Originally Broadcast on September 24, 2012
Michael Keegan: Welcome to The Business of Government Hour. I'm Michael Keegan, your host, and Managing Editor of the Business of Government magazine.
It is critical to the safety and security of this country that we improve the sharing of terrorism, homeland security, and weapons of mass destruction-related information across federal, state, local, private sector, and international partners. When examining the full scope of information sharing and protection, there are many widespread and complex challenges that must be addressed and solved by multiple agencies and organizations together.
The risk of a future WikiLeaks incident can be reduced, but fixing these government-wide challenges is complex, difficult, and requires a staying commitment. To do this right involves cultivating the horizontal, cross-cutting, data-centric information sharing and protection capability.
What is the Information Sharing Environment? How is information sharing maturing across the ISE? What are the biggest challenges facing the ISE? And to what extent does the pursuit of standards limit or defeat innovation? We'll explore these questions and so much more with our very special guest, Kshmendra Paul, Program Manager for the Information Sharing Environment.
Kshmendra, welcome to the show. It's great to have you.
Kshmendra Paul: Well, thank you so much for having me. It's a pleasure to be here.
Michael Keegan: Also joining our conversation from IBM is George Cruser.
George Cruser: Thank you.
Michael Keegan: Kshmendra, before we delve into specific initiatives, I think it would be helpful to provide some context. So what exactly is the Information Sharing Environment or ISE? And perhaps, you could offer some practical ways of thinking about this concept.
Kshmendra Paul: That's a great question. I get asked that a lot. The ISE is a complicated topic. The way I think about it is that the ISE is a collection of normalized mission and technical capabilities distributed and decentralized across all of our mission partners, federal, state, local, tribal, and private sector entities.
The ISE is delivered by interconnecting existing networks, systems, and databases working with industry and standards bodies to adopt required standards and other frameworks. The ISE harmonizes and standardizes information processes based on shared mission equities. And finally, the ISE strengthen information safeguardings, including protecting privacy, civil liberties, and civil rights of the American people.
A practical way of thinking about the ISE is to think of it as an information analogue to the interstate highway system. The same way the interstate highway system knit together this country post-World War II, the ISE is intended to be the information fabric enabling whole of government responses to national security and public safety challenges that face our nation.
Michael Keegan: Would you give us an overview of the history and evolving mission of the Office of the Program Manager for Information Sharing Environment? What was the genesis for creating this government-wide entity, and how is its mandate evolved to-date?
Kshmendra Paul: Absolutely. My office is a core part of the government's response post-9/11. It was called for directly by the 9/11 Commission. A series of seminal reports issued by the Markle Foundation in the last decade really sketched out in great detail the vision for the Information Sharing Environment. The statutory and policy core for the office come from three pillars: the Intelligence Reform and Terrorism Prevention Act of 2004, Executive Order 13388, further strengthening terrorism-related information sharing, and the 2007 National Strategy for Information Sharing.
From our inception, our office has had a particular focus in two areas. First, the domestic information sharing architecture, really the nexus between public safety and national security, what some in the law enforcement community talk about in terms of the nexus between homeland security and hometown security. Second, our office has had a focus on identifying, integrating, and disseminating best practices around responsible information sharing, management and integration, really a direct line from the government reform efforts around information resources management that were anticipated with legislation like Clinger-Cohen, the E-Gov Act of 2002, FISMA, the Privacy Act and other related t legislation.
Michael Keegan: With such a critical cross-agency government-wide mission, I'd like to get a sense of the scale of operation you support. Would you describe how the PM-ISE is organized, the size of its budget, the number of full-time employees, and what are the core communities your efforts work across and why?
Kshmendra Paul: My office has just under thirty government employees, with about half of are agency assignees working on specific projects on behalf of those agencies or detailees. We have a number of contractors augmenting our government team with specific skills. We're organized into four divisions plus two supporting teams. The four divisions are Mission Programs, that's where we do our work with state and local law enforcement and other mission programs across the government; Standards and Architecture, which is a primary touch point with industry; Assured Interoperability, which is more like a technical CIO program coordination function; and Management and Oversight, and that's where we do performance budget integration, strategy policy, and governance work.
The two supporting teams which work across all four divisions are stakeholder engagement and staff operations. The budget is between 20 to 25 million a year. Under a third goes to pay for government employees and administrative sort of expenses. Over a third goes to support our contractors, and contract work forces, and about a third goes to support what we call our implementation fund. A unique capability of our office is our ability to seed fund. We usually coinvest with agency mission partners to accelerate development of the ISE.
A great example of that is the work we did to nurture the Nationwide Suspicious Activity Reporting Initiative. Over the last number of years we've invested about $50 million in the NSI with agency partners like FBI, DOJ, DHS. That's been a flagship of our office and a big success. Just under 300,000 front-line officers are now trained in the 16 behaviors that are reasonably indicative of terrorism-related activity, preoperational criminal planning. We have privacy policies in all of these states that are as comprehensive as the Presidential ISE Privacy Guidelines. Twenty thousand suspicious activity reports have been vetted to the functional standard we publish and maintain. And the FBI has opened up about 1,000 cases around SAR-like activity or SARs coming out of the NSI or their eGuardian application which is part of the nation-wide suspicious activity reporting initiative.
So that's an example of how we use our implementation fund to help accelerate the implementation of the ISE.
George Cruser: Kshmendra, I'd like to delve into your specific role as the program manager for the Information Sharing Environment so, you know, if you could tell our listeners a little bit about your specific responsibilities, and then, you know, given that this doesn't really have an operational mandate, how you use your soft power in order to get things done.
Kshmendra Paul: That's a really good question because we are not in the chain of command. My specific responsibilities as program manager are to plan for or oversee the agency-based build out and manage the Information Sharing Environment.
The President, via the Director of National Intelligence, has also delegated his responsibilities as it relates to the Information Sharing Environment, in particular, implementing the five guidelines. I mentioned privacy before. The other guidelines are things like common standards, a common framework for sharing between federal, state, local, tribal, and private sector, controlled unclassified information which has now moved to NARA, and international information sharing. We do that across the five communities: law enforcement, homeland security, intelligence, defense, foreign affairs.
Additionally, the White House sets annual priorities through programmatic guidance issued jointly between the National Security Staff and OMB to the agencies. Now, you know, how do we actually operate? What does soft power like for us? Really, I put it into three buckets. We have a top-down. We have a bottom-up, and we have an outside-in. And I talk about these at length in the annual report to Congress we just delivered. You can find that on our website, www.ise.gov.
Let me talk about each of those buckets where our soft power resides. First, we have the top-down. I co chair a White House policy committee around information sharing and access. We work closely with OMB on implementation guidance to the agencies, budget performance integration, and performance metrics. We have the implementation fund I talked about earlier. And the softest tool we have but probably the most powerful is our ability to identify best practices. Over time, that really does work. What we think and what we've heard from others is probably the leading information integration framework in the public sector around responsible information sharing. So, you know, we've got that top-down, both legal and moral authority leadership capability so that's kind of the first pillar.
