U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


  1. Home
  2. News
  3. Speeches
  4. Under Secretary for Intelligence and Analysis Ken Wainstein Delivers Remarks at the Brookings Institution

Under Secretary for Intelligence and Analysis Ken Wainstein Delivers Remarks at the Brookings Institution

Release Date: September 21, 2023

Under Secretary for Intelligence and Analysis Ken Wainstein delivered the following address at the Brookings Institution:

Good morning, everyone. My thanks to you, Ben, for the kind introduction, and to the Brookings Institution for giving me this opportunity to speak here today. I also want to thank Ben and his colleagues at the Brookings Governance Studies program and at Lawfare for their consistently strong and important work in the national security space. With the complexity of the national security challenges facing our country today, their thoughtful analysis of the current threat and our public policy options has never been more important.

I would like to use my time today to provide you with a general overview of the state of the Office of Intelligence & Analysis. I will discuss how I&A is evolving to meet today’s homeland security threats, while at the same time safeguarding Americans’ privacy, civil rights, and civil liberties. But first, I want to acknowledge the 22nd anniversary of 9/11 earlier this month, and the lives that were lost and forever changed by that tragic day. 9/11 is absolutely elemental to I&A and its mission, so much so that every couple of months, a new entering class of I&A employees and I visit New York’s National September 11 Memorial and Museum. Together we discuss the lessons of 9/11, and I have the honor of swearing them in as new colleagues.

9/11 was a watershed moment in our nation’s history. It laid bare our vulnerability, demonstrating that we were no longer protected by our bordering oceans, and highlighting the need to build defenses both internally and externally. In many ways, 9/11 was reminiscent of President Roosevelt’s statement to the American people during the Nazi occupation of much of Europe, when he warned that we were entering a new era, one in which, as FDR said, “so-called impregnable fortifications no longer exist.”

This was certainly true in 1940, when the Nazi war machine easily surmounted all the defensive fortifications that were designed to contain them. It was tragically true in 2001, when terrorists evaded our defenses by infiltrating our country, attacking us from within with our own airplanes. And, it is true – and, in many ways, even more true – today, as globalization and technological advancement are extending the reach of our adversaries, allowing them to threaten our homeland without regard to national borders.

The Threat Environment

We can clearly see this globalized threat in the areas highlighted in the annual Homeland Threat Assessment that I&A released just last week:

  • In the cyber efforts by which our adversaries can disrupt our critical infrastructure or interfere in our elections from anywhere on the globe;
  • In the foreign malign influence operations orchestrated by Russia, the PRC and other nation state actors that are designed to exacerbate division and undermine our democratic institutions;
  • In the online radicalization by foreign and domestic actors who use the digital ecosystem to recruit and mobilize others to ideologically-driven violence;
  • And, in the Mexican cartel activity that is trafficking fentanyl and other lethal drugs into our country and killing tens of thousands of Americans each year.

Secretary Mayorkas highlighted the implications of this globalized threat in his speech marking the 20th anniversary of DHS, where he remarked that “our homeland security has converged with our broader national security” – making the point that the traditional demarcation between foreign and homeland-facing security missions has now collapsed into a single continuum of authorities and operations necessary to protect the American people against the increasing reach and globalization of today’s threat environment.

I&A’s Role in Protecting the Homeland

From its inception, I&A has played a critical role in the effort to meet that globalized threat environment. Our organization was established after 9/11 specifically to address the intelligence gaps that were exposed by the attacks. Numerous experts and entities – like the 9/11 Commission – examined and diagnosed the reasons for those gaps, and Congress undertook a number of consequential actions to empower us to better meet today’s homeland threat.

Congress lowered the so-called “wall” that had inhibited information sharing and coordination between our intelligence and law enforcement agencies. It codified a new definition of intelligence – “national intelligence” – to clarify that intelligence operations were no longer limited to “foreign intelligence” and that we needed a domestic intelligence capacity to detect domestic threats before they came to fruition, rather than simply investigating and prosecuting them after they harmed our people. And finally, Congress built a federal apparatus to develop this domestic intelligence capacity.

In doing so, Congress considered a number of bureaucratic constructs, including one which would break off the FBI's intelligence function and create a separate domestic intelligence agency modeled after the UK’s MI5. Ultimately, Congress rejected the MI5 option, in large part out of civil liberties concerns, and instead established the Office of Intelligence & Analysis in DHS, which was tasked with sharing information with our federal and other homeland partners and with developing a national intelligence network with those partners under authorities and limitations designed specifically for the sensitivities of conducting intelligence in the homeland.

As currently authorized and constituted, I&A has three primary missions. Those are:

  1. First, to build and maintain an intelligence program within the United States that can detect and prevent threats to the homeland.
  2. Second, to serve as an information-sharing bridge between federal law enforcement and intelligence agencies and our state, local, tribal, territorial, and private sector partners (SLTTP).
  3. And third, to operate with an intensely focused regard for privacy and civil liberties, which is a mission that is completely on par with the other two.

