Tech Vs. Terrorism The FBI stumbled badly in modernizing its IT to help fight terrorism. Here's how the bureau plans to get on track.
By Larry Greenemeier, InformationWeek June 6, 2005 URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=164300083 The Federal Bureau of Investigation's Virtual Case File system was supposed to be the future of the FBI's crime-fighting and anti-terrorism operations, a Web-based case-management application that bureau investigators would use to search and analyze all information relating to criminal and national-security cases. Instead, it turned into an expensive lesson in outdated IT practices, in the depth and breadth of the dysfunction that plagued the bureau's IT management, and in the challenges that lay ahead. Initiated in June 2001, the Virtual Case File system suffered from having to adapt to the FBI's dramatic post-9/11 mission change, which called upon the bureau to focus on preventing terrorism as much as fighting more conventional crimes. Yet the technology also fell victim to much more workaday problems, including a shuffling of FBI CIOs and project managers, ever-changing project requirements, and an insistence on building the system from the ground up as a customized application. The result was a $170 million bust that the bureau tested briefly, then put on the shelf indefinitely. Rather than trying to fix the Virtual Case File software, the FBI over the past couple of years has initiated an extensive overhaul of IT management. The first big test of this makeover is Sentinel, an electronic information-management system under development that's designed to help the bureau leverage newer, standardized IT. Sentinel will test more than whether the FBI can finally get the file-sharing ability envisioned for the abandoned Virtual Case File project. It also will reveal whether the FBI's efforts in recent years to create a better-run IT department and a modern IT platform have worked. CIO Zalmai Azmi sees Sentinel--the FBI's first software platform built on a Web-friendly, services-oriented IT architecture--as nothing short of a way for the bureau to finally break free from the shackles of its outmoded IT systems. "Sentinel is my flagship moving forward and paving the path for me in delivering capabilities," says Azmi, who has spent six years as an IT executive in the Justice Department. "With every service I deliver with Sentinel, I'll be looking at my legacy systems and retiring applications." As the FBI develops each phase of Sentinel, it will replace corresponding legacy systems, the most significant being its Automated Case Management System. Other applications to be retired include the Criminal Informant Management System, Bank Robbery Statistical Application, and Financial Institution Fraud and Integrated Statistical Reporting Analysis Application. One predicted benefit of Sentinel is its support for XML standards, which can ease information sharing within the FBI and with other agencies. Sentinel represents an ambitious first test for the FBI's new IT strategy. The FBI expects by midsummer to issue a request for proposals for Sentinel, which Azmi says will be comprised 80% to 90% of off-the-shelf software that will, among other things, let FBI agents and analysts share case files, search a variety of law-enforcement and intelligence databases, and automate workflow. By contrast, the Virtual Case File system relied on a great deal of custom-coded software, a reflection of the bureau's build-first culture and belief that off-the-shelf software couldn't meet its needs. Although the FBI hasn't disclosed when it will award a contract, Azmi says the first of Sentinel's four phases will be due 12 months after the contract is signed. The time line for the remaining phases stretches over the next four years. The Sentinel project follows FBI Director Robert Mueller's recent moves to dramatically increase the CIO's power and influence. In February, Mueller gave Azmi overall control of the FBI's IT budget and began consolidating several operations under the CIO's office. This means that where Azmi this year controls $248.7 million of the bureau's IT spending, in the coming fiscal year he'll control more than $500 million. The FBI's overall budget, which has risen from $3.3 billion in fiscal 2001 to $5.1 billion in fiscal 2005, is proposed to be $5.7 billion in fiscal 2006. If this is the case, Azmi's office would be responsible for about 9% of the bureau's spending. Consolidating IT spending may seem far removed from the front-line concerns of agents' basic inability to access and share information, but Azmi sees his expanded financial responsibilities as a significant step. Soon after being appointed acting CIO in December 2003, Azmi called for an inventory of the bureau's IT assets and created a master list of applications, networks, databases, and other key IT components. "We found that one of the reasons we have the stovepipes was because different technology was being developed by different agencies within the bureau," Azmi says. The "acting" designation was dropped from his title in May 2004, and he's held the CIO post longer than anyone else since 9/11. "Every division had its own information-technology budget, network, brand of computers, and software." To see why Sentinel is such an important--and difficult--project for the bureau, it's necessary to understand why information technology is so strategic to the FBI's changing mission and why and where it has stumbled in recent IT projects. In the wake of Sept. 11, 2001, it became clear the FBI needed to radically change how it works to prevent terrorism after nearly a century focusing on investigating crime. Lag time in communication and data sharing was no longer acceptable. "The FBI realized after 9/11 that it wanted to share data in real time," says Jeff Vining, a Gartner analyst covering homeland security and law enforcement and a former FBI lawyer. The FBI needed better technology to fit its expanded responsibilities. "After 9/11, the mission changed to prevention," Azmi says. "In preventative mode, nothing's happened, so you have to do thorough analysis, and you have a lot of what-if scenarios. For that you need really good technology." State-of-the-art