The second pillar is the bottom-up. Since inception, we’ve been very strongly focused in the domestic architecture, information sharing, intelligence, domestically. Our strongest advocates are the state and local agencies, the law enforcement community, that have seen themselves become fully integrated partners into the national information sharing architecture, the national network of fusion centers, suspicious activity reporting are two sort of flagships there. So, you know, that bottom-up, and in particular, these stakeholders and more broadly, other stakeholders, view us as an honest broker. You know, we're able to bring in their requirements, listen to them, and give them a way to plug into national policy conversations around responsible information sharing. So we've got the top-down. We've got the bottom-up. But even that's not enough.
We have a third area where I refer to as outside-in. That's really our work with industry. This is around maturing our standards, working with industry and standards organizations around our standards, interoperability standards framework, looking at opportunities to better leverage procurement policy, to use standards so that government can buy interoperable solutions that can together plug in and create the capabilities required to be delivering the Information Sharing Environment.
You know, on this last one, there are three great examples. One is the Federal CIO Council's work on the Federal Identity, Credential, and Access Management roadmap. We're fully aligned with that, and that's the basis of the National Strategy for Trusted Identities in Cyberspace. We're seed funding a project jointly with the GSA called the Back-End Attribute Exchange that will support attribute-based access control to data across mission partners, federal, state, local. We're quite excited about that working with Kathleen Turco and her group over there. That's the place where the FICAM work anchors underneath the CIO Council.
Second is the National Information Exchange Model. It's at the heart of our standards framework, and we've done a lot of interesting work there in partnership with the broader NIEM community, and in particular recently something called the UML Profile working with the Object Management Group, an international standards organization. So in a nutshell, what this means is that all this NIEM work we've been doing here in the federal government now is aligned with mainstream, leading-edge, best practices around information management, information integration.
You, know, third, we've been working with the American Council on Technology Industry Advisory Committee with our partners at GSA to get recommendations about how to better leverage standards in the government's procurement process. The federal acquisition regulations are anchored over at GSA in Kathleen's area, and she and I have been working to get these recommendations. We're quite excited by the work that's been happening and expect it to come to closure very soon and be able to, you know, act on those recommendations.
So, you know, in a nutshell, you're right. We're not in the chain of command. It's soft power, but we have this innovative approach that combines traditional top-down with bottom-up and outside-in, and we're getting momentum in all those dimensions, and I think we've been able to position the office as a platform for agencies to derive informational transformation.
George Cruser: So there's certainly a lot responsibilities there kind of sticking with the power of three, the three buckets you talked about. I'm interested in what the three biggest challenges you face are.
Kshmendra Paul: Only three?
George Cruser: Just three for today.
Kshmendra Paul: Yeah. Well, there are actually four I'd like to highlight. Hopefully, you'll let me sneak in a little bit of a scope on this one, a little bit of growth here. You know, the number one issue 11 years post-9/11, is retaining the urgency and prioritization of accelerating responsible information sharing. That's the, you know, kind of our number one challenge. We've had a lot a progress. We've made progress. Last year, the 10-year anniversary, commentators inside and outside the government all recognized the progress we've made on information sharing post-9/11, but there's more work to do, and it requires focus and prioritization.
The number two challenge is new, and it's just as big. It's the structural financial challenge faced by agencies in the public sector. It's bad at the federal level. It's much worse at the state and local level.
Number three is the evolving increasingly integrated threats that span national security and public safety missions. Terrorism is a great example, but things like cyber human trafficking, transnational organized crime, and prescription drug diversion, are a whole variety of missions and threats that are increasingly integrated and intertwined and evolving.
And four is the tsunami of information and the imperative to correlate disparate bits of information across the distributed ISE. There's lots of data, and I think this is something I'd like to talk about a little more.
Now, what are we doing about these things? The first two, retaining the urgency and the structural financial challenges, we think they go together. Part of our challenge in the ISE is to continue to make sure we're relevant to the top priorities of our stakeholders, Congress and executives, and the agencies and so forth. We think that there's an efficiencies imperative that actually gets realized by our work on responsible information sharing. We think the tools that we're talking about, the best practices approach to information sharing integration and management will reduce duplication and redundancy, allowing for increases in productivity. So we think that there are, you know, opportunities there.
You know, in terms of the third thing I mentioned, the evolving threats, integrated threats; we're seeing that our mission partners increasingly want to leverage the assets we put in place as a community, the national network of fusion centers, for example, to address additional threat areas. Now, that's always been the vision. The state and locals talk about it, and all crimes focus with the fusion centers. All the fusion centers are owned by state and local law enforcement, two-thirds by state police colonels, all the rest are major urban area fusion centers aligned with regional law enforcement and public safety players. They have a mission that spans well beyond terrorism. For them, they look at terrorism as a narrow slice of their business, critically important, but they also want to deal with, you know, crime guns, gangs, drugs, and those sorts of things so they are looking at that and we see it as our role to help facilitate that conversation.
Finally, in terms of the volumes of data, we see our best practices approach to responsible information sharing is a key contribution. An example here is we're working with several agencies, DHS, NCTC, and others, to improve how terrorism-related data sets move across the government. So as we're able to implement enterprise data management ideas, we can develop repeatable processes and leverage shared services. You know, that'll result in efficiencies over time. Then improve data quality which will improve the mission performance.
George Cruser: You're a trained engineer. Can you give our listeners a sense of where your career started and what you did it leading up to the job you have today?
Kshmendra Paul: Yes. I am an engineer and proud of it. I'm also an entrepreneur. I went to the University of Maryland at College Park for my graduate and undergraduate electrical engineering degrees. I spent the bulk of my career in the San Francisco Bay Area working in a variety of information technology companies and new ventures. Some I cofounded; some I raised venture capital. One venture we sold to America Online.
My wife and I, we moved back to Washington to raise our children close to family. D.C. is a company town, and I found myself being recruited to join the Department of Justice back in September 2005. I never saw myself working in the government, but I remember how I felt at 9/11. I wanted to be a part of the solution, and I thought my skills could make a difference. My job at DOJ was to develop the enterprise architecture for the Department. Now, it doesn't quite work to knock on the front door of the Hoover and say, I'm from corporate. I'm here to help. That doesn't really play well. The way I made myself relevant to the Department of Justice was by going outside and partnering with state and local law enforcement around the law enforcement counterterrorism information sharing mission and then bringing that back into the Department.
The way we did that was by engaging in the advisory committee, the Attorney General's Advisory Committee on information sharing issues, global justice, the Criminal Intelligence Coordinating Council, and, you know, taking a leadership role in developing and delivering the National Information Exchange Model. So I was doing that under Van Hitch's leadership at DOJ and his counterpart at DHS.
