The Cyber Threat Intelligence Integration Center (CTIIC) in the Office of the Director of National Intelligence (ODNI) is looking to connect the dots across government to keep the country protected from cyberattacks, and to relay those threats in “plain English” to decision makers, CTIIC’s director said this week.
CTIIC does not have a public-facing role; rather it exists to advise within government on attack threats, said Erin Joe, the organization’s director, during a June 2 online event organized by Federal News Network.
“The general public will not see a CTIIC product in all likelihood,” said Joe, a former Federal Bureau of Investigation (FBI) agent, who has led the center since March 2019. “Where we provide a service is providing the information that already exists out there, and compiling and publishing it in a way that allows for the broadest dissemination possible.”
“Our biggest contribution, in facilitating decision making, is to report these threats in plain English,” said Joe, “in a way that decision makers can quickly understand, and then take action.”
CTIIC was created in 2015 by presidential memorandum, and is charged with producing analysis of foreign cyber threats, coordinating information sharing, and planning exercises to prepare government’s response to cyberattacks.
“For over a year CTIIC has been working, with others in government, to craft the scenario,” said Joe, “so that we can practice our communications, our collaboration, our authorities, our capabilities, well in advance of an event.”
She gave the example of coordinating for a cyber event that has physical effects with the Federal Emergency Management Agency (FEMA) – an agency which typically does not focus on cyber. The value for government agencies participating in these kinds of recurring national-level preparatory exercise includes identifying key decision points, building relationships across government, and making determinations in advance of an event.
The center also offers a rotational, joint duty program for Federal employees. That partnership program allows for cybersecurity knowledge to be spread across various agencies, and gives CTIIC a clearer view into agency leadership, Joe said.
While the center is not an organization with public relationships, like the FBI or Department of Homeland Security, Joe said CTIIC focuses on contributing context and clarity to the intelligence picture.
Calling context “the bread and butter of CTIIC,” Joe said the organization details the history of threat actors, their intentions and capabilities, and provides geopolitical context as well.