I will now take a few minutes to show how I&A has gone about pursuing those three missions over the past two decades.

Mission 1: Establishing an Intelligence Program

In furtherance of the first mission, Congress constituted I&A as an intelligence agency in the federal Intelligence Community. I&A then developed the capabilities to operate in each stage of the intelligence cycle – the setting of intelligence requirements; the collection of intelligence related to those requirements; and the analysis, production, and dissemination of intelligence products. I&A has done an admirable job of creating capabilities in each stage of that intelligence cycle.

Setting of intelligence requirements: Per its mandate to meet the intelligence needs of our state, local, territorial, tribal and private sector partners, I&A serves as the voice for those partners in the Intelligence Community’s prioritization process, ensuring that their homeland security priorities are reflected in the operative requirements that direct the intelligence activities of the IC and DHS. These voices join those of the traditional intelligence consumers, such as the President, the Joint Chiefs of Staff, and Department and Agency leaders.

Collection of intelligence: I&A then collects intelligence related to those requirements. Importantly, however, it does so without the search and arrest powers or the covert collection authorities that some other IC agencies can employ. I&A’s collection activities are already significantly limited by executive order, with strict requirements that we must be completely overt in our collection or collect from publicly available sources.

While observing these safeguards, we have collected some vitally important information in recent years:

  • In 2022, I&A located and shared the manifesto of the individual responsible for the mass shooting at a grocery store in Buffalo, providing key situational awareness to our partners as they tried to assess the threat and its dimensions.
  • Earlier this year, I&A personnel worked with CISA to share information on an ongoing attempted ransomware attack with a university, which subsequently helped to prevent the attack.
  • And just this summer, I&A officials partnered with CBP to interview individuals detained along the southern border, netting critical and detailed information about migrant smuggling operations being run by Mexican cartels and about specific individuals and organizations trafficking fentanyl into the United States. Those interviews resulted in referrals to law enforcement and more than 200 raw intelligence reports to our IC, DHS, and homeland partners around the country.

Analysis, production, and dissemination of intelligence products: In the next stage of the intelligence cycle, I&A analyzes the intelligence it collects or receives from other agencies and partners and generates intelligence products that are designed to provide our customers with “decisional advantage” over our adversaries. I&A’s analytical products have always been the bread and butter of our work, and just last year I&A established a new office – the Analytic Advancement Division – to focus on enhancing the quality and utility of those products. We are already seeing significant improvement, both in the quality of their content and in the feedback they are generating from our customers.

Mission 2: Building an Information Bridge to Our SLTTP Partners

I&A’s second foundational mission is to build and develop the information sharing bridge to state, local, and private sector partners that was largely lacking before 9/11. Over the past twenty years, I&A has built that bridge across the country with both its systems and its partnerships.

On the systems side, it has developed the Homeland Security Intelligence Network – or HSIN – which provides on-line access to over 50,000 unclassified intelligence products for our SLTT partners, both on their desktops and now on their mobile phones with our new HSIN app.

And, on the partnerships side, I&A has developed the operational relationships that break down the silos that have historically impeded coordination and information sharing. As Secretary Mayorkas often says, DHS is a “department of partnerships,” and nowhere is that more true than at I&A. Throughout its existence, I&A has prioritized partnerships and has forged meaningful relationships across the country. To further that effort, we recently elevated the partnership function within the organization, creating a Deputy Under Secretary for Partnerships and bringing in Boston Police Department intel veteran Dave Carabin, who is already taking steps to expand and deepen our partnership network.

Mission 3: Protecting Privacy and Civil Liberties

Our third critical mission is protecting privacy rights and civil liberties. As I mentioned, I&A was designed with strictly limited powers and authorities, reflecting the sensitivities of its role as an intelligence organization in the domestic domain, where constitutional concerns are most pronounced. Among the members of the Intelligence Community, I like to say that I&A is the “kinder, gentler” intelligence agency, operating under strict limitations, as dictated by Executive Order 12333 and its Attorney General oversight guidelines.

Over the years, I&A developed an internal oversight mechanism to ensure its operational adherence to those limitations. When compliance concerns were raised in 2020, my predecessor John Cohen and others took steps to strengthen that oversight function. They doubled the number of intelligence oversight officers within I&A, developed new and stronger training programs on privacy and civil liberties, and brought in two ombudspersons, a regular ombuds and an intelligence ombuds focused on soliciting and addressing concerns about politicization or any other improper influence in the intelligence process.

When I joined I&A in the summer of 2022, Secretary Mayorkas instructed me to conduct a “360-degree review” of the organization, with a focus on scrutinizing I&A’s privacy and civil liberties protections. To do that review, we brought in three senior advisers with extensive backgrounds in intelligence and intelligence oversight – CIA and Hill veteran Steven Cash, former DHS General Counsel Stevan Bunnell, and former National Counterterrorism Center Director Russ Travers. They helped me in consulting with both outside experts and internal I&A personnel to get input on the direction of I&A. This 360-degree review is already resulting in privacy and civil liberties progress across a range of operational areas.

