CIA Deputy for Digital Innovation Talks Mission, Partnerships and Espionage Challenges

CIA Deputy Director for Digital Innovation Jennifer Ewbank said recently “the cyber forces and other threats that we confront across the digital landscape are formidable and they are changing the very nature of the intelligence business.” 

Ewbank, who spent much of her career with the Agency running overseas operations, noted at The Cipher Brief Threat Conference, not only how U.S. adversaries have upped their digital game, but also how the agency has been “grappling with how to manage the explosion in volume and variety of data fueled by technological change,” saying, “It has transformed the intelligence business in many of the same ways it’s transformed the commercial marketplace and the global economy as a whole.

Below is her perspective on the evolving digital landscape, the hazards and opportunities within and what it means for the organization she leads at CIA. Her comments have been lightly edited for clarity. 

---

---

The cyber forces and other threats that we confront across the digital landscape are formidable and they are changing the very nature of the intelligence business. They represent a real danger to our national and economic security, but they’re not really a surprise. Six years ago, the CIA stood up a new Directorate of Digital Innovation. That’s the part of the organization that I now have the honor of leading. It was a move to redesign the intelligence enterprise to meet emerging threats in the digital domain, and to leverage these new capabilities for operational advantage and analytic insights.

The espionage business, as I see it is, is often thought of as the dark side, but it’s really about the art of the possible. Success requires creativity, ingenuity, dogged determination, and a healthy dose of optimism. You have to believe that you can do things that – at their core – may seem impossible. The Directorate of Digital Innovation (DDI) is charting the course for CIA’s art of the possible in the cyber and digital realm.

Today, DDI represents a multidisciplinary fusion of cyber offense, cyber defense, open-source collection, data science, artificial intelligence, and enterprise information technology, all of which are increasingly essential for the CIA’s success in a world of ubiquitous sensing, cyber threats, and the exponential increase of data.

Our enduring mission in DDI is to integrate CIA’s human, technical, and digital operations at scale, which is an important characteristic to counter our foreign adversaries at the speed of mission. To make this happen, we are charged with raising the digital acumen of CIA’s workforce to position the agency for success long into the future. However, DDI tackles none of this alone- it’s all about partnerships within the agency, with partners across the national security community, and with patriotic Americans.

I’ll share something I learned coming from the director of operations into this new directorate a few years ago: our workforce is tremendously skilled, capable, and highly agile. They work as integrated teams each day taking on some of our most daunting intelligence challenges: technologically, operationally, and analytically. We sit at the nexus of technological threats and the data explosion, and I believe our work becomes only more critical to the agency’s success with each passing day.

Personally, it’s a huge pleasure and an honor to lead the agency’s digital workforce. It’s an incredible team brimming with talent, creativity, and dedication. However, when we talk about the threats and opportunities across the digital landscape and their intersection with defensive and offensive operations, I speak to you as more than the head of a large organization in Washington. I have spent most of my own intelligence career overseas running operations and I’ve seen firsthand what our adversaries are capable of, as well as the power of integration. It’s a bit of a buzzword at times, but it is an extremely powerful thing.

I was there when we combined these new areas of digital expertise with our traditional strengths in technology and science, all in partnership with our core human intelligence tradecraft. I’ve been part of successes, large and small and have certainly seen my share of setbacks along the way. So, our discussion today of what’s happening in the digital landscape, the explosion of data in a highly-connected world of ubiquitous sensing, the onslaught of cyber threats we face from hostile actors, and how we as a service and as a country respond is more than just theoretical for me. It’s personal.

When the CIA was created in 1947, our principal rivals were the Soviets and their surrogates across Eastern Europe. In those early years, the agency dueled with the KGB on the streets of Moscow and the Stasi on the streets of Berlin and those kind of gritty and determined first generation officers operated under extremely challenging conditions, sparring with their Eastern Block foes while dodging surveillance and evading checkpoints. Tensions ran very high at that time. In 1956, when the east Germans discovered a CIA/MI6 tunnel under the streets of Berlin, our legendary base chief at the time went down there himself and from behind a machine gun, made sure that no unauthorized person was going to cross over into the American sector. Obviously now, the only tunneling most base chiefs and station chiefs are doing these days are struggling to set up VPNs on their MacBook, but some of the most consequential threats we face today are in the digital domain.

In recent years, we’ve experienced a seismic shift in the contours of that environment and with our mission responsibilities at CIA becoming progressively more challenged by these shark infested waters of the information environment, our agency has been grappling with how to manage the explosion in volume and variety of data fueled by technological change. It has transformed the intelligence business in many of the same ways it’s transformed the commercial marketplace and the global economy as a whole.

