    unclassified data (SBU). Target domains include
    Healthcare, Disaster Prevention, First
    Responders, Criminal Justice. Deferred
    Terrorist IS until ISE gets organized and ready
    to engage.
  • Solution Assessment Current Technology
    Assessment Acquisition preprocesses take too
    long, cost too much, and often lead to
    analysis/paralysis. Establish a virtual Solution
    Architecture Immersion and Self Certification
    program that leverages existing labs and
    testing/implementation results. Support DNIs
    CA Revitalization program, DHS/OSD/NSAs
    Software Assurance Program.
  • Leadership Education and Outreach Facilitate
    outreach for member organization to integrate
    multiple communities of interests, industry
    groups, and knowledge sources. Extend current
    Secure E-Biz CxO Summit and Leadership Awards
    program supported by Congressional Govt Reform
    Committee Chair (Davis).

9
IS Policy Governance Steering Committee Tom
Springer Verizon, Spanky Kirsch OSD NII, Tom
Mayhew-Oracle, Don Bryan-OSD HD, Linda
Millis-Markle, Fred Thompson-CEG, Richard
Russell-DNI
  • Objectives Finalize Charter and Activities of
    PPP. Identify policies, cultural impediments, and
    authority. How organizations should work
    together focused on specific mission threads
    Multi-national Information Sharing, Disaster
    Preparedness, Justice.
  • Assess Strengths and Gaps of existing policies
    and laws with regard to various information
    sharing mandates Multi-national, Disaster
    Preparedness/Response, Intelligence. Provide
    Outreach to congressional committees, other
    industry groups, and IS communities of interest.
  • Desired Outcomes and Timelines Review and
    Finalize Charter. Why this important one pager.
    What is impact on operation. Concept of
    operations, Define Message.
  • Stake Holders OSD NII, DHS OIA, DNI OCIO,
    DOJ/FBI, OMB/White House, L3-Com
  • Other Participants Don Bryan-OSD HD, Fred
    Thompson-Council for Excel. In Govt., Col.
    Torrez-OSD NII, Tarrazzia Martin-DNI OCIO, Dick
    Burk-OMB, Linda Millis-Markle, Jim Ganthier-HP,
    Tom Springer-Verizon, Dan Schutzer-FSTC.org,
    Mitch Komaroff-OSD NII, Congressional Staff
    members, Tom Mayhew-Oracle, Kevin Keenan-PRTM,
    Grace Mastalli-DHS IA

10
IS Common Services Building Blocks (Use Case) IPT
Rahul Gupta-PRTM, Theresa Phillips-DHS OIA
  • Objective Document (from existing studies and
    analysis) the IS key enablers/business drivers in
    terms of the OMBs Service Component Reference
    Model, a govt wide standard that was derived from
    industry best practices. Capture key enablers
    addressing Infrastructure, Application, Security,
    Content Mgt, Identity Mgt, Wired Wireless.
    Identify emerging standards, technologies,
    standards of practices and associated metrics
    that provide a common framework for communicating
    common IS services.
  • Operational Scenario Use Cases Strong Angel,
    MDA,
  • Desired Outcomes and Timelines Define 3-4 Common
    Scenarios that encompass most of the major IS
    problems, Service Component Specifications, a
    standardized ontology of services descriptions
    aligned with business needs. Enable better stake
    holder communications and agreements on required
    capabilities. A solution lexicon that can map
    common IS requirements with proven and available
    solution sets by problem domain.
  • Stake Holders DNI ISE, DHS HSIN, DISA, Joint
    Forces Command, NavAir, USMC OCIO, AF XI, FBI
    OCIO, Adobe, Oracle, Microsoft, Oracle, IBM,
    ISSA.org, DHS USCG MDA
  • Other Participants Fred Thompson-Council for
    Excel. In Govt., Tarrazzia Martin-DNI, Col
    Coleman-USMC, Joe Bardwell-Oracle, Carolyn
    Brubaker-Microsoft, Dr. Robert Blakely-IBM, Guy
    Thomas-USCG MDA, Al Mink- ICH, Chris Hauss-SFCG,