Based on that success, in 2007, I got a call from Karen Evans who was then the federal CIO, and she pulled me up to OMB to be the federal chief architect. I was at OMB for four budgets, three years, two administrations, and had a successful run there. My success was based on building relationships and partnerships across the federal IT community and the White House and industry and trying to tackle the same sort of cross-cutting information integration issues, shared services, and the like. Information sharing was part of my portfolio at OMB, and at this administration, I got pulled into the information sharing issues. I worked with the Information Sharing Environment office going back to when I was at DOJ and was designated by President Obama in the late spring of 2010 to be the current program manager.
So, you know, it's interesting. I'm a classically trained engineer and then evolved into being an entrepreneur. The class I use the most these days is high school civics, trying to think about how you make whole government solutions work across our federated democracy and open society. Its fascinating work and I get to bring in a lot. I'll tell you a secret if you promise not to tell anybody. Most days I pinch myself because I can’t believe that I get to do what I do. It's really great.
Michael Keegan: That's a great segue to understanding -- given your unique role of your office and also your background, what are the characteristics of an effective leader?
Kshmendra Paul: My answer is colored by my training as an engineer and entrepreneur. Lots of different management styles, but I definitely have a point of view. So I break that into two parts: thought leadership and leading transformation. I believe that thought leaders must start with partnerships and listening to practitioners at all levels and be able to integrate and put forward informed and credible visions rooted in informed and organized bodies of knowledge.
Clearly, thought leaders have to have a point of view. That's the definition of a thought leader. But a thought leader without being rooted and anchored in existing knowledge and relationships and partnerships is, you know, not really useful.
Now, for transformation leaders, it's absolutely essential to be credible from an operation or execution perspective. You have to have a good track record. That's only a starting point. You must extend into visible listening skills, empathy for the mission, demonstrating integrity and how you make decisions, clearly and predictably communicating, and transparent operation. So all of those things have to come together to create the confidence and transformation.
Now, I separated the thought leadership from the transformation because they are distinct aspects of my job. What we're doing at the PM-ISE and what we're doing with the ISE more broadly is new. It's not like there's existing models for doing this sort of thing. As a matter of fact, if there were, the agencies could just do it. You wouldn't need to have an office like mine.
But in addition to thought leadership laying out the vision in a credible and detailed way, you need to execute also. So both of those things must come together. Several folks have influenced my leadership style. You know, they're too many to enumerate them all, but I do want to highlight a few that are familiar to your listeners. I mentioned Karen Evans before. Karen always impressed me with her willingness to tackle hard deeply ingrained challenges and also her willingness and ability to empower and support leaders across the government.
Van Hitch was a visionary with his support for NIEM and his longstanding role as a CIO, and I think he retired as the dean, the longest serving CIO in the federal IT community. Donna Roy at DHS is one of the smartest enterprise data management professionals that I know, and I love the interaction we have in terms of driving the thought leadership for what we both do. Tom O'Reilly, who spearheaded the development of a nationwide suspicious activity reporting initiative, I'm honored to call him a friend and a mentor. And there are many others, too many to enumerate, but those are just a few of the folks.
There are two other folks I'd like to highlight, Director Clapper, Director of National Intelligence Clapper and Principal Deputy Director Stephanie O'Sullivan. They are both excellent leaders and managers and have created an inclusive, collaborative, thoughtful, and performance-focused environment in the office of the Director of National Intelligence. And so in my work, managing the office, I model on both of those individuals.
Michael Keegan: What is the national strategy for the Information Sharing Environment? We will ask Kshmendra Paul, Program Manager for the Information Sharing Environment when our conversation continues on The Business of Government Hour.
Welcome back to The Business of Government Hour. I'm Michael Keegan, your host, and our guest today is Kshmendra Paul, Program Manager for the Information Sharing Environment. Also joining our conversation from IBM is George Cruser.
Kshmendra, you described the Information Sharing Environment, ISE, and the role your office plays in making your reality. But now, I'd like to talk about the strategic vision that frames it. Would you tell us more about your efforts to recraft the national strategy for the Information Sharing Environment that takes a whole-of-government approach? How does it guide the implementation of responsible information sharing and practices across the government?
Kshmendra Paul: Coming into the role, the White House asked us to take a look at refreshing the 2007 national strategy for information sharing. Now, we did a tremendous amount with our mission partners and with the White House, a tremendous amount of outreach and synthesis, to try to look at that question. And while we were doing this, the WikiLeaks breach occurred, and that's a pretty major event, and there's been a real focus on remediating the safeguarding challenges and the real realization by all stakeholders that sharing and safeguarding are two sides of the same coin and we need to share responsibly. Responsible information sharing is a one-way street and we're going down that street.
So where we are right now in the process of refreshing the strategy is the White House continues to develop the new national strategy for information sharing and safeguarding explicitly adding safeguarding. Now, we see great potential for the new national strategy to confirm the importance of the plans we have in place, including the goals of the office, the way forward that are described here in more detail in our annual report, and in the annual planning execution we do with the interagency and our nonfederal partners.
We think the strategy also has further potential to assess with leveraging our tools, the tools we created in the office, our office as a platform more broadly. Now, the new strategy doesn't replace the 2007 strategy. We think the 2007 strategy lays a solid foundation in particular, you know, with our domestic-focused activities. The new strategy is evolving and is looking to build on that solid foundation and lifts up to a stronger and broader focus on responsible information sharing and safeguarding.
We fully support the National Security Staff who are in the late stages of shepherding the national strategy through its development and release.
George Cruser: What are some of the biggest challenges facing the ISE and the various agencies' communities that operate in it and own that environment? What are some of the core capabilities and tools you use to assist in overcoming these challenges and spreading the adoption, as you mentioned earlier, of best practices?
Kshmendra Paul: You're asking about the view from the agencies. What I hear from my mission partners, federal, state, local, tribal, is that it really boils down to two themes. First, they're all under varying degrees of financial pressure. It's either bad or really bad, and the degree to which working with a government-wide initiative such as the ISE is viewed as a tax, versus an enabler. Folks are wary.
Second, as a government, we're still fragmented with our programmatic management processes and how we make decisions across agency and program boundaries. Now, these two themes are not new. You know, we're loud and clear when I was at DOJ. At OMB, we lived in this, you know, the Office of Government and IT. So they're broader than just the ISE, but the ISE is a government-wide initiative. They come into play. You know, as we think about these themes, it has contributed to our view of the tools that we've developed in the top-down, bottom-up, outside-in approach that we're trying to position by bringing in state and local agencies to the table in a coherent and clear way. The office is able to accelerate and lower risk on core federal initiatives that are aimed into that space. By working with industry and standards organizations, we enable interoperability of independently procured systems, potentially lowering the risk, cost, and increasing performance.