Challenge is present for everyone but for those of us in the intelligence arena, the stakes are particularly high. Our long-time strains continue with Russia and China has emerged as our most significant and daunting challenge but beyond the great power competition, there are lots of other state and non-state actors alike vying for power and influence too, and every single one of them is using these new technologies to support their cause. In the final analysis, our own competitiveness as an intelligence service and an intelligence community will depend on how fast we turn this evolving digital landscape to our own advantage relative to our adversaries.

As we know, foreign states have leveraged their cyber capabilities to steal information, influence foreign populations, and menace private industry with physical and digital infrastructure being favorite targets. We also know that data analytics and artificial intelligence capabilities being developed by digital autocracies to monitor and control their own societies are now arrows in their own quiver to target us. So, although an increasing number of others are dabbling in cyber, China, Russia, Iran, North Korea remain the core antagonists. Each is at the controls of highly developed, well-resourced cyber programs pointed like daggers at U.S. interests at home and abroad. Joining this fray as of late are the criminal ransomware outfits who have monetized hacking and are plotting as we speak to hold U.S. networks hostage at digital gunpoint just as they did with the recent Colonial Pipeline and JBS attacks.

The Chinese are clearly formidable players in the digital underworld and that’s something that had, for a few years, evaded much public notice. Barely concealing its ties to criminal hackers, the Chinese government views its competition with the west as a zero-sum equation where China’s rise must come at the expense of America’s decline. This has fueled brazen aggression lately as China saturates our networks with disruptive intrusions designed to undermine the security and competitiveness of our nation. Their systemic industrial level theft of our personal information and intellectual property is both shameless and unrelenting and part of a concerted campaign to chip away at our prosperity and diminish our economic might. China presents a prolific and very effective cyber espionage threat, a growing influence threat, and considerable, substantial cyber-attack capabilities.

China’s cyber espionage program is particularly formidable in two respects: its sheer size and its vast ungoverned, contract hacker ecosystem. Beijing also sees cyber as a primary means for conducting political warfare. A concept that includes virtually all means short of war, to achieve its national objectives.

One aspect of China’s influence campaign that’s particularly noteworthy and reflects this theme of scale is the broad array of languages and media used to disseminate Beijing’s messaging. In recent years, we’ve seen vast Chinese spam networks who have posted videos on YouTube in order to influence audiences both in the U.S. and around the globe.

Russia, too, remains a significant cyber threat. It has unleashed increasingly sophisticated espionage influence and attack capabilities against the West and Russian regional rivals. The Russians consider cyber hacks an acceptable tool for deterring adversaries and prosecuting conflicts and they view cyber espionage as routine business. We saw this with the recent software supply chain operation against Solar Winds where Russia’s foreign intelligence service executed a cyber espionage campaign against the U.S. by placing malicious code in broadly distributed software products. This was a brash demonstration of Moscow’s capabilities and proof if anyone needed it, that public and private organizations in the U.S. remain in Moscow’s crosshairs.

Alas, the Russians and the Chinese are not alone. Iran’s technical expertise and zeal for aggressive cyber operations further jeopardize the integrity of the United States and our allies’ networks. The Iranian track record includes attacks on critical infrastructure, which are particularly worrisome as demonstrated by their multiple cyber-attacks last year against Israeli water facilities. Iranian hackers recently targeted dozens of U.S. and Israeli defense firms according to press reports. So, it’s fair to say that Tehran is responsible for lots of other nefarious activities on the net, but we’ll leave it there.

---

The Cipher Brief hosts private briefings with the world’s most experienced national and global security experts.  Become a member today.

---

North Korea’s cyber program remains troublesome as well. The notoriously mercurial Pyongyang likely possesses the expertise to disrupt critical infrastructure and business networks in the United States judging by their track record. North Korean hackers also have long posed a very significant threat to the integrity and stability of the international financial system and have engaged in a variety of illicit activities to include cybercrime to generate revenue for the regime.

Last, but certainly not least, are cyber criminals motivated by simple financial gain. Their goal is to compromise our personal, financial, and health data to leverage it on underground black markets. Ransomware is just the latest incarnation and U.S. consumers and businesses alike remain susceptible to traditional fraud, extortion, and credit card theft proving that even criminals are leveraging digital innovation. The recent appearance of ransomware as a service has made ransomware available on a scale never before seen and when we consider the potential impact of ransomware attacks on critical infrastructure or government networks in the United States, the potential impact is really clear.

