Share

Print

The Cyber Threat Intelligence Integration Center: America’s New Agency for Analyzing Cybersecurity Threats

  • by: Nadav Morag, PhD, University Dean, College of Security Studies
  • February 13, 2015
  • Homeland Security

Cybersecurity Threats The Obama Administration recently announced the creation of a new intelligence coordinating agency to deal with cybersecurity threat intelligence. The agency will be known as the Cyber Threat Intelligence Integration Center (CTIIC) and it will operate as part of the ODNI (Office of the Director of National Intelligence), which is headed by the DNI (Director of National Intelligence), Lt. General Vincent R. Stewart. The role of General Stewart, and the agency that he heads, is to integrate intelligence coming in from America’s intelligence community as well as to determine priorities for intelligence-gathering and focus (http://www.odni.gov/index.php/about/mission).

This kind of integration and prioritization of intelligence assets and processes is a daunting task given that the DNI has to coordinate the activities of 16 disparate intelligence agencies including the intelligence agencies of the five military services (Army, Air Force, Marines, Navy, and Coast Guard), the CIA, the FBI, the DIA (Defense Intelligence Agency, part of the Department of Defense), intelligence agencies in the Departments of State, Homeland Security, Energy, and Treasury, the DEA (Drug Enforcement Administration), the NSA (National Security Agency, America’s premier electronic intelligence-gathering and analysis agency), and the National-Geospatial Intelligence Agency.

The Cyber Threat Intelligence Integration Center will be responsible for receiving, collating and analyzing intelligence on cyber threats from the various agencies in the intelligence community and disseminating that information to federal government agencies so that they can better detect threats and cope with them. Up to this point, there has not been an entity in the federal government responsible for gathering all this information and passing it on to those likely to be threatened.  

Cybersecurity policy at the federal level has tended, as with many other matters of policy and strategy, to be centered in various agencies who tend to focus on their area of responsibility and competence and do not always have a larger view of things. Thus, for example, US Cyber Command (USCYBERCOM) is responsible for defending Department of Defense cyber systems whereas the protection of other federal government agencies' computer networks is done by the agencies themselves or by the Department of Homeland Security.  As for state and local governments, they must chiefly rely on their own cybersecurity efforts.  

Not surprisingly, given that the defense of federal government computer networks is distributed across multiple agencies, the information coming in as to cyber threats, which frequently changes daily as new threats are uncovered, does not flow to one central repository where it can be assessed and shared.  That, then, will be the role of the CTIIC. Increasing efficiency in information-sharing will better help protect federal government computer systems thus not only ensuring the government continues to operate but also that information of various kinds, that could benefit hacktivists, cybercriminals, or cyber spies, will be safer. 

The creation of the CTIIC is clearly a step in the right direction, though ultimately, government agencies need to be assessed by the impact they have over time, and it is thus too early to say what that will be.

Find out more about CTU’s Securities Studies degree programs with a diverse range of opportunities in the fields of justice, law and homeland security in both the public and private sectors.

Image Source: Flickr