Two specific examples I'd like to highlight here are implementation fund and our dispute resolution capability. You know, we make strategic seed investments with our mission partners, and what we found is that the kinds of projects we funded are projects that are high value to the agencies that lead to the development of core capabilities of the ISE but have an inherent risk profile around the interagency and because of that, wouldn't normally be pursued by a specific agency, but that's our sweet spot. We're able to factor those risks, and, actually, we've had a pretty high success rate. I've talked about suspicious activity reporting. Another example is we did a project with the Domestic Nuclear Detection office on integrating real-time rad-nuke sensor data across federal, state, local providers. They did the work. They did a great job. They did a demonstration where they were able to integrate real-time rad-nuke data from necklaces that firefighters wear to CBPs big scanners and portals. And they were able to share this information between federal agencies, a couple of fusion centers, and twelve fire departments. And everybody could use their own viewers to have a real-time operating picture of the sensor information. So that's kind of one tool that we use here in our implementation fund.
We're also able to facilitate the resolution of disputes. We're not in the chain of command, and we can't impose any solutions, but we're an honest broker, and we're recognized as such, and we bring the variety of tools so that we can help identify creative solutions that have made a lot of progress in previously intractable or difficult challenges.
Best practices is a key idea. You know, we're staying invested in a tool we call Building Blocks of the ISE. You can find it, again, on our website, www.ise.gov. Building Blocks is a knowledge management tool. What we've done here is taken the work that we've done over the last number of years, the work in the interagency partners, federal, state, local, and packaged it in different functional areas, right, answering questions. It almost becomes a how to for folks that want to do responsible information sharing, want to leverage the best practices that we've packaged but aren't students of the ISE, and don't live in the work that we do every day. So we've got a lot of good feedback on that, and we see it as a first step towards, again, packaging our work and making it more accessible to folks to be able to leverage at arm's length.
Michael Keegan: So they're a tremendous number of concepts that sort of stream around the ISE. I want to actually get into one in particular, and that's interoperability. Could you tell us what actually it means? What does interoperability mean as respects networks and data, and why is it so important to the success of ISE?
Kshmendra Paul: Yeah. It's at the heart of what we do. Key to our approach to interoperability is to understand that we're focused mostly at the policy and business process level while we're looking at the complete stack. So where we're adding the most value is at the policy level, the business process level, and data level, and then, we're leveraging and profiling, frankly, industry standard approaches at the network and lower levels.
At the business process level, for example, we focus on functional standards for information exchange based on common mission equities. We use the NIEM framework, the National Information Exchange Model, and specifically within the NIEM, we use something called Information Exchange Package Descriptions or IEPDs. While it's a long name, what it boils down to is clear, shared, and detailed use cases that precisely describe what information is shared and what context to support the mission. It does it in a formal way. You can then translate it into logical interoperability.
Now, at the network level, we align on an active support government-wide and mainstream standards. It's kind of that approach I mentioned earlier and I'll highlight here, the Federal Identity, Credential and Access Management road map, which is the basis for the National Strategy for Trusted Identities in Cyberspace is driving interoperability at the identity and access control level across the government.
George Cruser: I'd like to delve a little bit more into the National Information Exchange Model and ask you to elaborate a little bit more on the role it plays in moving the ISE vision forward.
Kshmendra Paul: NIEM is at the heart of our interoperability framework. NIEM has experienced tremendous uptake in the public sector. Nineteen federal cabinet agencies are using it. It's being adopted in Canada, Mexico, and Europe, and more importantly, industry and independent standards organizations are seeing the value, and we're aligning with that approach so we have a pathway for greater degrees of industry engagement and involvement.
We just completed an effort to align NIEM with mainstream best practices on our information management and model of an architecture via the NIEM UML profile. Now, UML is the lingua franca for information management, information modeling. With the NIEM UML profile, we're going to be able to leverage UML tools to do NIEM-based work. Now, vendors are starting to ship implementations. It's quite exciting to see that. Some of the early implementations I've seen are being described as game changing in terms of the paradigm for developing NIEM IEPDs, information exchanges and implementing those. The skill level required is being abstracted away in the tool. It used to be that it requires somebody that had a degree of XML schema, what's called XSD expertise, which is a narrow skill set. Now, folks that have the business analyst skill set and have some awareness of XML are able to do the bulk of the work around developing NIEM exchange specifications.
Because it's UML based, too, we're expecting to see this cascade down the information life cycle so enterprise software vendors, for example, will start to develop support to take a NIEM IEPD to develop in a more streamlined manner web services that are NIEM-enabled. So, you know, that is the promise of model-driven architecture, and we're actually seeing that one vendor in particular is out in front, and we expect to see multiple implementations like that over the next 12 to 18 months.
Michael Keegan: There has been significant information sharing improvements within individual agencies. Many of these have been documented. Could you tell us more about the nationwide suspicious activity reporting initiative and the extent to which it represents a foundational success for your efforts going forward? How are you building on it, and what lessons can be learned from it?
Kshmendra Paul: You know, we found that the nationwide suspicious activity reporting initiative allowed us to develop many aspects of the ISE in a contained, albeit national scope environment. So the scope of the ISE is huge. The scope of NSI is still huge, but it's much more contained, and we're able to actually make progress on key aspects of the ISE. Take the ISE SAR functional standard which defines the 16 behaviors that are reasonably indicative of preoperational criminal planning or terrorism-related activity. This standard was developed across our stakeholder, the federal, state, local, tribal mission operators. We tested it in an evaluation environment, twelve fusion centers. We engaged with all the privacy advocacy groups, the American Civil Liberties Union, the Electronic Frontier Foundation, the Center for Democracy and Technology, all of the different advocacy communities.
And through that process, we were able to evolve the standard, get buy-in, be able to roll it out more broadly to where now, about 300,000 front-line officers have been trained, and we're actually expanding now beyond law enforcement to the public safety community more generally. In partnership with DHS and DOJ and FBI, we use our implementation fund to seed fund the development of training with the professional societies so we're targeting now the 2.3 million private security guards, 1.3 million firefighters. Seventy-five percent of them are volunteer, over 100,000 9/11 call center operators, corrections and probations, emergency management, and folks like that. So the shorthand for that what we call home town partners, right, this idea that there's a nexus between homeland security and home town security. And, again, it's an interesting example of how our engagement model works. We do this work in partnership with the professional societies and the agencies. It works pretty well. We're paying for the development of the training material, but the delivery of the training material is all happening out, and it's distributed in a decentralized way, again, going back to those 300,000 police officers.
We're not paying their salaries. I mean, we're this leadership function. The agencies are doing key work, but the vast majority of the cost of the national network of fusion centers, the NSI, is borne by our state and local partners. But the benefit is accruing to the nation in terms of the counterterrorism mission. So it really is Whole government in action. That goes to, you know, another aspect of it. It allowed us to develop our governance structures, how we do engagement to build confidence. You know, privacy policies, that's a key area, too. This works because of the protection of privacy civil liberties and civil rights. All 50 states have privacy policies as comprehensive as the president's policy guidelines. The local control is critical and it is what allows us to have the legitimacy in the community to do this. So it's really been important.
Michael Keegan: Well, you've mentioned fusion centers several times. I'd like to delve and explore exactly what they are. What is a fusion center and how does the national network of fusion centers factor into your overall strategy?