technology is often easier to envision than implement, and the Virtual Case File system isn't the only time the FBI has had mixed results. The bureau's Guardian incident-tracking system, designed to find potential connections among local police reports and FBI counterterrorism efforts, isn't always synchronized with state counterterrorism databases, according to a March report by the National Academy of Public Administration, a nonpartisan group chartered by Congress to help public organizations improve their effectiveness. Earlier this year, the FBI said it had effectively abandoned its controversial, custom-built Carnivore Internet-surveillance technology, which was designed to read E-mails and other online communications during investigations of suspected criminals, terrorists, and spies. Guardian is on a list of programs being reviewed for possible retooling, Azmi says. Carnivore didn't make the list. Amid all this, FBI Director Mueller hasn't wavered on the importance of technology in supporting the bureau's mission. Shortly after being appointed in September 2001, Mueller put into high gear an existing program called Trilogy to upgrade the bureau's aging IT infrastructure, which suffered from years of neglect. The first two phases of Trilogy, completed by April 2004, went smoothly: providing a high-speed, secure network that lets FBI personnel worldwide share data, including audio, video, and image files, and replacing outdated hardware with more than 30,000 new desktop computers, nearly 4,000 printers, 1,600 scanners, 465 servers, and 1,400 routers. The Virtual Case File system was the third and most ambitious and complicated part of the plan, dependent on a custom software project that would make the bravest corporate CIO blanch. Mueller, during testimony Feb. 3 before a Senate Appropriations subcommittee, praised Trilogy, which has an estimated price tag of $400 million to $600 million, for improving the FBI's ability to connect with other intelligence and law-enforcement agencies. Still, he lamented the problems with the Virtual Case File system, Trilogy's crucial third phase. "If agents had the VCF capabilities we envisioned, they could directly input information into their computers, receive electronic approvals, and, with the push of a button, upload information into the database where it would be immediately available to others who need access to it--agents, analysts, other federal employees, and state and local officials," he testified. How did it go wrong? The answer is complicated and involves mismanagement, poor planning, and a lack of open IT standards. It also was a case of an organization not keeping up with the pace of change in the IT industry, as off-the-shelf software caught up to what the bureau was paying outsiders to develop from scratch. Mueller summed it up this way: "The pace of technology has overtaken the development of unique software applications for the FBI." Commercial software wasn't an option when Science Applications International Corp. began work on the Virtual Case File system, says Mark Hughes, president of the system and network solutions group at SAIC, the vendor hired to build the system. "The case-management system was very complex," he says. On the one hand, the FBI had to ensure that only authorized personnel had access to certain sensitive data. On the other, there was a demand that data be readily shared among agents and with other law-enforcement agencies. "There are also a lot of legal requirements governing how data is accessed and used," says Frank Perry, chief systems engineer for SAIC's system and network solutions group. "The data's admissibility in court was a big consideration." Put another way, Virtual Case File "was to replace a bulky system that was processed nightly," Gartner's Vining says. "They wanted [case-file] information in their agents' hands in real time. They didn't want to ever again have an agent in Phoenix writing a memo that wasn't shared with the right people," Vining says, referring to a memo an agent wrote in July 2001--which wasn't widely shared--warning that terrorists might be training at flight schools. But work on Virtual Case File had begun even before the terrorist attacks. In June 2001, SAIC won the Virtual Case File system contract, which initially laid out plans for the development of a standard Web interface to legacy systems used by FBI agents. "Three months later, 9/11 happened," Hughes says. "Within six months of that original contract, we were told to forget it and work on a new case-management system." Sept. 11 was the most-important force influencing the system's development, but not the only one. The February 2001 arrest of counterintelligence agent Robert Philip Hanssen, who for decades had been selling national defense information to Russia, prompted the Justice Department in March 2002 to issue a report reviewing FBI security programs. The report found, among other things, a "pervasive inattention to security, which has been at best a low priority." SAIC says the project was plagued by a lack of consensus among users regarding what they needed. The company spent the early part of 2002 interviewing agents and analysts to find out what they were looking for in the system. At the same time, however, the FBI was reengineering its processes altogether. "They were trying to respond to the recommendations in all of these reports," Hughes says. That didn't bode well for the Virtual Case File system. "Neither we nor the FBI knew what the system's requirements would be," he says. Another problem was the FBI's management churn. "In the three years we had this project, they had nine program managers and five CIOs," Hughes says. "Every time someone new came in, they hadn't participated in the decision making to that point." SAIC delivered its original Virtual Case File system in December 2003, though FBI executives believed even as it was being delivered it wouldn't meet their needs. Bureau officials concluded the system couldn't do actual case management and could only do certain basic functions like automate workflow, especially routing documents between staff and supervisors. Doubts about the system grew to the point that the FBI in January 2004 