Between Defense and Intelligence

The borders between the intelligence and defense worlds are blurring. Yaron Tchwella of NICE on the future of the field
Between Defense and Intelligence

"We are beginning to notice a connection between 'Safe Cities' and the protection of important assets and intelligence capabilities," says Yaron Tchwella, President of the Security Group at Nice Systems, in a special interview with IsraelDefense.

Yaron Tchwella refers to a major issue that preoccupies technological corporations and defense agencies worldwide: the blurring of the traditional lines between the 'classic' intelligence and defense worlds and what is now referred to as Homeland Security – HLS. Moreover, he says that systems developed for intelligence and defense needs are currently used for economic needs as well. Information obtained for security needs can save money and even serve as a revenue-enhancing source. For example, systems that record the number of people present at a certain train station in the context of the station's security needs can be useful for effectively planning the train timetable.

"Organizations take a giant mental leap as to where they would like to be, how to link open sources and how to sell an open-source intelligence collection system to a business so that they may be able to know what's going on. This is the fusion of sector boundaries that become increasingly more blurred. A business wants business intelligence, and a lot of information is available on the Internet – but how do you reach it? The challenge today is, to a considerable extent, how to derive insights from the open-source information."

The interview with Yaron Tchwella was conducted at the offices of NICE Systems in Raanana. Tchwella has been serving as the president of the company's Security Group for nearly two years. In the past, he also served as president of Comverse. NICE's Security Group, which he now heads, is regarded as a primary supplier of systems to the various intelligence agencies of Israel. A major share of these systems cannot be discussed openly, for information security considerations.

A Flood of Intelligence Information

"The intelligence arena is undergoing some significant changes," says Tchwella. "The situation today is asymmetric: a small organization can operate against states on the cyber field. You do not need 4,000 tanks on side A and 3,000 on side B – a handful of people can sit behind a laptop computer somewhere far away and operate against major organizations. Another phenomenon is globalization – borders do not exist anymore when you connect to the Internet world.

"In the technological fields, you can see a true revolution. Today, people are accessible anywhere in the world. They regard their iPhone as a computer, not just a mobile phone. In fact, if the intelligence agencies could monitor the cellular phone traffic and SMS messages – it would have been good. However, a new application for sending messages, for communicating, and for sending Email or SMS messages, becomes available almost every day. Communication is being broken down into fragments. Namely, I can send an SMS message and then go over to WhatsApp Messenger and ontinue the conversation there. You must constantly monitor all of these communications to draw information, and we are speaking of many, many channels. Today, communication is divided into small segments, split into many different methods and means of communication.

"The greatest challenge stems from the fact that this communication is beginning to be encrypted – Skype and other services, for example. In the past, if you saw that something was encrypted, you would have thought that it was important. Today, nearly everything is encrypted, and then you have to know what is of any value and what you should not spend your time on.

"Additionally, if you look at the amount of traffic a certain individual generates today – in the past, he would have generated 10 phone calls. Today, you are looking at something much more extensive. "We have very complex software systems capable of deriving insights from a massive amount of information, and we are beginning to look at phenomena of patterns that are starting to appear anomalous, and we believe it is a trend.

"However, the amount of information is massive. We are trying to do a number of things. One is to track a target or a threat, but we want to identify whether there is a new target – an unknown one, out of patterns that are anomalous, and begin to analyze and understand what is happening in this world.

"We invest heavily in the field of IP, in the field of monitoring, in the development and manufacture of algorithms for handling Big Data and for handling the Metadata – not necessarily the actual contents. We are developing two capabilities – one at the content level, and the other the ability to begin to understand insights regarding the amount and type of communication, out of a massive amount of Big Data – not necessarily its contents."

Do you also include data fusion in it?
"Yes, we engage in fusion from several sources. The company possesses the capabilities required to handle banks, for example - financial intelligence, to try and understand the fusion between communication systems and finance and physical security. One example is if the city has Safe City cameras – whether all of these things can be connected."

Intelligence & HLS Is this of interest to governments, too, or only to business organizations?
"Information obtained from open sources is highly important to government agencies as well. Systems capable of producing insights from these sources are highly important. People think that a lot is happening in the Internet world, that things can be organized through the web, like a mayor who wants to know how popular he is – all through the Internet."