Kshmendra Paul: Fusion centers, in this context, are the key nodes the government uses to share terrorism-related information with state and local agencies. And it's bidirectional, and it's also peer-to-peer. In this country, in our federated democracy, we have 18,000 law enforcement agencies, 90 percent of which have 50 or fewer sworn officers. The fusion centers become the key nodes, the linchpins, for how does the government actually touch all of those agencies in a controlled way that respects the sovereignty, 10 Amendments to the Constitution, separation of powers, though it's not explicitly enumerated. The federal government goes to the states and so forth so that's key. So the fusion centers are key that way. They're owned and operated by the states or major metropolitan areas. Two-thirds of them are run by the state police organizations in the different states, and the other third are regional or major urban area kind of fusion centers.
The fusion centers are defined by four critical offering capabilities. So fusion centers have the ability to receive urgent, potentially classified alerts, warnings, and notifications, conduct risk analysis based on local considerations, further disseminate required actionable information to front-line public safety partners, law enforcement, but also other public safety entities, and then gather, vet, and share information. The flagship there, of course, is suspicious activity reporting so it's the entire intelligence cycle.
So in a nutshell, fusion centers are the vehicle for integrating state, local, and tribal agencies into the Information Sharing Environment. We're currently working to identify, integrate, and disseminate existing best practices for private sector integration, leverage infusion centers. Many fusion centers have robust liaison officer programs and have connectivity to the private sector. We think we can model as best practices and extend that more broadly to better integrate the private sector.
You know, and another area where were working kind of going forward here is what I call the last mile issue. You know, we have a lot of very small departments so how do we more effectively integrate those smaller departments into the national architecture. So that's another area the national network is very focused on, too.
George Cruser: As you talked about literally having thousands of stakeholders in your work to help address critical law enforcement information sharing gaps, issues, and judges, I'd like to ask you about your efforts to reinvent the public safety business model and what implications does such an effort have?
Kshmendra Paul: Thousands, tens of thousands of stakeholders. The number gets even better, right, when you include the private sector, and clearly we work with our mission partners, right. We have to work with the federal agencies and so forth.
The public safety business model reinvention idea, so as we conducted outreach with our state and local stakeholders around the refresh of a national strategy, an overwhelming thing came back. State and local agencies are getting crushed under the weight of budget cuts. Law enforcement is no different than other aspects of state and local government. You know, faced with the need to build on the initial successes with a national network of fusion centers and initiatives like suspicious activity reporting, evolving increasingly integrated national and international threats, and these budget cuts, state and local leaders we interacted with telegraphed a willingness and a sense of urgency on taking a fresh look and looking at things holistically.
You know, there's a saying that's attributed to Ernest Rutherford that my boss, Director Clapper, uses, and I heard first from him. It goes something like, when you run out of money, you have to start thinking. So, you know, what we're hearing from our state and local partners loud and clear is that it's time to attack the fragmentation in the system in a thoughtful and creative way using information. We're fragmented geographically. I talked about the 18,000 law enforcement agencies. The number gets to be around 80,000 when you include all of the different public safety partners outside of law enforcement.
We're also fragmented programmatically. Think about this. We have fusion centers from the war on terror. We have HIDAs, High-Intensity Drug Trafficking Areas, from the war on drugs. We have RISS centers, Regional Information Sharing System centers, regional organized crime. It came up in the '70s. We have safe street task forces, safe community task forces. I mean, the list goes on. Individually, they all make sense. Collectively, can we do better? Can we look at, you know, colocation, virtualizing back-end, shared services, cloud-like approaches, standardization, standards-based procurement? The answers are yes, yes, yes, yes, yes, and yes.
But it's not just about cost savings. Let me give you an example. Case and event deconfliction. Officer safety is a critical issue. It's a priority for the Attorney General. We've had a spike in the line-of-duty-related deaths over the last couple of years. Deconfliction is a key tool in terms of avoiding blue-on-blue incidents. But it's also a resource allocation tool looking at case deconfliction. It's also an intelligence generation tool, right, if you're able to be able to connect different, disparate activities. So, you know, case and event deconfliction has got to be a part of looking at reinventing the business model and as a tool to realize efficiencies, as well as protect lives.
We have a degree of buy-in for this idea. The International Association Chiefs of Police endorsed it in their executive committee in their big annual meeting in Chicago last year. I did a webinar with Chief Walt McNeil, the president of the IACP a couple months ago. They did a blog post on my website about that. You know, it was focused on this idea. We've been working with the Attorney General's Advisory Committee on this area. I mentioned before global justice. They're made up of all of the different state and local public safety organizations, fully represented there. And they're actively working on this idea.
It's an idea whose time has come, but it's a complex idea. It involves a lot of change and transformation, and it's a kind of systematic look that is overdue, but it's a multi-year, decade-long kind of transformation.
Michael Keegan: To say that the Information Sharing Environment is complex may be the biggest understatement in this conversation, but it's comprised of a lot of organizations with diverse cultures, missions, and methodologies. I'd be interested to know what is your office doing to optimize the ISE mission effectiveness?
Kshmendra Paul: Yes. We do a lot in this area, and I'll give you a specific example to make things real. We've partnered with GSA on something called the Back-End Attribute Exchange so the idea here is if you want to share information across organizational boundaries, you need to be able to share information about people, attributes about those people, across organizational boundaries, and you need to be able to share attributes about the data that they want to access or discover. So you can do policy enforcement around access or on discovery and things like that. So that's known as Attribute-Based Access Control. Some people talk about it as smart data these days.
And I'll give you a tangible example of that. So with criminal intelligence information, there's specific training that law enforcement officers have to undertake, 28 CFR part 4 sort of training that is administered by different organizations, and they have to maintain credentials and currency in handling of criminal intelligence information, separate from any national security considerations. This might be gang information or whatever.
With those attributes, how do they translate if they want to access information that's maybe residing with a different organization? So they need an authoritative and trusted way to exchange that attribute that describes it's a flag, yes or no. Did this officer have this training? So, you know, that's a use case we're looking at tackling with this pilot implementation. Now, we doing this work with GSA, and you might say, well, why is ODNI working with GSA? The reason is that GSA is the right place to be doing shared services. They have a center of mass around the identity management-type activities, and so looking at this, we said the right place to partner, looking at this as a whole of government solution is the GSA. So they're investing. We're investing. You know, we're going to look at this first application of sharing criminal intelligence data as a first use case. GSA is going to be bringing forward some use cases, too. They're probably not going to have a lot to do with, you know, the ISE core mission, but that's okay because we want to leverage an asset that's a government-wide asset.
Michael Keegan: And it's a continuing journey, though.
Kshmendra Paul: Yeah. Another example is controlled unclassified information. That work started in our office that over the years now, has transitioned to a government-wide focus. It's government-wide controlled unclassified information, not terrorism-related anymore.
Michael Keegan: What does that mean?
