A Call for New Open Source Leadership

By Matt Scott

Matt Scott is an Army intelligence veteran, and co-founder and president of MissionTech Solutions, an Avantus Federal Company. His expertise includes delivering and scaling emerging technologies and data-driven mission capabilities for the U.S. Intelligence Community. Prior to founding MissionTech, he held leadership positions at Booz|Allen|Hamilton and PricewaterhouseCoopers. Scott is a member of the Center for a New American Security (CNAS) Board of Advisors, and is a Trustee of the Intelligence and National Security Foundation where he has led public-private partnership efforts on Intelligence Community data, mentoring and diversity. Matt is an alum of Syracuse University’s Maxwell School, where he earned a Master of Public Administration and a bachelor’s degree.

OPINION — Today’s Intelligence Community (IC) open source capability is neglected, structurally compromised, and wholly inadequate to protect the United States. The failure of open source over the last two decades, to keep pace with the digital domain, is a failure of leadership and of strategy, and it can only be corrected by a deliberate change of course and plan of action from the Director of National Intelligence (DNI) down.

Seventeen years ago, in the wake of massive national security failures, ‘The Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction’ wrote to the President that “… we believe that without an institutional “champion” and home, open source will never be effectively used by the Intelligence Community.” 

The Commission, which included national security icons John McCain and Richard Levin, has been proven correct. Anemic attempts at DNI leadership through a rebranded ‘DNI’ Open Source Center followed by a quiet Central Intelligence Agency (CIA) retrenchment and ad hoc grass roots efforts in the Department of Defense (DoD) should be unacceptable to the nation’s leaders who need open source to accomplish the National Security Strategy. This is especially true as those leaders have been warned by academics, that they are losing their intelligence advantage and need open sources to get it back.

The failure of open source to rise to the moment over the last two decades, is often bemoaned as a “culture problem.”  This tired but popular narrative runs that the government workforce and industry are resistant to change, happy to continue executing tradecraft the way their predecessors did during the Cold War, and dismissive of open source.  But to blame a workforce and supporting industry for the failure to lead themselves through transformative times is a cop-out. 

Over the last twenty years, while study after study (and now studies of studies) highlighted the criticality of open sources to the nation’s security, the IC’s leadership shaped its modern open source capability.  In doing so, they put in place an organizational structure, classification culture, and stand-off mentality that collectively prevent the discipline from catching up to and keeping pace with the digital domain.  These decisions and others must be undone for open source to succeed and for the nation to maintain its intelligence advantage. 

Get your 10-minute daily national security brief with Suzanne Kelly and Brad Christian by signing up for The Cipher Brief’s Open Source Report Daily Newsletter or by listening to The Cipher Brief’s Open Source Report Podcast wherever you listen to podcasts.

Organizationally, the responsibility to improve the effectiveness and efficiency of IC open source is delegated by the DNI to the Director of CIA who serves as the IC’s open source functional manager.  While the Director of CIA has historically been a capable professional, they have competing priorities to manage. 

Within DoD, the Defense Intelligence Agency is the lead component for open source.  But a study by the Government Accountability Office concluded that no one fully knows what that means.  The reality is that no senior IC leader wakes up each morning thinking about how to advance the discipline.  The ultimate result of this arrangement is that open source is treated as a secondary or supporting intelligence discipline (or ‘INT’) instead of a main effort.  Strategy and decision-making are left to de facto consensus by bureaucrats below the interagency level who value legacy ‘INTs’ and workforces over new, and who are un-incentivized to make necessary changes.  When it is time for accountability or to make hard choices, they fall back on chartering another study.

A secondary result of the lack of a dedicated open source leader is the dispersion of tradecraft, talent, tools and financial resources across agencies and departments.  Pockets of excellence exist in cyber organizations, in open source intelligence (OSINT) groups, in the National Geospatial Intelligence Agency, in information operations teams and generally wherever independent mission units exist. 

These pockets sometimes do great things because open source is critical to mission.  But these pockets do not regularly coordinate their activities or investments, share best practices or tools, or nurture their open source workforce expertise.  In some ways, these pockets actually make it harder to achieve scaled successes because their more tactical wins are held up by IC leaders to excuse the status quo.

Over classification, and the strategic and everyday decisions to execute open source work from a perspective comparable to the legacy intelligence disciplines are an equally pernicious impediment to keeping pace with the digital domain. 

Open sources are by their very definition, open.  They are often available freely or by purchase, and they are often maintained by companies, individuals, countries and institutions whose interests align with the US government.  Perhaps in part because IC open source is led unimaginatively from the middle of CIA’s bureaucracy, it is chronically overclassified.  Its workforce is housed physically apart from the rest of government and of industry, their methodologies and tradecraft are developed slowly on isolated networks, and their production is largely restricted to limited numbers of cleared government officials.  Today’s open source leaders below the national level are not incentivized to change this arrangement.

Practically, this classification approach has held the open source discipline back by reducing the available talent for technology, analysis and new ideas.  It also limits and slows sharing and collaboration within and outside of government, in the US and abroad.  At a macro level, classification further creates barriers between the US government and the enduring strengths that make America great – innovation, market capitalism, and individual freedoms. 

Where the IC’s open source capabilities could be rooted in transparency and collaboration in new forms of partnerships across allied governments, industry, academia and civil society, instead they are positioned to continue deepening secrecy and mistrust.  It need not be this way moving forward.

Subscriber+Members have a higher level of access to Cipher Brief Expert Perspectives on Global Issues. Upgrading to Subscriber+ Status now.

The IC’s risk approach to the larger digital domain and through it, access to open source data and tools, is a third example of how IC open source leadership has made strategic decisions that stymie the discipline’s progress. 

Rather than operate physically in the domain, as the IC would, a foreign country and the military does the air, sea and land domains, the digital domain is studied from a distance.  Rather than explore the world’s data and software natively, the IC, in general, operates from SCIFs and samples the domain through careful data transfers and pilots.  Rather than truly partnering with innovative commercial industry, it wastefully acquires and manages contract labor-hours. 

This stand-off, distance learning approach is the result of legacy ‘INT’ thinking and risk intolerance as well as perhaps some legal authorities that mid-level IC leaders are ill-equipped to navigate.  It severely inhibits the abilities of the IC workforce and its technologies by throttling the pace of open source innovation to the speed of top secret government.

Leadership and strategy that leaves open source a secondary INT, overclassifies its activities, and keeps the discipline’s practice at a stand-off from the digital domain, has caused the IC’s capability to fall behind.  This has happened at the same time that commoditization of technology and democratization of intelligence have handed adversaries potent new intelligence tools, challenging overall US advantage. 

But these challenges to the discipline to keep up with the digital domain are not insurmountable.  Private western companies and journalistic entities, for example, have recently stood up new open source capabilities with fractions of the US government budget which are arguably having greater impact—see Ukraine for one case study. 

Because the challenges to the IC’s open source capability are largely structural and caused by leadership, new leadership and championship are required.  Perhaps, 17 years ago, in the wake of 9/11 and the US invasion of Iraq, the stakes for neglecting the US’s ability to understand and answer key questions using open sources were high–but not paramount. 

Today, those stakes truly could not be higher.  The stakes are no less than the nation’s ability to operate at an intelligence advantage over its competitors.  The time to adjust course drastically at the DNI, CIA and DoD leadership levels is now, and doing so must start and be driven by the top.

Have an informed opinion or perspective to share on a national security topic?  Drop us a note at [email protected]

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Related Articles