A CIA official involved in the agency's new venture capital firm said Wednesday that there has been "crushing" interest in the company's efforts to harness innovations aimed at addressing the spy organization's technology needs.
Since the CIA's venture capital firm, In-Q-It, was launched in April, it has received more than 400 inquiries and proposals from government contractors, small entrepreneurial firms, venture capital companies and others, said Basil Scott, technology director with the CIA's Q Interface Center.
The CIA launched In-Q-It to help fund the development of innovative solutions to let the agency stay ahead of technology and the unforeseen threats it may pose. Problems In-Q-It wants to solve include developing a system for allowing agents to surf the Internet anonymously and privately, and creating better search and retrieval technologies as well as information security measures.
Scott acknowledged that some companies may not want to do business with the agency for fear that a company linked to the CIA may build a feature into a product that would allow it to spy on them. But he said following a speech at a conference on computer security and privacy at government agencies that "probably only 2 percent" of firms fall in that category.
Scott, however, noted that In-Q-It has some of the same security issues, saying that the CIA is concerned about using software or computer systems with bugs or viruses that could compromise the agency's communication systems.
"How do you know there's not a trap door or a time bomb in your system?" he said. "You don't know."
While In-Q-It is an unclassified operation, it does have unique security concerns that must be addressed, which have slowed down the firm's ability to get off the ground, Scott said. For example, he said the venture has yet to launch a Web site because it wants to ensure there is as much protection from hackers as possible.
He said the company knows it will be a "target" for attack. In fact, the company already has received more than one "clearly suspicious proposal," though he would not provide details.
Alan Paller, director of research with the SANS Institute, an education and research organization focused on network security issues, discussed the vulnerability government agencies face from cyber attacks and ways they can address the issue.
He said many government agencies have bought into a myth that hackers are only going to focus on the Defense Department and similar agencies.
"DoD is tough to attack," he said. "It's easier [to go after other agencies] because you don't do anything about it."
Paller suggested that agencies focus on three or four of the biggest holes because hackers tend to focus on the same entry points.
"Hackers are lazy, too," he said.
NEXT STORY: Budget Battles: Social Security dipping