Kshmendra Paul: Government-wide?
Michael Keegan: No. Controlled --
Kshmendra Paul: Controlled unclassified information --
Michael Keegan: In a nutshell. I mean, I just want to --
Kshmendra Paul: Well, right now, there's a lot of information that's not classified but is sensitive.
Michael Keegan: Okay.
Kshmendra Paul: Right. So there's a variety of markings. We did a study and identified about 110 different markings, for official use only, for official use, law enforcement sensitive. I mean, the list goes on, and some of this information is quite sensitive, law enforcement investigations for example. So we need to standardize those markings so we can share that information and safeguard it appropriately across organizational boundaries. You know, the government recognize the value of doing this broader than just terrorism-related so we do the initial work. We handed it off to NARA. John Fitzpatrick is now leading the Information Security Oversight Office, and it's in his area over at NARA where this work continues. So that's another example of some work we've done in this area.
Michael Keegan: To what extent does the pursuit of standards limit or defeat innovation? We will ask Kshmendra Paul, Program Manager for the Information Sharing Environment when our conversation continues on The Business of Government Hour.
Welcome back to The Business of Government Hour. I'm Michael Keegan, your host, and our guest today is Kshmendra Paul, Program Manager for the Information Sharing Environment. Also joining our conversation from IBM is George Cruser.
So standards are critical to powering the ISE. Would you tell us more about the development and implementation of standards across the environment, and more particularly, does the pursuit of standards limit or defeat innovation?
Kshmendra Paul: Yeah, I want to start with the last part of that question. We absolutely believe that standards enabled innovation. You know, the key here is let's innovate where we should innovate. Let's innovate where we can add value, and let's standardize where we have defined requirements and have common mission equities, and we really need to share information. So our standards framework is really focused on exchange standards, the standards on the edges of organizations, and it's really trying to solve a problem of moving from point to point interfaces that are custom and one off to a multilateral sort of interface exchange which is standardized and baked into the infrastructure. You innovate on top of that. You know, why would you want to innovate on an interface spec, right? You want to innovate on analysis, methodologies, and things like that.
Now, they are critical to our activities, and we are firm believers in the nexus for standards being within industry with voluntary consensus standard-type organizations. So along those lines, we've set up something called the Standards Coordinating Council. It is within our White House-based IPC structure, right. This coordinating council includes right now organizations like Oasis, the Object Management Group, the Open Geospatial Consortium. The IGES (ph) Institute, ACT-IAC, AFEI which is in the DOD space. And we're looking to grow it, but these are folks that we work with right now on specific aspects of the ISE standards profile.
We also have a standards working group that's focused inside the government where we're trying to coordinate standards activities, standards repositories, how we think about standards, how they integrate in the programmatic management processes. I mentioned the work with ACT-IAC, for example, around recommendations over on leveraging standards in the procurement process. Now, the idea here is not to rewrite the FAR (ph) or anything like that. No, the idea is to leverage the existing tools we have and to create greater awareness. So one of the things we did, for example, is we're in the process of doing is creating some training material aimed at COTARs (ph) and contracting officers to help them better understand how to leverage standards. We're creating model language around the idea of how do you integrate standards into an RFP, and how do you do evaluations, things like that.
We're also looking at industry-based certification, right. The idea here is not to create a heavyweight infrastructure, but to make this lightweight and to make sure that it works with industry, not against industry. So that's really, really critical, and so standards are critical to empowering the ISE, and we think the nexus with the standards work is work with industry and standards organizations. And, you know, for industry to do it, they have to say a market develop, and that's the procurement side of things.
Michael Keegan: The need to both protect and share national security and counterterrorism-related information is critical. To that end, can you elaborate on your efforts to develop and implement safeguarding capabilities that directly relate to the advancement of information sharing?
Kshmendra Paul: Yes. We look at safeguarding, protecting information. Information security, is, you know, two sides of the same point with information sharing. As a matter of fact, when you look at the definition of the ISE in law, the ISE is defined through 15 performance attributes, the majority of which either are security-related or dual purpose, things like attribute-based access control, cross-security domain, sharing of information, audit, and continuous monitoring, things like that. So it's been a part of our fabric since inception. We've done a lot of work to-date around security policy-type activities more recently -- and also the identity management sort of activities we talked about earlier.
More recently, we've been given the mission, and we've stood up and integrated the Classified Information Sharing and Safeguarding Office as part of the government's response post WikiLeaks. So in that regard, we're working closely with the Committee on National Security Systems which is out in front with a secret fabric and driving a lot of activities that way with the Insider Threat Task Force to make sure that there's an integrated approach to make sure that we're leveraging and not forgetting information sharing and safeguarding, but really always coming back to the key of responsible information sharing so the things you would do to enable information sharing also enable safeguarding. It's, in our view, not a trade off. It's not an either or; it's a both.
Michael Keegan: So what are you doing around the efforts to make sure the information shared consistently with privacy civil rights and civil liberties protections?
So as they looked at what we did with SAR, originally, it was very polite conversation, very constructive, but there was a feeling tone about don't you shred privacy in the U.S. Well, what happened is as they actually learned about what we were doing, they were actually very pleased and said, we can use this. You've built in the appropriate safeguards and protection so we want to continue that journey. We want to go even further working with industry to be able to look at, how do we extended our standards framework to include frameworks and standards around policy automation in particular, privacy-type activity, as well as the security sort of things. I mean, you think about attribute-based access control. Well, that's as much about protecting privacy as it is about security so we see that duality there. And that's a key focus of our work with industry.
George Cruser: Your success clearly rests in part on, you know, building both a shared trust and a shared responsibility related to the overall national security mission. Can you tell us how the ISE governance structure works and how it helps to both build that trust and that shared responsibility?
Kshmendra Paul: Yes. As I mentioned, I cochair the White House's Information Sharing and Access Policy Committee. My other cochair is Tim Duran (ph), Senior Director for Information Sharing Safeguarding Policy on the National Security Staff. So Tim and I cochair the IPC Interagency Policy Committee. We have several subcommittees and working groups underneath the IPC. These subcommittees and working groups have a degree of agency leadership. Almost in every case, actually, we try to recruit people from the interagency to be the leaders in the subcommittees and working groups. So I'll highlight our Privacy subcommittee. We have a Privacy Civil Liberties Civil Rights subcommittee. The current chair of that committee is Alex Joel. He's the Chief Privacy Civil Liberties Officer in the ODNI. Previously, he just took over from Mary Ellen Callahan who just left federal service. She was a chief privacy officer over at DHS. Chief privacy officers from across the government sit on this committee, subcommittee, working different issues around helping agencies build their privacy policies, you know, how do we look at compliance, our performance measures around privacy. How do we standardize information sharing agreements, these privacy-by-design ideas I talked about earlier? We got a working group looking at that sort of thing so, you know, that kind of broad-based buy-in.
