GEOINT 2022 Symposium Address

GEOINT 2022 Symposium Address

GEOINT 2022 Symposium Address

by Christine Abizaid, National Counterterrorism Center Director


Denver, Colorado

April 26, 2022

As Delivered


I want to extend a special thank you to Vice Admiral Sharp. I think this is your last GEOINT Symposium as NGA Director, and the National Counterterrorism Center and NGA have enjoyed a really strong partnership over the years, ever since our founding nearly 18 years ago, and you’ve always been a great champion of the CT community. So thank you for all that you do, we appreciate it. Thank you also to the GEOINT community for inviting me to this great event. I’ve had some time to wander the booths and see what is out there and it’s mind blowing, even as somebody that hasn’t been a government employee my entire life, for a short stint, it’s really remarkable to see where the technology is going and how much value it’s going to add to us as policymakers, as intelligence professionals – it’s incredible.


I’ve had the honor of serving as Director of the National Counterterrorism Center (NCTC) since June of last year. As someone who began my career in the Intelligence Community as a CT officer less than a year after the 9/11 attacks, the opportunity 20 years later to lead the Nation’s premier counterterrorism center is quite humbling. And I’m especially fortunate to be taking on that role surrounded by people who represent the best of what our Government’s most dedicated, innovative, and expert national security professionals have to offer.


My time as Director of NCTC coincides with an important moment of transition for the CT community: our country’s counterterrorism priorities – while critical – are no longer the driving force of U.S. national security. That’s something we should be really proud of. It is a credit to the success of our CT community over the last 20 years, and it’s an achievement our CT professionals must continue to work hard to uphold. One major attack could reverse that progress.


Today, with Russia waging literal war in Europe; an assertive and highly sophisticated competitor in Beijing; rising threats from an array of non-state actors; and the advent and accessibility of new and more powerful technologies, our CT enterprise must learn to navigate against a persistent and committed terrorist threat even as the rest of the U.S. national security community turns its attention to other major issues, especially strategic competition.


Today’s threat landscape requires that the United States be agile and capable of deterring all manner of adversary. And it demands that those of us in the CT community embrace the transition away from the CT dominance of the post-9/11 era, while responsibly managing our CT enterprise in a way that continues to protect the country from those with violent political ambitions who seek to do us harm.


With that backdrop, I’d like to talk to you about three different aspects of today’s CT fight. First, I’d like to talk a little bit about how our nation’s CT challenge has evolved since 9/11. I’ll describe a little bit about how our CT approach has evolved with it, and in particular, the role that this great GEOINT community has provided along the way. And third, I’ll discuss where our future focus must reside – in innovation and partnerships – as we build for the CT challenge of the next decade. More than 20 years after the 9/11 attacks, the threat to the homeland posed by foreign terrorist organizations is dramatically different. In many ways, the threat to our shores is less acute. No longer are we fighting a singular, well-funded, networked, ideological- committed organization concentrated in the AFPAK region of the world. That version of al-Qaida has been decimated.


In its place, however, the terrorist threat that has emerged is more diffuse, more geographically dispersed, and in many ways, more complex. Today’s al-Qaida has affiliated organizations across five major hubs: al-Qaida in the Arabian Peninsula, al-Shabaab in Somalia, al-Qaida in the Islamic Maghreb (AQIM in North Africa), Hurras al-Din in Syria, and al-Qaida in the Indian Subcontinent. One of al-Qaida’s former affiliates – al-Qaida in Iraq – spawned the Islamic State in Iraq and Syria (ISIS), which dominated the terrorist outlook from 2014 until coalition pressure denied its territorial caliphate in 2017. Today’s ISIS still remains a potent threat, not just in Iraq and Syria, but increasingly across swaths of Africa where eight of its 16 branches are now active in promoting insurgency and terror.


ISIS’s innovation was not just territorial integrity – it was particularly effective at moving away from al-Qaida’s hierarchical approach to directed plotting, and instead inspired a new generation of individuals to attack in their home countries using whatever means at their disposal. This ushered in a new challenge for the CT community: the threat from lone individuals with low signatures and lacking formal ties to terrorist groups who mobilize to violence in very unpredictable ways. Be it shootings in San Bernardino, California and at the Pulse Nightclub in Florida; the vehicle attacks along the promenade in Nice, France or on a bike path in New York City, or stabbings on a bridge in London; together these incidents serve as tragic examples of the way today’s threat is most likely to manifest in the West. As this rise of inspired attacks is growing, that is not to say that the threat of centrally-directed plotting has disappeared. Rather, it just provides the CT community another layer of complexity for our CT challenge.


These tactical shifts in the CT landscape are not the only challenges we have witnessed since 9/11. Today’s threat comes from an ideologically-diverse set of actors. In addition to violent Sunni jihadists like Al-Qaida and ISIS and those inspired by them, we remain concerned about the threat posed by Iranian state agents, their Shia militant proxies, and this is especially the case given the continued posturing by the Iranian government to retaliate for the killing of IRGC-QF Commander Qassem Soleimani. Other individuals motivated to violence increasingly emerge from dramatically different directions: for example, the threat from racially or ethnically motivated terrorists who mobilize to violence in furtherance of the superiority of the white race, that’s a growing threat, including here domestically.


So, yes, while there is more for our national security apparatus to do than just terrorism, it is also clear that for those of us that are in the CT community, we still have our work cut out for us. And, turning to our second focus area, I’m proud to say that the United States has built an effective and sustainable CT architecture that will remain foundational to our country’s ability to lead the way on CT and non-CT issues alike. This foundational architecture leans forward on collaboration and integration, in ways both formal and informal. It recognizes the duty to warn; it collocates professionals from different agencies to close seams; it drives information to the partners and operators who need it in real time; it leverages intelligence and data from multiple INTs to pull together a complete view of credible threats. It doesn’t just move at the speed of the threat, but it outpaces it to undermine terrorist plans and intentions against Americans, our facilities abroad, and the United States homeland.