On the whole, our national and economic security are put at risk by all of these threats. There is, however, a flip side to this coin and technology as always is a two-way street. There are windows of opportunity for our organization and others in the intelligence community to strike back and turn the tables on rivals and competitors to gain the strategic advantage we need to succeed in the 21st century.

A central pillar of our strategy at the Director of Digital Innovation is to outmaneuver adversaries in the digital sphere which requires a wholesale embrace of the power of innovation. That power has become the bedrock of our organization underpinning so much of the mission success that we have been able to achieve. Adapting to this kind of shifting intelligence landscape has long been encoded in the very DNA of the Central Intelligence Agency. For us in DDI, it is foundational to everything we do and it’s why we put innovation in the name of the directorate. In a constantly evolving battle space where the rules of the road are rewritten with head spinning speed, we must embrace risk and we must embrace experimentation as the key to innovation and the process of unlocking new insights.

The coming decade will bring an unprecedented set of national security challenges that will demand an unprecedented response and to ensure CIA’s readiness for long term success, we made a few smart adjustments to our priorities regarding China, technology, our people, and partnerships to optimize the agency’s ability to confront future threats. We do all of this while maintaining our focus on never taking our eye off enduring challenges such as counter-terrorism and Russia. Perhaps for us, a useful guiding principle, comes from a Latin proverb made famous by the Roman poet Virgil, “Fortune favors the bold.”

Indeed, to prevail against 21st century foes whose technical mastery is matched only by their malicious intent, it’s imperative that we boldly develop new tradecraft, new tools, new platforms, and other mission solutions that provide decisive operational advantages. Every day we fail to innovate, fail to take chances, or fail to challenge ourselves and our conventional wisdom, we risk mission failure or worse, irrelevance. Innovation is not just the core of our mission; it is the life blood of American industry and any organization today enduring to be even modestly successful in this new digital landscape.

To illustrate the point: what is blue and gold, once owned by almost everyone and today no longer exists? Those of us old enough will remember that was a Blockbuster Video Membership Card. The collapse of this one-time empire is a cautionary tale for all of us and reveals the fate of any organization that fails to innovate in a hypercompetitive and data driven digital world. Blockbuster had a rapid collapse from the top of its industry to complete irrelevance in the span of just six years, all because it failed to innovate as others aggressively leveraged new technology and rapidly expanding digital infrastructure.

The Blockbuster story reflects in some ways the crossroads that we in the espionage business have reached today. However, it’s not a choice between dooming ourselves to Blockbuster’s fate or following some proven route already mapped out by others. It’s about our willingness to be explorers ourselves and to chart a very new course. Teams of cutting-edge designers and engineers at Netflix, Apple, Disney, and Amazon don’t sit around tinkering with their platforms just to meet a customer’s needs today and modernization is not the act of upgrading an inventory from VHS to DVD.

Success, in this new world, in this digital world, hinges on our ability to project requirements and solutions well into the future, to look out beyond the horizon, to anticipate and gamble on the future, as uncertain as it may be and the same holds true for the art of espionage in a world of dramatically fewer real secrets.

Social media, online digital news platforms, ubiquitous sensing, commercial collection, on land, at sea, in the air, and the internet itself mean that we don’t really lack insight even in far flung corners of the globe. The price of fuel in Moscow, the conditions at a port on the coast of Africa, the size of a pro-democracy demonstration in Hong Kong, it’s all available at our fingertips on our mobile devices while secrets, plans and intentions of despots and terrorists – the things that have yet to happen – are increasingly more difficult to uncover by traditional means.

Success can be unlocked through innovation and partnerships. We’re not alone in pursuing the technological solutions of tomorrow, and yes, being first does matter. Ask those in the Manhattan project, ask NASA, ask Netflix, ask China.  They aim to be the first to lead in the digital world as shown in the Made in China 2025 program and their complete commitment to AI dominance by 2030.

The Secret Service has a saying about schedules: if you’re early, you’re on time; if you’re on time, you’re late; if you’re late, just don’t bother coming. Similarly, we can’t think about catching up with the Chinese, the Russians, the hackers, hacktivists, or any of the others are out there trying to do us harm because at the moment when we’ve caught up, we’re already falling behind again. The race for decisive advantage in this digital realm is not about keeping pace, it’s about outpacing and about beating your competitor to the finish line. Innovation and partnership will help us do that.