Another example of this is that we've gone through the process. It was a process, but we successfully navigated it to include nonfederal players in our subcommittees and working groups. That's a pretty big deal for folks that have been around the government. The fact that we can actually in a national policy body, you know, a White House-based policy body, we're able to have subcommittees where we've integrated state and local representatives. So the chair and the vice-chair of the Criminal Intelligence Coordinating Council, for example, Ron Brooks, is the chair and Vern Keenan who's the vice-chair, they sit on both the SAR subcommittee and the Fusion Center Subcommittee. We have representation from global, their Infrastructure Committee, in our Information Integration Subcommittee. So having that state and local participation is a big deal. It sends a great message.
Now, in addition to the governance, there's also the engagement-type activities. So we do a lot of engagement, and we work that through a variety of different organizations, but there's a real focus on leveraging professional societies so an example there, is the International Association Chiefs of Police. We do a lot with the IACP. They're an incredible partner for us, and by working with them, that's how we can actually touch the 18,000 police departments in a credible way, them and others like the National Sheriffs Association, the Major City Chiefs, the Major County Sheriffs so there's other organizations, but I just was highlighting IACP.
George Cruser: Given that threats can come from across the world or across the street, I'd like to understand how you're better working with the private sector and international partners on expanding responsible information sharing, more particularly how are you enhancing the exchange of best practices and ideas amongst these folks?
Kshmendra Paul: Well, on the best practices, it's very interesting. We're getting a lot of demand, actually, from our international partners. People overseas are taking notice of the work we've been doing and wanting to collaborate. I'll give a few examples. There's an activity, North America Day, and we're meeting at Williamsburg, Virginia end of August. And there it's the CIOs and their associates, the federal CIO types, from the three countries, Canada, Mexico, and the U.S. So last year in Mexico City, I was part of the delegation. We executed an agreement between the three countries to share best practices. And there was a focus on the National Information Exchange Model. We kicked off two pilot projects and we've had some success with them, one on public safety, stolen vehicle information sharing, the other public health, and food-borne illness. The stolen vehicle one is one you might understand because of our public safety sort of nexus. So let me talk about the other one, public health, food-borne illness. The Centers for Disease Control here in the U.S. has been out in front on that with their counterparts in Canada and Mexico. They've been developing some information exchanges. They're standardized. They've been able to leverage some existing systems and build a consistent exchange across the systems. It's pilot. It's not in production because there are some issues that they're going to work around authority to operate CNA-type stuff and things like that. We always kind of said initially, it was just going to be a pilot just to prove the concept. But they're very bullish on it.
As a matter of fact, the feedback we're getting from the three countries is that they want to take what we've done to the World Health Organization and sponsor it for further dissemination more broadly. And the biggest proponents of doing that are our partners in Mexico, actually, very interesting and compelling. In addition, we've seen some uptake in Europe. We've been working with the European commission folks or the equivalence of their EGA (ph) function around semantic interoperability ideas. So the NIEM program office is doing that, and we've been working with our partners in the interagency with Europol, the pan-European Criminal Intelligence Fusion Center. That's where they do transnational organized crime, terrorism, and cyber. They're adopting our frameworks and wanting to collaborate. So that's very exciting to see.
George Cruser: Our listeners have heard a lot about how successful responsible information sharing is dependent on really changing the culture from one of I need to know to a need to share. And we also hear things like we need to move from information owners to information stewards. I'm interested in your thinking on those two concepts of, you know, A, is that, in fact, required for responsible information sharing, and if so, what kind of progress has been made in the last few years.
Kshmendra Paul: That's a great question, and it goes to the heart of how we see our mission. I'm going to anchor back on something the Markle Foundation put forward. Markle championed several years ago the idea of authorized use. So the idea of authorized uses is really focused on, you know, decisions that people need to make to protect the American people and enhance national security. So the whole point of information sharing is not to share information, but to get information to the decision maker so they can make better, more proactive decisions to, you know, further the mission. So that's what authorized use is all about, right, being able to think about information sharing in a mission context and defining policy that way, as opposed to defining policy from the perspective of classes of information.
Now, I look at that as also this idea of moving from ownership to stewardship, but the key challenge you have there is that we have, you know, law, policy, decades-long, focused on classes of information so how do you actually make that transition. So we have to do it incrementally and stepwise. This goes to the heart of what we're trying to do is to get folks comfortable with the idea that yes, it can be a stewardship model, versus an ownership model. Now, keys to doing that are things like trust that policies are defined in a way that are clearly understood across organizational boundaries, and that understanding has to be in detail, not at the high level. So, you know, you can't just have a high-level policy and leave implementation to different agencies because then, you're going to get variation in implementations, and you're not going to get kind of consistent, you know, enforcement of those policies.
So this where the things like the smart data ideas, the back-end attribute exchange ideas having privacy guidelines that anchor across levels of government and become key enablers to taking that journey. We have many more steps to take, but I think some of the things we're talking about will enable that sort of trust. It all boils down to the producers of information and consumers’ information operating off the same rule book, in a way that's transparent and auditable across, you know, across boundaries.
Michael Keegan: How are you using social mapping tools or social networking tools?
Kshmendra Paul: You know, we see the need to build communities of action around information sharing so knowledge management is a key issue for us. So being able to build from the initial release, we have this building blocks initiative that I talked about that's highlighted in our website, www.ise.gov. We think that there's a need to be able to identify information sharing professionals across ISE mission partners. I've talked about how large our scope is. Well, across those mission partners, there are individuals that want to be able to participate in the development of the ISE, contributing in their best practices, understanding what others are doing, and so the building blocks initiative is really the first step in that direction. We want to take it.
Right now, it's static where we're just publishing best practices across the ISE. We want to take it where it's more dynamic where we're integrating academics or think tanks or other third parties that are credibly dedicated to the mission of identifying and disseminating knowledge around the information sharing mission space, right, and then be able to have those sort of on-line communities that I think, you know, allow us to accelerate innovation, accelerate identification, integration and dissemination of best practices.
Michael Keegan: What does the future hold for the Information Sharing Environment? We will ask Kshmendra Paul, Program Manager for ISE, when our conversation continues on The Business of Government Hour.
Welcome back to The Business of Government Hour. I'm Michael Keegan, your host, and our guest today is Kshmendra Paul, Program Manager for the Information Sharing Environment. Also joining our conversation from IBM is George Cruser.
So there's a perception that there's a very high ratio of noise to signal in all this data being collected. What are you doing to better extract the necessary signals from the abundant noise, and how do you raise the signal and decrease the noise?
Kshmendra Paul: This is an accurate perception. It's real. I talked earlier about the challenges we have with the tsunami of information and, you know, kind of the good news here is that we've been making progress. The bad news is we're making progress, and we've got to go to the next level, right, which is attacking this sort of issue of high signal to noise.
