New center to focus exclusively on cyber threats

In the face of an increasingly hostile cyber environment, the U.S. government will create an entirely new body dedicated solely to analyzing cyber threats and attacks and sharing that information with the Intelligence Community.

In a keynote address recently at the Woodrow Wilson Center, a Washington think tank, White House Homeland Security Adviser Lisa Monaco announced the creation of the Cyber Threat Intelligence Integration Center.

Modeled after the National Counterterrorism Center, whose responsibility is to identify terrorism threats and disseminate such information among the Intelligence Community (IC), the CTIIC will gather information from cyber threat analysts and disseminate it among the 17 agencies within the IC, including each of the military services. However, Monaco said, CTIIC will not collect intelligence, but will “analyze and integrate information already collected under existing authorities,” to enable existing centers to do their job more effectively.

CTIIC will be created under the Director of National Intelligence. In maintaining a “whole of government approach,” Monaco said the government needs to develop the same muscle memory in responding to cyber threats as the IC does with terrorism. Monaco, who worked at the FBI on national security issues and counterterrorism prior to the White House, believes cyber defense can be approached much the way terrorism is. CTTIC will fill the gaps between existing agencies and frameworks.

Monaco identified four elements for CTIIC’s strategy: 1) improve defenses by managing cyber risk better under the cyber security framework announced last year; 2) improve the government’s ability to respond and prevent incidents; 3) enhance international responses with greater cooperation while holding those responsible for cyber malice accountable; and 4) make the cyber domain more secure, by, for one example, eliminating standard text passwords.

Monaco also announced an initiative for greater information sharing with the private sector on matters of cybersecurity and breaches. She said the government wants private companies to provide information if they are hacked because the government might have seen a particular signature or malicious footprint before and be better equipped to remedy the situation faster. The government will not “bottle up” intelligence shared with the private sector and Monaco said she hopes the information sharing will be a two-way street where companies will not be hesitant or fear sharing their information. As an incentive for companies to provide information on hacks, the government will offer liability protection.