Obama Administration to Create New Cyber Security Agency to Improve Threat Intelligence Sharing
The U.S. government is establishing a new federal agency tasked with correlating threat intelligence information and providing analysis of cyber-security risks.
The new agency will be known as the Cyber Threat Intelligence Integration Center (CTIIC), and was officially announced today by Lisa Monaco, assistant to the President for Homeland Security and Counterterrorism, during a speech at the Woodrow Wilson International Center for Scholars in Washington, DC. According to Monaco, the center will be under the control of the Director of National Intelligence.
In essence CTIIC will serve the same function for cyber-security as the National Counterterrorism Center does for terrorism in that its focus will be integrating intelligence about cyber-threats and providing analysis to policymakers and operators, she explained.
“Currently, no single government entity is responsible for producing coordinated cyber threat assessments, assuring that information is shared rapidly among existing cyber centers and other elements within our government and supporting the work of operators and policymakers with timely intelligence about the latest cyber threats and threat across,” she said. “The CTIIC is intended to fill these gaps.”
The center will not collect intelligence; it will only analyze and integrate information already collected by other sources, she added.
The move follows a renewed public emphasis by the Obama administration during the past month in the area of cyber-security. In January, the administration outlined multiple proposals, including creating a national data breach standard requiring companies notify customers within 30 days of discovering their information has been hacked.
Lance Cottrell, chief scientist at security firm Ntrepid, noted that the CTIIC must be “carefully crafted” in order for it to have a real effect on cyber-security for American businesses.
“Right now the responsibility for cyber security is distributed between the NSA, CIA, FBI, and DHS, among others,” he said. “When we see five different organizations with overlapping and conflicting responsibility for an issue, we often respond by saying that there should be one new organization which can take control and coordinate the others. The unfortunate reality is that you often then have six different organizations with overlapping and conflicting responsibilities. This new organization has quite a challenge before it.”
Harry Sverdlove, CTO of Bit9 + Carbon Black, called the creation of an agency designed to correlate threat intelligence information a positive step.
“The creation of a new federal agency (CTIIC) to centralize intelligence sharing and response to cyber threats shows the heightened importance cyber security has in our society,” he told SecurityWeek. “As last year’s high-profile incidents revealed, cyber-attacks can be an existential threat to both public and private interests. When international crime syndicates or nation-states are involved, response must come at the federal level. Directionally and strategically, creating this new agency is a good thing.”