We think that our best practices information integration framework that I've talked about really offers a solution here. As we move from point-to-point bilateral information sharing to multi-lateral, ISE-wide information sharing, you're going to have greater degree of consistency in quality and timeliness at the data and closer to the source of data collection or production, right, so then having that improved data quality will allow you to more quickly and easily, with higher degrees of assurance, establish linkages between disparate pieces of information. You know, also by having effective enterprise-wide, enterprise here being the ISE data management sort of schemes in place, you can move away from moving big bulk data sets and move towards publishing out rules, filters, triggers closer to the edge, right, so that, you know, you can reduce the amount of information that's actually moving or the percentage of information. Clearly, the volumes are going to keep increasing, right, you know, but it's definitely things I think we're going to be able to help out in.
George Cruser: You've mentioned earlier that at the state, local, tribal levels, there's this sense of this crushing fiscal austerity being placed on them. While you didn't highlight at the federal level, I think even at the federal level, we're seeing that there's not an endless stream of money anymore. In the face of asking employees to constantly do more with less, how do you keep your team motivated when there is all this dire financial information behind us or around us?
Kshmendra Paul: Well, I'll answer that question on two levels. First, internal to the office and the extended team across the ISE so in terms of the office, you know, we have a pretty good culture that's focused on mission enablement. And the people that work at the PM-ISE every day, for the most part, almost exclusively are there because they believe in the mission. They want to make a difference, and they're seeing that their efforts actually do make a tangible difference across the ISE to accelerate the ISE and support the public safety national security mission we have.
So it's that mission focus that keeps people. And that's why many people come, most people come into public service to begin with is that mission focus. And, again because of where we sit, aligned with the White House, the scope of our work, they're able to see a more clear line between their individual contribution and accelerating the ISE.
More broadly in the interagency, you know, you're definitely seeing folks kind of struggling with cuts and lack of resources and the need to transform. There again, though, I think many of the folks that are working these ISE initiatives are seeing them as part of the solution, not part of the problem in terms of moving toward shared approaches, more efficient uses of information, reducing, you know, redundancy and duplication, and things like that. So, again, I think it's seeing them as part of the solution, and I think that's critical.
George Cruser: So the passion for the mission certainly can be a powerful draw to get the right resources into government initially, but we're seeing the skill set needed is just constantly changing. So how do you make sure that you keep a well-trained, proficient work force going, you know, in light of all the changes in technology and skill set?
Kshmendra Paul: That's a great question. You know, earlier on, I talked about the structure of the Office. We have an incredibly diverse work force. It's diverse demographically, but it's diverse from a life experience perspective, professional experience. We have folks that have, you know, been career law enforcement, as well as, you know, folks that are intimately involved in budget performance integration and everybody that spans in between. So we've created a culture in the Office that's what I call whole of office. It's really focused on teamwork so we don't expect individuals to come in and span the mission space, span the skill set. We expect them to be able to work collaboratively in the office and then more broadly with our partners in the interagency.
Now, the second part of this is that we've always put a premium on partnership and engagement with nonfederal partners, federal partners, the people outside the office. I highlighted, for example, the Standards Coordinating Council and those different organizations. Let me make a plug for folks to get involved and engaged. You know, we are very cognizant of the fact that expertise resides all through the community, much of it outside of the government. And many folks want to participate in constructive solutions to the challenges that I've outlined. So get involved through the different organizations I highlighted, the Object Management Group, Oasis, the IGES Institute which is focused on public safety, technology, and information and sharing, AFEI, Open Geospatial Consortium, ACT-IAC. All of these organizations are actively involved in the Standards Coordinating Council. We're coordinating activity, but the work is happening in those different groups, right, and whether you're a federal person or whether you're a nonfederal person, get engaged and help contribute. Be a part of the solution.
Michael Keegan: This has been a wonderful and a very informative conversation, but I'd like to transition to the future. What are some of the major opportunities and challenges you think your organization will face, and more importantly, how do you think you'll evolve to meet these challenges and seize these opportunities?
Kshmendra Paul: Well, that's a great question. It's difficult to read the future. I think what we're seeing is that we're getting traction across our efforts, across the ISE, and we're scaling up to a portfolio of activities. I go back to the buckets of the top-down, bottom-up, outside-in. That's working, and there's a synergy between those activities. So I think that in the next year, the next five years as you're laying out the time line, that traction will become increasingly visible to folks that are increasingly at a distance. So if you're in the middle of it like I am, you sort of see it. You're one step removed. You see it, but, you know, is it a flash in the pan, or is it going to actually take root. So I think that that's the big thing that's going to happen.
Now, related to that, right, is the fact that key to our strategy is industry engagement. Industry wants to see a broad and growing marketplace. Counterterrorism is interesting, but if it's broader than that it's even more interesting. If it's international, it's even more interesting. So I think our best practices framework is taking root more broadly, well outside of our statutory mission scope is going to be something that is already happening, but the fact that that ties into industry adoption I think will be something that you'll see in the next years. And that's key to scaling up. As much as we've had some success, when you look at the huge scope we have these successes are point successes. The way we scale up is not through direct activity but this more engaging with industry and folks being able to make their independent procurements decisions based on their own economic interests and other views of their mission and their risk and things like that.
Michael Keegan: So as we close today, what advice would you give someone who is considering a career in public service?
Kshmendra Paul: It's been an incredibly rewarding experience for me on a personal and professional level. I've loved my time. As I mentioned earlier, many days, I pinch myself that I get paid to do what I do. I think that it's important to develop skills and the government gives you the opportunity. So if you come into the government, it's important to look at it as an opportunity to develop skills, to work in a variety of different efforts. I've been lucky in my time, or unlucky depending on the perspective, in the government, I've been able to work government-wide initiatives almost from the beginning. That's a different sort of view on transformation in the government than working inside programs. So I would encourage folks that come into public service to do both. Get a feel for where the sweet spot is for them, and to understand the government-wide look, as well as the programmatic look.
Michael Keegan: Well, I want to thank you for joining us today, but most importantly, George and I would like to thank you for your dedicated service to the country.
Kshmendra Paul: Well, thank you. I've enjoyed our conversation. I've enjoyed being here. I'd like to highlight for your listeners to come to our website, www.ise.gov. Follow us on Twitter @shareandprotect, @shareandprotect. Plug in via the different organizations that I talked about, government or industry. And also if you're in the law enforcement public safety space, maybe look for me at the International Association Chiefs of Police conference in San Diego. We're out there. We do a lot of business out at the IACP key stakeholders so stop me and say hi.
Michael Keegan: This has been The Business of Government Hour featuring a conversation with Kshmendra Paul, Program Manager for the Information Sharing Environment. My cohost from IBM has been George Cruser. Be sure to join us next week for another informative, insightful, and in-depth conversation on improving government effectiveness. For The Business of Government Hour, I'm Michael Keegan, and thanks for joining us.
Announcer: This has been The Business of Government Hour. Be sure to join us every Saturday at 9:00 a.m., and visit us on the Web at businessofgovernment.org.
There, you can learn more about our programs, and get a transcript of today's conversation.
Until next week, it's businessofgovernment.org.