created a separate data-sharing system, called the Investigative Data Warehouse. It provides more than 6,000 special agents, intelligence analysts, and members of joint terrorism task forces with a single access point to about 50 databases, including the FBI's primary legacy Automated Case Support case-management database, its Violent Gang and Terrorist Organization File database, and various news feeds that provide English translations of major international news articles. The system let agents for the first time use analytical tools across data sources to create a more complete view of the bureau's treasure chest of data. The FBI also imported more than 60% of the data from its legacy systems to the data warehouse. But even this successful effort was colored by the looming failure of Virtual Case File. The Investigative Data Warehouse "was a risk-mitigation strategy knowing that our case-management system, or VCF, was going to be late," Azmi says. The final verdict on the Virtual Case File system? The bureau spent another $2 million this year to have Aerospace Corp., a nonprofit contractor, assess the system, and it concluded the FBI should cut its losses and start over with commercial products. The FBI also had several hundred users at three locations test the system's document-routing capabilities in a way that let the bureau know just how much of its IT investment might be salvaged. Mueller estimates that $104.5 million of the $170 million investment in the Virtual Case File system is considered "a loss." The networking and hardware equipment can be repurposed as part of Sentinel. So how can Sentinel succeed where past efforts failed? One factor is that Mueller appears to have found a CIO he can work with. When Mueller took the reins, the FBI didn't have a CIO position. By November 2001, the position was created and filled by former IBM executive Bob Dies, who retired in May 2002. Mark Tanner served as acting CIO over the next three months, until the bureau gave its top IT job to Darwin John, former managing director of information and communications systems worldwide for the Church of Jesus Christ of Latter-day Saints in Salt Lake City. John lasted less than a year. In May 2003, Wilson Lowery, a 30-year veteran of IBM and former chairman of IBM Credit Corp. and general manager of IBM Global Financing, took over as the FBI's CIO. Lowery originally joined the bureau in June 2002 as Mueller's special assistant in charge of overseeing a reengineering effort that looked at, among other things, how the FBI used technology and how it collaborated with other agencies. By December 2003, Lowery likewise moved on. Finding himself once again without a top IT executive, Mueller looked to his days as U.S. attorney in San Francisco when he'd had occasion to work with Azmi, who at the time was CIO for the Executive Office for United States Attorneys. The two former Marines had designed and created a reporting tool called Alcatraz for Mueller's office. Azmi had pulled off a successful tech turnaround at the U.S. Attorneys' Office, building a Trilogy-like infrastructure project called the Justice Consolidated Office Network, as well as a victim-notification system and enterprise case-management system. Azmi's history with Mueller has inspired a new level of confidence in the CIO position. "I am a CIO who has a chair at the table, discussing the mission of this organization," Azmi says. Azmi has been given the power to consolidate IT budgets, develop an IT architecture, and create a system of checks and balances designed to keep projects on schedule and on budget. The IT architecture identifies all of the FBI's IT systems, applications, networks, and databases on a master list. Azmi also organized an enterprise architecture unit that includes chief enterprise architect Wayne Shiveley, who in April completed the first version of the bureau's enterprise architecture--something mandated for all federal agencies. All future IT projects must be consistent with Shiveley's architecture plan. Another approach the FBI has taken to improve IT management is its Life Cycle Management Directive, which governs how projects are managed from their inception. The goal is to centralize IT assessment, using seven "gates," or review points, that serve as the mechanism for management control and direction, decision making, coordination, and confirmation of successful performance. "Do the money and the time match? Are we at our performance goals? You have a measuring tool now," Azmi says. "Anytime it deviates 10% or more, that's when we bring in project management." The bureau is evaluating the health of all 479 of its IT projects in order to provide data that will help FBI managers understand the costs, schedules, and risks associated with each project. Given all of the scrutiny following the Virtual Case File system, one legacy will most certainly include shorter, better-managed contracts. "One of the things we don't want to do is another giant contract of four years," Azmi says. "It just doesn't make any sense." The importance of the FBI's revitalized approach to IT management can't be underestimated, one former FBI agent says. The past missions of the bureau and the U.S. intelligence community didn't prepare it for a war on terrorism that requires tracking individuals and small groups and making connections among them. "The amount of data and our ability to deal with it has never been tested like this," he says. Nevertheless, the FBI knows now that it's in the information business. As such, the former agent says, "If you don't make IT the core of your business processes, you're not going to succeed." No one knows this more than Azmi, who has seen firsthand the cost of failed IT projects, in terms of time and money. In some ways, the Virtual Case File system was a victim of the bureau's haste to make up for lost time. "There's a lot of preparation that's going on in Sentinel that didn't go into VCF because we were: 9/11, let's get it done," he says, snapping his fingers quickly three times. While the sense of urgency is still there, "the key now is to do a proper transition from the legacy system to the new system." You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