Safeguarding the national and economic security of the United States is paramount to all of us. That’s why our organization values smart partnerships with fellow patriotic innovators in the private sector. Such partnerships promote greater exchanges of information, more efficient use of resources, and bring a broader range of expertise to problem solving. While our specific equities may differ, we can each say unequivocally that we all want the same thing fundamentally and we’re all on the same team. We all want to see the United States succeed and flourish and remain a global leader, all while reflecting the Western democratic ideals that we hold so dear. The private sector has always been America’s engine for innovation and change and it’s one of our greatest strengths as a nation.

---

Go beyond the headlines with expert perspectives on today’s news with The Cipher Brief’s Daily Open-Source Podcast.  Listen here or wherever you listen to podcasts.

---

Certainly, government and industry must be partners in innovation, but in the 21st century, technological innovation is mostly going to emerge from the private sector. Look no further than the artificial intelligence and machine learning realms where private sector innovation is helping us harness the power of data. More than any development in this fourth industrial revolution where the boundaries between the physical and digital worlds are blurring, artificial intelligence holds one of the keys to the future of espionage. It will help us manage this data tsunami at machine speed and will help free up humans for the higher order cognitive functions that are still only possible with the biological, not a digital brain.

In the artificial intelligence arena, the intelligence community must now learn how to be a fast follower with industry. They have to learn to not be the primary creators of cutting-edge technologies predominantly developed by the private sector. They must be fast followers. That’s why deep and sustainable partnerships with private industry and academia are so vital for the CIA and the intelligence community as a whole. They allow both sides to best serve America’s interests and adapt to these constantly changing waves of new technologies.

The DDI is taking steps to strengthen collaboration within the industry. One major component of our approach to industry partnerships is our creation of innovation hubs. We are focused on identifying best commercially available solutions, especially in the artificial intelligence and machine learning areas, and exploring how we can rapidly leverage these new solutions to mission problems. By working in an unclassified and collaborative laboratory space, our innovation hubs can bring new technologies to mission more rapidly, enable faster investment decisions about digital technologies, and ultimately reduce the time from ideas to solutions.

As I’ve said to our workforce on far too many occasions to count, I want us to get out of the U.S. government’s business of bringing yesterday’s technology to you tomorrow. Therefore, an enduring aspect of our mission as CIA’s digital Sherpas, is to stay informed of new commercial technologies and position CIA to be that fast follower with industry. This is why in 2017, we opened up CIA’s Silicon Valley Innovation Outpost which facilitates engagement with companies in the tech sector and academics in Silicon Valley. Just last year, during the pandemic, we launched the Northern Virginia Innovation Exchange, a space for knowledge sharing and problem solving where we work side by side with partners in industry.

Though I hate to admit it, despite our best efforts, we are a large government organization. And so we must address the impediments that stand in the way of bringing new technologies rapidly into the CIA; we’re working on that.

We’re working on speeding up our accreditation process, looking for new acquisition authorities, and doing as much as we can in the unclassified space where we can adopt new ideas and new solutions at a much more rapid pace. We’re engaging industry across the investment spectrum to leverage their expertise and knowledge of the marketplace and to promote a culture of continuous innovation in a large government organization that’s not hardwired to do that. Through outreach to companies and by working with Silicon Valley based accelerators, we are able to discover new technologies in the marketplace to meet our sometimes very unique mission needs in the CIA. It is pretty good progress in the first six years for an organization, but we are far from finished. Innovation is a process, it’s not an event. However, there is no finish line. The end of any innovation journey just signals the beginning of the next uncharted course. No one these days is flying kites in lightning storms, but that’s the type of entrepreneurial spirit that we’re seeking in our ranks. It’s the foundation I believe for our future as an agency and it’s a future that the DDI, as a transformative element of CIA in the digital age, eagerly embraces.

The challenges ahead are formidable, but with a whole of nation approach encouraging closer partnerships between government and industry, we can defend our values against those adversaries who wish us harm.

As for the DDI, we can accelerate the adoption of emerging digital technologies and integrate them with CIA’s traditional strengths in human intelligence and technical intelligence to counter threats to our nation and the shared interests of our allies around the world. Only one question remains for my team and CIA’s Directorate of Digital Innovation: if fortune indeed favors the bold, just how bold can they be? I have seen this amazing team in action, and I know that they will bring the fight to our adversaries across the digital landscape.

Jennifer Ewbank is Deputy Director for Digital Innovation at the CIA.  Her comments were made in late October at The Cipher Brief’s Annual Threat Conference.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief