Privacy, IT challenges in Dept. of Homeland Security

Securing huge volumes of new information, protecting the privacy of citizens and migrating to a unified technology architecture are just a few of the problems confronting the Bush administration and the federal government in setting up the new U.S. Department of Homeland Security, according to Robert Shepherd, director of information integration in the White House Office of Homeland Security.

Shepherd gave the opening keynote address at the Infosecurity 2002 show Wednesday in New York City, taking the place of scheduled speaker Steven Cooper, CIO of the White House’s Office of Homeland Security, who was not able to attend.

The Bush administration is currently in the process of creating an “enterprise architecture” for the new department that will define the way information is stored, handled and distributed within the new department, according to Shepherd.

“One objective we all have is to attempt to do this using a world-class approach and using best lessons learned in the private and public sector to manage the creation of something of this scope,” Shepherd said.

The White House is seeking advice from large private sector organizations that have undertaken large mergers, including Hewlett-Packard, on how to best merge the 22 separate government departments that are being folded in to the new department.

In addition to soliciting advice from the private sector, the government will also look to use existing products and technologies to create the information infrastructure of the new department, according to Shepherd.

“The idea is to leverage the daylights out of best of breed. Don’t invent from scratch,” Shepherd said.

That infrastructure will replace a maze of department-specific systems that do not currently interoperate, according to Shepherd.

The U.S. Department of Defense alone has hundreds of systems just to manage its financial information, most of which don’t communicate with each other. And each of the 22 separate agencies in the Homeland Defense Department will come with its own human resources department and systems, Shepherd said.

In addition to just collecting information, however, the new department’s systems must help those who view that information to understand and interpret it, according the Shepherd.

“It has to be that when someone queries the system, they get a response — whether that’s a person checking customs or INS or a cop on the street. And that information has to be presented in a user-friendly format. The content needs to enable the user to connect the dots.”

At the same time, however, the Department of Homeland Security will need to protect the civil liberties of U.S. citizens.

“To do this without ensuring (privacy) is to let the terrorists win. We don’t want to infringe on (privacy) to perform the duties or responsibilities of the department,” Shepherd said.

Even with a functioning and integrated technology infrastructure, however, the new department will face significant organizational challenges. Chief among them will be melding the separate cultures, identities and processes of the agencies making up the new department.

Big corporate mergers, such as HP’s Compaq acquisition, often take many months to plan and complete, Shepherd said. But the new Department of Homeland Security, with 22 agencies to meld, has only a small “core team” managing its creation and must have its headquarters up and running within 90 days, Shepherd said.

Reaction to Shepherd’s speech was mixed. Those interviewed credited the clarity of his presentation, but were left wanting more specifics from Shepherd, who did not take questions from the audience.

“I think there’s a built-in tension between the need to be protective of privacy and the need to gather information,” said Cedric Bennett, director of Information Security Services at Stanford University.

“I think I’m much more concerned about the government protecting privacy then they are,” Bennett said.