DHS information-sharing network is stuck in a rut, but success is still possible
The Homeland Security Department's chief information-sharing network is stuck in a rut. But it still might succeed if the department can strengthen it as a unique platform for intelligence and cooperation, according to experts reviewing the programs.
In the future, that might best be done if DHS focuses on building the strong points of its faltering Homeland Security Information Network by offering robust private-sector critical infrastructure intelligence, delivering unique information and capabilities related to the national incident management system and the national common operating picture and providing fresh intelligence from DHS' agents, experts said.
HSIN is the department's main external network. It links DHS with 17,500 users in state and local agencies and the private sector. The network has cost $75 million to develop thus far but still is experiencing fundamental problems, including duplication with other state and local systems, sporadic use and the lack of a clear mission, according to recent government audits.
DHS rushed the network's creation without assessing existing information-sharing initiatives, and as a result, it may be duplicating services available elsewhere, David Powner, the Government Accountability Office's director of information technology management issues, told the House Homeland Security Committee's Intelligence, Information-Sharing and Terrorism Risk Assessment Subcommittee May 10.
For example, DHS did not engage in ongoing dialogue with creators of two pre-existing law enforcement systems, the Regional Information Sharing System (RISS) and the Joint Regional Information Exchange System (JRIES), to develop a strategy that could meet mutual needs.
As a result, HSIN is underused. Only about 2 percent to 6 percent of the users are signing on to the network daily, according to a June 2006 DHS inspector general report. The network also is on the Office of Management and Budget's watch lists for poor planning and performance.
HSIN "was supposed to be the department's main pipeline for sharing unclassified information with state, local and tribal partners," said Rep. Jane Harman (D-Calif.), the subcommittee's chairwoman, at the May 10 hearing. "More than three years later, we are far from the robust system that was promised. What we have instead is kind of a mess."
Nevertheless, there are suggestions of how the troubled network can be turned around.
DHS is starting to make improvements to HSIN by hiring a program manager, identifying user needs, setting up an advisory committee and developing performance metrics. The department also needs to fix technical glitches and improve connections to other networks. But the key challenge is avoiding duplication and providing more useful and unique content for the network in comparison to RISS and other systems, Powner and others said.
Indeed, even though RISS was set up 10 years ago and has been successful in information sharing among law enforcement communities, it cannot replace HSIN for all users. "Some users are now tied to HSIN ? they like HSIN better than RISS, and some folks like RISS better than HSIN," Powner said. "The important thing moving forward is how do we integrate these applications and leverage them."
HSIN is fulfilling a need to reach a greater number of communities, such as fusion center directors, emergency managers, hospitals and private-sector operators. It also offers a possible connection to federal intelligence not available anywhere else. HSIN is offering unique intelligence in areas such as national incident management and private-sector information from critical sectors such as power plant operators, water treatment plant operators and hospitals, said Wayne Parent, deputy director of DHS' Office of Operations Coordination, which runs HSIN.
"I think the incident management piece is completely unique. I think the private-sector piece is completely unique," Parent said. In addition, the national common operating picture and its geographical components are not available to state and local partners anywhere else.
The hurdle that DHS must overcome is in appearing to demand more information from HSIN users than it provides to them, according to an expert closely involved with HSIN and other DHS networks who asked not to be identified. Instead, it must ensure it is building a two-way street with users. DHS has been in the habit of asking for intelligence from state and local sources without providing much useful intelligence in return. It must change its focus to develop more original intelligence that is useful to state and local agencies, the expert said.
Its best prospects for doing so are focusing on areas in which there is limited information available from other sources, the expert said. That would include areas such as private-sector critical infrastructure and intelligence from DHS' agents in the border, immigration and transportation security agencies.
Another idea is to focus on providing key information and assistance with the national incident management and the National Response Plan, said Ray Stuyvesant, chief executive officer of Washington-based CompuSat Services Inc., a subcontractor that has worked on HSIN networks.
"When HSIN originally rolled out, we didn't have the National Response Plan or
the National Infrastructure Protection Plan," Stuyvesant said. Now that they are available, they can be incorporated into the HSIN, he said. Also, to assist in private-sector information-sharing, HSIN can take advantage of access controls protecting private-sector information given to DHS to assure that it does not become public information, Stuyvesant said.
Another vision for HSIN is to make it into a type of super portal with a single sign-on and ready coordination among all the existing networks, including RISS, JRIES, the Law Enforcement Online and the Open Source Information System.
"The federal government should provide the funding needed to leverage existing information-sharing systems and expand intelligence sharing by executing interoperability between operating systems at the local, state, regional, federal and tribal levels using a federated identification methodology," said Donald Kennedy, executive director of the New England State Police Information Network.
"Local, state and tribal users should be able to access all pertinent information from disparate systems with a single sign-on, based on the user's classification level and need to know," Kennedy said.Staff writer Alice Lipowicz can be reached at firstname.lastname@example.org.