So you collect the open source intelligence. What do you do with it?
"If we sell an OSINT system to a certain client, we will 'custom tailor' the system for that client. We work with him on what he wants to look for. If we look at a neighborhood, for example, we will begin with the relevant searches so that the information obtained is refined. However, the system will still be learning its own capabilities initially. Thus, after a week of searches, for example, we would see how the information becomes much more refined and how the system becomes more focused on the information you are looking for."

"Another thing you will be able to see is that we are involved in Safe City projects."

Security Systems
NICE Systems is also very active in the field of advanced security systems. Very few people are aware that the common denominator between the Statue of Liberty and the Eiffel Tower, two of the world's most famous tourist attractions, is the fact that both are protected by an Israeli security system. Hundreds of surveillance cameras, installed in every corner of these sites, are linked to a central control system. The "brain" of the system can automatically identify suspicious developments and then start to track them. In retrospect, the system will draw the route of the suspicious object on the display screen. Video images will enable ongoing analysis of the situation at the site, every second and in every corner.

The company behind the systems in Paris and New York is NICE Systems, which is regarded as one of the world's largest software and security firms, with 25,000 clients and 3,000 employees. In addition to those tourist attractions, the company's systems are also deployed at airports around the world and guard government installations such as the Indian Parliament building. The Security Group is one of the company's most important elements, and is also involved in numerous civil fields of activity.

A few months ago, NICE unveiled its PSIM (Physical Security Information Management) risk management system. The system enables the user to track a large number of objects, such as vehicles, aircraft, ships or objects picked up by radar or various other sensors, in real time.

The systems were designed to conform to the strictest standards in effect in the US, and are adapted to the needs of specific sites, such as national infrastructure installations, where security is critical, or a specific airport. The main challenge for any command and control system is to be able to identify a problematic incident before it develops, based on early indicators the computer can detect and identify. "Over all, people understand that technology is critical and you must know how to use it effectively. You need to know how to effectively utilize Big Data you can obtain through the technology. You need to find a needle in a haystack, but sometimes you do not even know what the needle looks like. Refining insights from the sea of information – this is the subject we decided to advance, how to draw insights in order to be influential."

What about the classic world of intelligence?
"We will present our analytical capabilities for video, data and audio. In the field of audio, we have very complex audio technologies – one for intelligence applications – identifying the speaker, the language, the gender, the age. We have technologies capable of identifying words, emotions, tone and emotion – for example, someone calling a service center and telling the service representative: 'I am leaving', etc. You are trying to refine how to reach the relevant information faster, out of the ocean of data. This is the analytical capability – the ability to filter the minimum information you need to reach something that is relevant, out of that ocean of information, something that can have an impact on your business – very quickly. This is very interesting for classic intelligence gathering organizations."

What about non-pattern texts?
"You can apply this to fax transmissions, Email messages - any information that is textual. It has an accuracy rate and a false alarm rate. We are searching in everything that passes through us. We monitor the databases of corporations. We collect the information and try to draw insights from it. For example, how many incidents of theft happen at certain branches of a company, then add this up and say – we have 20% new employees here, so there is a correlation between the new employees and store inventory shortages. Our place is where normal people no longer have
the ability to process the information. Even an organization wishing to improve its business operations must look at analytical systems – at data, to use these insights to improve the efficiency of the business. Our main goal is to produce systems whose insights are not based on retrospective analysis, but rather on the ability to foresee that something is going to happen and to attempt to prevent it before it happens."

Can you deal with this challenge?
"We can, but partly, not in all of the arenas. We try to shift the knowledge center from a state of retrospective analysis to a state of forecasting."

These trends are much more than just a by-product…
"I said the lines are becoming blurred. When you invest in security, the investment has already been made. You have already installed the cameras – so let's see what can be done with them. The first leap is to people's safety and convenience. At this time, not many of the people we talk to fully understand this, but the dialog leads them to thinking about where they can go. Security is the 'bread and butter', the question is how to gain more value and produce more value for the clients."

Has there been a breakthrough in the field of voice recognition, from the technology perspective?
"I cannot elaborate, but we invest in algorithm technology – we participate in the Chief Scientist's programs, but we cannot discuss anything yet."