What Australia’s intelligence community wants for Christmas: a secure private cloud
18 Dec 2020|

Christmas sometimes brings presents you don’t expect—this year, for me, an excitingly titled ‘Request for expressions of interest’ that appeared on AusTender is one of them. It’s about Australia’s peak intelligence agency, the Office of National Intelligence, beginning an essential, radical and rapid shift into cloud applications and services at the highly classified top secret level of capability. That’s big news.

It’d be interesting but not so important if this approach were just about ONI, but it’s not. The AusTender documentation says the aim is for all 10 agencies that make up Australia’s national intelligence community to be part of a highly secure private cloud.

This is a recognition of two things by ONI—and no doubt by the prime minister (whose portfolio includes ONI) and cabinet’s National Security Committee. The simple power of cloud services and software is essential for Australia’s intelligence agencies if they are to remain capable actors in today’s technological environment. And a secure private cloud across the 10 agencies maximises the ability to combine their top secret, secret and open-source datasets. Both things were at the heart of the ASPI report John Coyne and Albert Zhang wrote with me back in May.

That shows a foundational understanding that Australia’s intelligence agencies can only retain their ability to give the Australian government ‘insight advantages’ over others by combining the unique classified datasets collected by agencies with open-source data everyone else can access. Doing this involves using new analytic tools and techniques to complement the expert human analyst approaches that are common across the intelligence world.

The request from ONI puts this pretty simply, saying, ‘The NIC is seeking to accelerate its ability to transpose and extract relevant data from complex data sources. It sees common toolsets for data filtering and manipulation to extract relevant useful information as a force multiplier.’ It later notes that the private cloud will need to use robust cross-domain processes to shift data—and applications—from the ‘low’ unclassified side to the ‘high’ side to work with classified data and applications.

Conceptually, ONI understands that the advantage of any private cloud approach comes in part from aligning it to the ‘public cloud’ services and approaches used much more widely. That’s because it allows interesting software applications and other innovations developed in the wider world to be moved rapidly into the intelligence agencies’ systems, after verification around security. ONI calls this being able to develop on the low side and apply on the high side, to allow our intelligence agencies to take advantage of rapid change in the external technological environment. This will help any initial private cloud system remain capable over time.

The concept of aligning with approaches used at scale in the wider world continues into how this powerful new infrastructure and software as a service will be purchased. It’s refreshing to see the Australian government moving ICT procurement out of the ‘boom and bust’ capital procurement world, where a large upfront investment gets companies to build big systems and then the government ekes the capability out of legacy systems over an extended period, before recapitalising at scale and doing the whole thing again.

Instead, ONI wants a minimal upfront cost, with payment for cloud applications and services being made as personnel in agencies ‘consume’ them. And it wants the charges for this demand-driven approach to ‘align’ with the costs of cloud services in the wider world.

ONI has clearly also looked at and learned from the experiences of cloud users elsewhere in the Australian government and of Five Eyes partners like the US and UK. So, it’s deliberately not after one big proprietary partner that delivers the cloud infrastructure, services and all the software. Instead, at least at the services level, it wants the ‘multivendor’ approach that the US and UK have both moved towards for software and apps, where these tools are provided by third-party developers to be used by intelligence agencies on the new cloud platform.

The news is good for Australian sovereignty. Any provider has to deliver a solution that is hosted in Australia, geographically dispersed, and able to operate disconnected from the wider world, with this managed by holders of Australian security clearances. That’s not a trivial requirement for ‘hyperscale’ global cloud providers, as it means they can’t build a solution around software and services flowing to other parts of the globe using their dispersed technical infrastructure without Australian agency control or visibility.

And there’s a low-key reference to something that should have not just Australian human intelligence operators in a place like the Australian Secret Intelligent Service interested, but also have the attention of the huge defence organisation. The AusTender document talks about a priority being ‘edge computing’. That term wraps up a lot. It’s about this cloud approach going mobile, not just being for Canberra HQ. And so it probably means baking 5G-type functionality into the intelligence community’s technology base.

So far, only 5G technology (and 6 or 7G in the future) can really deliver the powerful edge computing capabilities ONI seems to want for the intelligence agencies. And that type of capability is exactly what Defence needs to release the power of its huge data pools and deliver combat effects for a military that needs to be mobile and present across our region. So, any aspiring providers of this new secure private cloud will need to have designed their approach to work with 5G as a core design principle—and if it delivers, there’s a much larger market for the approach in Australia’s wider national security community.

What might go wrong or be an obstacle to delivering the effects that this new approach promises? As usual, the big risks are not about technologies or systems but about the people using them. In this case, there’s a risk that the multi-tenant approach ONI is asking for could result in individual agencies building big ‘private rooms’ in the intelligence community cloud and doing less than they should in the collaborative—family room—part of the cloud.

You can see that’s a real risk if you have waded through much of the Tolstoy-length intelligence review released earlier this month, which observes, ‘Too often, Australian agencies look over the fence and want what another agency has so that they can, effectively, do their own thing in isolation of others.’

Overcoming that tendency is a matter for leadership: agency heads across the national intelligence community need to show by personal example that they get the essential ideas that this new approach from ONI brings—even as it means their individual agency ‘silos of excellence’ must cede some control (and a lot of data) for the common good.

ONI has given potential providers a busy Christmas, because it wants responses by 8 February and then seems ready to run a rapid procurement process from there. While that may be putting pressure on providers’ holidays, I’m pretty sure that the refreshing and well-crafted approach ONI is taking will be recognised, and may even bring a bit of Christmas joy to the staid worlds of ICT and government contracting.