Defeating ISIS on the Digital Battlefield

Clearly, the U.S. and its allies can and should meet Islamic State on the battlefield, whether in Syria or Iraq. But the war with the ISIS “virtual state”—those the terrorist organization inspires over the internet, like Omar Mateen in Orlando—will be much harder to fight and will go on long after ISIS ground forces are driven into mountains and caves.

This virtual phase of the war is going to require a massive intelligence effort based on a deep capability to look into real-time human behavior in the digital world: what people are saying on social media, what people are browsing on the web, where people go, what they buy, who they chat with. Only through a significant investment in monitoring the digital fingerprints of all of us will we be able to identify patterns of behavior in real time that identify threats before they materialize.

In the past decade, we’ve seen rapid development in the breadth and sophistication of social media and the “dark web” that enables terrorists to go undetected. But there have been similar advancements in data collection and analysis that let us find bad actors before they strike.

The world creates 2.5 quintillion bytes of data every day; 90% of all data existing on the planet is less than 24 months old. That’s a big area in which to hide if you’re a bad actor. To find them, we will need intelligent computers to chase them through the digital landscape.

Winning this phase of the war, and keeping people safe every day as they go about their lives, will entail winning a technological space race. “Moving at the pace of government” won’t ensure our individual and collective security. We need a more formalized public-private partnership with the focus of the Manhattan Project and the funding of the Mercury and Apollo space programs to study the issue, map out capabilities, assign responsibilities, guide development and allocate resources. The critical success factor here will not be the amount of money spent, but speed, efficiency and effectiveness.

We also need a public-relations campaign with two primary objectives: to disrupt and delegitimize the message of ISIS both in the U.S. and abroad, and to restore confidence in our civic institutions so law-abiding citizens can have a more productive discussion about the balance between data privacy and security in America.

The U.S. has competent, accountable and well-intentioned intelligence capabilities. We need to turn them loose on this threat using the latest in data science and artificial intelligence. Anyone who has worked in or near the U.S. intelligence community can attest to the fact that no one there is interested in “your damn emails,” to quote Sen.Bernie Sanders. Rather, they work 24/7 looking for threats that could manifest themselves as catastrophically as they did this month in Orlando.

The U.S. bombing campaign and eliminating ISIS strongholds in Iraq and Syria will hurt the terrorists’ cause substantially. But it won’t prevent another Orlando. We also have to attack the “virtual state” on the digital battlefield and degrade its message and capability to influence the lone wolf, finance a cell or purchase a weapon of mass destruction.

Mr. Woolsey is chairman of the Foundation for Defense of Democracies’ Leadership Council and a former director of the CIA. Mr. Register is CEO of Sapient Consulting.