Collection: Much of this progress has been focused on our collection operations, which so directly implicate our privacy and constitutional rights. First, in our overt human collection program, we have undertaken an in-depth review of the rules and procedures to ensure they provide the level of governance needed for such a sensitive area of operations. Second, in our open-source collection program, we are doing a similar review, with a focus on providing our collectors with clear guidance on the distinction between communications that are protected from collection, and those related to a homeland threat that are not. This is a critical distinction, especially in relation to threats like domestic terrorism, where so much of the violence arises from political thought and speech that fall squarely within the core protections of our First Amendment. Third, in our field operations around the country, we have outside experts doing a complete review to ensure strong, centralized oversight of their activities. And finally, to enhance the supervision of our collection activities, we recently established a new collection division and appointed as its leader a highly respected 20-year veteran from the CIA who is bringing a heightened level of rigor to those operations.

Analysis: We are bringing that same renewed oversight focus to our analytical operations as well. For over a decade, our finished intelligence products have been subject to review for privacy and civil liberties concerns by four different DHS offices – the Office of Civil Rights and Civil Liberties, the Privacy Office, the General Counsel’s Office, and our Intelligence Oversight Office – before dissemination to our partners. At the direction of the Secretary, we are now expanding that process to conduct equivalent reviews of finished intelligence products produced by DHS components. That effort is well under way with the support of our new Intelligence Enterprise Program Office, which is tasked with coordinating and sharing best practices among the Department’s intelligence elements.

The Transparency and Oversight Program Office: To fully institutionalize all of this progress in privacy and civil liberties oversight, we recently established the Transparency and Oversight Program Office in the front office, led by a highly respected veteran DHS attorney, Andy Fausett, who reports directly to me. This new office consolidates all the oversight functions that were previously dispersed throughout the organization – the eight members of the Privacy and Intelligence Oversight Office, the two ombudspersons and the personnel handling FOIA requests, congressional oversight and GAO and Inspector General inquiries – and elevates their role within the organization. With that new office and with Andy’s appointment, we now have a strong voice for oversight and compliance in all of our front office decision making and policy conversations.

These oversight enhancements all flow from our recognition that homeland security can be achieved only in conjunction with the protection of privacy and civil liberties. Some like to say that the two principles are at odds, that there is an inherent zero-sum trade-off between freedom and security.; We at I&A don’t buy that. We feel that both can and must be pursued at the same time. We cannot have a truly secure country if we ignore the values that made our Nation strong in the first place.

As someone who spent the better part of 15 years as a federal prosecutor, this dual mission is not a foreign concept to me. Just as I had a sworn and equal duty as a prosecutor to both pursue conviction of the guilty and protect the rights of the accused, we at I&A have a sworn and equal duty to both prevent threats to homeland security and protect against incursions into our rights and freedoms. With that duty in mind, my I&A colleagues are executing on the founding vision behind our “kinder, gentler” intelligence agency, and are making transparency, civil liberties, and privacy the foundational elements of intelligence tradecraft in the domestic operating environment.

As you can see, we’re working hard at I&A these days to execute on that founding vision. To gain support for that effort, we have been engaging with Congress and asking for the legal authorities we need to protect the homeland. As you may know, there have been efforts in recent years to limit our authorities in a way that would endanger our ability to perform our critical missions. We have been making the case against those efforts. Just as our fellow agencies in the Intelligence Community are currently arguing – and authoritatively demonstrating – that renewal of the surveillance authority in Section 702 of the FISA Amendments Act is critical to national security, we have been arguing that the maintenance of our authorities is critical to prevent a return to a pre-9/11 state of unreadiness in the homeland.

In making that argument, however, we also acknowledge what was a clear lesson of the post-9/11 era: i.e. that intelligence authorities need to be packaged with sufficient oversight to assure Congress and the American people that they are being used appropriately. With that lesson in mind, we are asking congress both for the authorities we need to do our job, and for the oversight requirements that will secure the public’s acceptance of those authorities and make them sustainable into the future. We are hopeful that the wisdom of that approach – along with the commitment to civil liberties reflected in the initiatives and reforms I have just laid out – will persuade Congress to entrust us with the balance of oversight and authorities we need to protect the homeland.

So, that is the state of I&A today. In short, it is in a state of positive change as it adapts to the evolving threat environment and to the recent reforms to the organization. At the same time, it is exhibiting a very important attribute – a willingness to change and to improve. As we all know, it is not easy for a government organization to embrace change. But that is exactly what this organization is doing at this point in its history. And that is one of the many reasons I am proud to be part of this organization and to be counted among the I&A professionals who do so much to protect our homeland security each and every day.

Thank you very much.


Last Updated: 09/21/2023
Was this page helpful?
This page was not helpful because the content