11
Information Exchange IPT, Michael Daconta
Oberon, Bob Greeves-DOJ NIEM, Theresa
Phillips-DHS IA
  • Objective Establish innovative methods to
    analyze broadly distributed and unstructured and
    unclassified data. Establish standards of
    practices for data exchange, data classification,
    Information Discovery, data tagging. Identify
    and leverage existing work products (ie. NIEM,
    OMB Data Reference Model, etc) that can be
    adopted to better enable domain specific
    information exchange implementations. Capture
    common information flows by Use Case
    Preparedness, 1st Responders, Critical
    Infrastructure Protection, Pandemic, etc.
  • Desired Outcomes and Timelines Common Use
    Cases, Information Exchange Reference Model,
    Information Sharing Use Cases, Best Practices
    Models. Leverage Global Justice Data Model and
    other valuable work products. Integrate health
    IT.
  • Key Stake Holders DHS OIA, AF XI, NRO, DNI
    OCIO, Navy, DOJ/FBI, IBM Tivoli, Oberon,
  • Other Participants George Romas-CACI, Willie
    Coleman -HP, Robert Greeves-DOJ NIEM, Karl
    Semmler-JFCOM, Jody Bell-HHS, John Loonst-HHS,
    Bob Gatanis-HP, Bob Babiskin-ICH

12
IS Immersion and Certification SAWG Robert
Steele-Symantec, Joe Jarzombek-DHS IA, Tom
Mayhew-Oracle
  • Objective Developing an emerging technology
    immersion center to better guide federal needs
    and assessment determinations.
  • Establish a common assessment framework and
    performance metrics for sharing
    testing/implementation best practices so as to
    speed up decision making process.
  • Define common metrics and measures for assessing
    as-is or to-be IS systems. Augment current CA
    activities that can inform decision making and
    reduce risk. Identify industry resources that can
    be leveraged.
  • Establish an Information Sharing Readiness
    Assessment process that builds on Architecture
    Assurance Method.
  • Desired Outcomes and Timelines Solution
    Architecture Assessment Framework, Performance
    Metrics, Federated Certification Program. An
    assessment of the value/role of, emerging
    technology and techniques for analysis of
    unclassified, unstructured and widely distributed
    data sources.
  • Key Stake Holders DISA, DNI OCIO, DHS IA, FBI
    Sentinel PMO, Financial Services Technology
    Consortium, Harvard School of E-Government, NIST,
    Georgia Tech Research Institute
  • Other Participants Sheryl Nicely-DNI, Ron
    Ross-NIST, Jim Simon/David Waldrop/Joe
    Rosack-Microsoft,

13
Outreach and Education Committee Kim
Nelson-Microsoft, Alan Balutis-Input
  • Objective Communication with multiple OCIs. Pull
    together existing capabilities.
  • Desired Outcomes and Timelines Bring together
    Healthcare, Justice, HS, PM ISE,
  • Key Stake Holders DHS OIA, AF XI, NRO, DNI
    OCIO, Navy, DOJ/FBI, IBM Tivoli, Oberon,
  • Other Participants

14
Concept of Operations
  • Funding Membership based
  • Applications
  • Government grants/contracts
  • Solution Audits and Certification

15
Institute for Information Sharing Charter
Highlights
  • Institute for Information Sharing a 501C6
    public/private partnership that builds on ICHs
    proven organizational structure processes to
    identify, model and leverage a wide range of
    industry expertise related to cross-sector
    information sharing, information protection and
    related public safety needs
  • Identify, model and validate existing
    implementation best practices and lessons
    learned.
  • Enable Sound Decision Making via Evidenced Based
    Research (architecture assurance method)
  • Establish standard terms, standards of practices
    that enables common building blocks
  • Capture IS Operational Scenarios Challenge of
    connecting with private industry in a structured
    way when dealing with CIP owners. Need
    information models for sharing sensitive but
    unclassified information. Looking for a phased
    approach by which stake holders migrate their
    respective systems.
  • Integrated Product Teams Working Groups The
    IIS will periodically report on findings of its
    domain specific Sub-Committees and Solution
    Architecture Working Groups, and provide a formal
    process for identifying, modeling and vetting
    industry best practices and lessons learned
    associated with emerging technical issues.
  • Education and Outreach Industry input will be
    compiled via focused surveys and working groups
    that are staffed by those with related/proven
    expertise (non-sales). Summary findings will be
    fully vetted and presented at various Domain
    Working Groups, SecurE-Biz Forums, and Town Hall
    meeting on an as needed basis.
  • Knowledge Exchange In addition, the IIS through
    is Working Groups will publish issues papers and
    Best Practices studies on an ongoing basis and
    will partner with trade journals, homeland
    security journals and other forums to ensure the
    widest discussion and distribution of its
    findings and recommendations.
  • Estimated Number and Frequency of Committee
    Meetings. The IIS meets bi-monthly, while its
    Integrated Product Teams, working groups and
    sub-committees meet more frequently to achieve
    timely outcomes