NCTC is a lasting legacy of this CT architecture.We were created in the wake of the 9/11 attacks to independently analyze the terrorism threat using all available information; we were given a mandate to share this information across the CT enterprise; we were tasked with maintaining the authoritative database on known or suspected terrorists; and we were asked to ensure integration across the national CT effort through effective planning and strategy. Another lasting legacy is what the GEOINT community has brought to the table in terms of innovation, tactical awareness, and “decision advantage,” as GEN Clarke would say. GEOINT helps us to paint a picture for policymakers and operational leaders of potential CT threats. It adds context and can explain the gravity of a given threat. And it can be the difference in whether threats get disrupted or not.


Given the theme of the conference, let’s take a minute to reflect just how foundational GEOINT effort has been. Our analysts use it daily to fuse intelligence from different disciplines to understand the complexity of a situation. It allows us to marry human-acquired intelligence with technical information to understand issues more completely. This has been essential to our effort to understand the locations, movements and travel patterns of terrorists, and to understand their activities in a complex world.


Further, it has been essential to our global force protection efforts as our military achieved battlefield dominance and our diplomats have served at high-threat posts. It has been determinative in validating – or debunking – all manner of CT intelligence reporting; and it has been an essential component of our operations against high-value targets, including in the operation 11 years ago next week that removed Usama bin Ladin from the battlefield. Indeed, throughout our CT campaign – a campaign that has protected the United States from another 9/11 style attack – GEOINT has been a critical enabler of the CT community’s success.


Now, even as our CT effort has leveraged the best our Intelligence Community has had to offer, one of our greatest challenges is maintaining the ability to innovate and adapt as quickly as our adversaries, especially in an era of rapid technological advancement that has lowered barriers to entry for the use of new, powerful, and far-reaching tools. That brings me to my third point of emphasis: our CT enterprise must be positioned to leverage cutting-edge technology, ubiquitous data, and critical partnerships to raise costs for terrorists who seek to operate in this country and across the globe.


At NCTC, technological innovation must be at the heart of our mission. Fusing intelligence data on foreign and domestic counterterrorism threats – living in the seams between agencies to help the community discover and prevent attacks – this is why we were created. If this world of collaboration and intelligence fusion does not benefit (responsibly) from today’s era of digital transformation, we risk being overwhelmed by the data environment, overwhelmed by the signal to noise ratio. We must discover threat intelligence and information of value and we must build a system that navigates borderless threats with the utmost respect for privacy, civil liberties, and our citizenry’s First Amendment rights.


One way we are doing this is by modernizing our IT systems at NCTC. Whether executing the successful migration of systems to the cloud, replacing legacy systems, or working on new ways to automate the laborious process of data extraction from cable documents and seized media, we are focused on better navigating today’s information technology environment. We are also experimenting with how to use automation and machine learning to further optimize processes that protect our country, such as our screening and vetting enterprise. And alongside technology is a focus on the workforce, where we recognize the need to invest in digital expertise, data science capabilities, and a tech-literate employee base.


But even the best technology is only get us part of the way; strong and strategic partnerships are needed to ensure our community can go the distance. That means continuing to invest in traditional intelligence partnerships while increasing our engagement with non-traditional partners, whether with the private sector; state, local, tribal and territorial authorities; or federal agencies that are outside the IC. That means leaning forward to produce products for audiences that don’t live in a Top Secret world. It means investing in our NCTC program for domestic representatives and arming them with the information and infrastructure they need to grow our customer base. And it means expanding our understanding of the CT requirements across strategic, operational, and tactical echelons of the CT fight to ensure we’re providing the most objective, the most current, and the most useful insights into our terrorist adversaries.


For example, over the last year, in support of our Homeland-focused interagency partners, we have provided various US-based tech companies with strategic information regarding terrorists’ online modus operandi, key terrorism trends online, and terrorism-related hashtags, key words, and logos. Tech companies show great interest in a broad range of briefings we are able to provide from NCTC. Updates on terrorist content, tactics, and imagery improve their efforts to ensure their platforms are not vehicles for terrorist plotting and radicalization to violence.


We’ve also stepped up our efforts to operate more effectively in an unclassified environment. In February, NCTC launched a new mobile application, called aCTknowledge, conceptualized and developed by NCTC employees. This app is intended to give first responders access to accurate unclassified information about ongoing incidents, including terrorist attacks, and to serve as a repository for the unclassified CT production that our partners have increasingly demanded of us. It delivers unclassified terrorism reports and alerts to mobile phones, and provides reference training aids, mobilization indicators, and various sources of vetted information. The launch of aCTknowledge is a part of a continued push by the NCTC to improve information-sharing between law enforcement agencies at the state and local levels and put crucial threat information into the hands of those that will likely be the first to respond to a CT incident.


At the end of the day, our job at NCTC is about protecting the United States from terrorism and enabling our CT enterprise to defend against a persistent adversary, even as others in our national security apparatus shift focus to other pressing priorities. Together with our partners, we have embraced this responsibility, and we are constantly driving ourselves to close the seams, to innovate, and stay ahead of the threat.


Continued success means bringing together personnel from more than 16 agencies and then collocating their intelligence, military, law enforcement, and homeland security networks under one roof to produce the timely and integrated foreign and domestic terrorism analysis that our nation requires. It also means working with all of you.


I look forward to partnering with you to advance the CT mission and I appreciate all that this community has done to lead the way. Thank you very much.