The intelligence community is about to get the equivalent of an adrenaline shot to the chest. This summer, a $600 million computing cloud developed by Amazon Web Services for the Central Intelligence Agency over the past year will begin servicing all 17 agencies that make up the intelligence community. If the technology plays out as officials envision, it will usher in a new era of cooperation and coordination, allowing agencies to share information and services much more easily and avoid the kind of intelligence gaps that preceded the Sept. 11, 2001, terrorist attacks.
For the first time, agencies within the intelligence community will be able to order a variety of on-demand computing and analytic services from the CIA and National Security Agency. What’s more, they’ll only pay for what they use.
The vision was first outlined in the Intelligence Community Information Technology Enterprise plan championed by Director of National Intelligence James Clapper and IC Chief Information Officer Al Tarasiuk almost three years ago. Cloud computing is one of the core components of the strategy to help the IC discover, access and share critical information in an era of seemingly infinite data.
For the risk-averse intelligence community, the decision to go with a commercial cloud vendor is a radical departure from business as usual.
In 2011, while private companies were consolidating data centers in favor of the cloud and some civilian agencies began flirting with cloud variants like email as a service, a sometimes contentious debate among the intelligence community’s leadership took place.
As one former intelligence official with knowledge of the Amazon deal told Government Executive, “It took a lot of wrangling, but it was easy to see the vision if you laid it all out.” The critical question was would the IC, led by the CIA, attempt to do cloud computing from within, or would it buy innovation? Money was a factor, according to the intelligence official, but not the leading one.
The government was spending more money on information technology within the IC than ever before. IT spending reached $8 billion in 2013, according to budget documents leaked by former NSA contractor Edward Snowden. The CIA and other agencies feasibly could have spent billions of dollars standing up their own cloud infrastructure without raising many eyebrows in Congress, but the decision to purchase a single commercial solution came down primarily to two factors.
“What we were really looking at was time to mission and innovation,” the former intelligence official said. “The goal was, ‘Can we act like a large enterprise in the corporate world and buy the thing that we don’t have, can we catch up to the commercial cycle? Anybody can build a data center, but could we purchase something more?
“We decided we needed to buy innovation,” the former intelligence official said.
A Groundbreaking Deal
The CIA’s first request for proposals from industry in mid-2012 was met with bid protests to the Government Accountability Office from Microsoft and AT&T, two early contenders for the contract. Those protests focused on the narrow specifications called for by the RFP. GAO did not issue a decision in either protest because the CIA reworked its request to address the companies’ complaint.
In early 2013, after weighing bids from Amazon Web Services, IBM and an unnamed third vendor, the CIA awarded a contract to AWS worth up to $600 million over a period of up to 10 years. The deal, handled in secret, was first reported by FCW in March 2013, sending ripples through the tech industry.
A month after the deal became public, IBM filed a bid protest with GAO that the watchdog eventually upheld in June, forcing the CIA to reopen bids to both companies for the contract. A legal struggle between Amazon and Big Blue ensued, and AWS filed a lawsuit against the federal government in July 2013, claiming the GAO sustainment was a “flawed” decision.
In October, U.S. Court of Federal Claims Judge Thomas Wheeler sided with Amazon and overturned GAO’s decision to force the CIA to rebid the contract. Big Blue went home, AWS claimed victory under the deal’s original financial specs, and nearly 18 months after the procurement was first released, the CIA and Amazon went to work.
It is difficult to underestimate the cloud contract’s importance. In a recent public appearance, CIA Chief Information Officer Douglas Wolfe called it “one of the most important technology procurements in recent history,” with ramifications far outside the realm of technology.
“It’s going to take a few months to bring this online in a robust way, but it’s coming,” Wolfe said. “And I think it’s going to make a big difference for national security.”
Securing New Capabilities
The Amazon-built cloud will operate behind the IC’s firewall, or more simply: It’s a public cloud built on private premises.
Intelligence agencies will be able to host applications or order a variety of on-demand services like storage, computing and analytics. True to the National Institute of Standards and Technology definition of cloud computing, the IC cloud scales up or down to meet the need.
In that regard, customers will pay only for services they actually use, which is expected to generate massive savings for the IC.
“We see this as a tremendous opportunity to sharpen our focus and to be very efficient,” Wolfe told an audience at AWS’ annual nonprofit and government symposium in Washington. “We hope to get speed and scale out of the cloud, and a tremendous amount of efficiency in terms of folks traditionally using IT now using it in a cost-recovery way.”
Many agencies within the IC already have identified applications to move to the cloud. In a recent report, National Reconnaissance Office Chief Information Officer Donna Hansen said her agency had picked five applications, including its enterprise resource planning software, to migrate to the IC cloud. As with public clouds, the IC cloud will maximize automation and require standardized information, which will be shared through application programming interfaces, known as APIs. Amazon engineers will oversee the hardware because AWS owns the hardware and is responsible for maintaining it just as they do in the company’s public data centers.
Whenever Amazon introduces a new innovation or improvement in cloud services, the IC cloud will evolve. Company officials say AWS made more than 200 such incremental improvements last year, ensuring a sort of built-in innovation to the IC cloud that will help the intelligence community keep pace with commercial advances. Wolfe said AWS’ capacity to bring commercial innovation from places like Silicon Valley to the IC is one of the contract’s greatest benefits. Whenever AWS introduces new products, the CIA will be able to implement them.
“The biggest thing we were trying to do—the visionary folks a couple years ago—was answer the question, ‘How do we keep up?’” Wolfe said. “The mission we have is important. The pace and complexity is really not [diminishing], in fact, it may be increasing. We feel it is very important to deliver the best IT and best products and services we can to our customers in the IC.”