16
Concept of Operation for a true honest
brokerBuilding on 7 years of progressive IRD
  • Organized as a public/private partnership,
    501C(6), recognizing the both govt and industry
    need to engage and share the burden of success.
    Jointly funded via membership fees, grants,
    contributions in kind and service fees to cover
    cost and reimbursements.
  • Leverage proven business models Council for
    Excellence in Government, Financial Services
    Technology Consortia, Open Geospatial Consortia.
  • Open and inclusive structure that will maximize
    re-use of existing best practices, testing and
    implementation experiences and experts from all
    market sectors, not just Govt.
  • Funding sources would include subscription
    service structure based on organizational size/IT
    expense to accommodate all organization sizes.
    Tap into existing pool of knowledge, best
    practices, partner network, redlining of
    documents, mentoring. Contract mechanism for a
    PPP include grants, sole source, OTA (Other
    Transaction Authority), ICH GSA MOBI/GSA Schedule
    70
  • Employ proven mechanisms for mitigating conflict
    of interests and/or bias. All data submitted
    must be 100 evidenced sourced. No subjective
    analysis. No recommendations. Evidence should
    speak for itself.
  • Solution Domain Working Groups enable govt and
    industry to cooperate in developing standardized
    nomenclature and metrics for mapping common
    business needs with component services
    requirements based on implementation best
    practices.

17
IIS Building Blocks and Products reduces time,
cost, and risk of architecture and acquisition
processes
  • Real-time COTS Self Assessment Framework, where
    Government, Industry, Academia and Solution
    Providers can define realm of the possible and
    help assure the requirements and architecture
    processes.
  • Federated COTS Certification Coop that leverages
    the existing testing/integration labs within
    multiple information sharing domains finance,
    manufacturing, IT/Telcom solution providers, and
    government.
  • Real World Performance Metrics and SLAs captured
    from practitioners who together capture
    interoperability, scalability, security and
    business fit requirements required for
    Performance Based Contract, at a fraction of the
    current cost and time.
  • Actionable Solution Architectures that define
    Multi-vendor COTS Solution Sets. ICH evidenced
    based validation captures product specific
    heuristics from customer successes.
  • Best Practices CxO Exchange expanded Secure
    E-Biz CxO Summit and Solution Architecture
    Working Group (SAWG) to bring together Chief
    Executive Officers (CxOs) from Govt, Industry and
    Academia.
  • Risk Conflict Mitigation Methods for those who
    are seeking to inform the IT planning,
    architecture and acquisition processes. OMB A119
    encouraged.

18
Emerging Public/Private Partners accomplishing
together what none can alone
  • Federal Agencies
  • State/Local Agencies
  • Non-profit Industry Groups
  • Academia
  • Solution Providers
  • Commercial Leaders

Harvard Kennedy School Binghamton University
19
ICH provides a unique process and a collaborative
structureProviding our leaders access to the
collective expertise of many COIs
20
Leveraging ICH Funding Structureestimated 1st
year launch cost 1.5M
  • ICH Engagement Options
  • Government Membership 25-60k depending on
    annual IT Budget. On GSA
  • Corporate Membership 25-60k depending on Group
    revenue, level of service sought.
  • Small Business 10-25k depending on size.
  • Affiliate Member (Non-Profits/Academia) 5k
  • GSA Schedule 70 FFP Solution Architecture
    Engagements 100k, 150k, 250k, 500k.
    Economies of scale significantly reduce cost and
    time.
  • Fee for Service Past Performance Certification,
    Solution Architecture Audit, Mentoring, Outreach.
    A force multiplier that taps into the collective
    expertise from many partners/members. (based on
    daily rate of 1,870./day GSA rate)
  • SecurE-Biz Sponsorship Options 5-20k/event

21
Closing Remarks
  • Confirmed Public/Private partners over 50
    govt/industry groups
  • Industry Options Membership, Fee for Service,
    Contributions in kind
  • Govt Options Membership, Fee for Service (GSA),
    Grants
  • Standing up of Separate Working Groups Meeting
    schedule determined by IPT leads. Meeting hosting
    needed.
  • Next General Meeting Late July, early August
    Govt host needed (DHS or JFCOM)
  • Secure E-Biz Summit and Awards Program TBD
Write a Comment
User Comments (0)
About PowerShow.com