The White House is establishing a new office to fight cyberattacks with the mission to “connect the dots” by infusing intelligence from government agencies and the private sector. If the administration feels that individual agencies cannot perform this function, why was a centralized hub not established long ago?
The new office will analyze cyberthreats and coordinate a strategy to counter them, according to President Barack Obama’s statement at the White House Summit on Cybersecurity and Consumer Protection at Stanford University. The idea of a central cybersecurity office isn’t new, but recent cyberattacks have cyber-urgency at an all-time high.
CTIIC’s Cyber Senses
The new Cyber Threat Intelligence Integration Center – or CTIIC, pronounced ‘see-tick’ – is modeled after the National Counterterrorism Center, which launched in the wake of the Sept. 11, 2001, attacks amid criticism that the government failed to share intelligence that could have prevented the terrorist attacks.
“The cyberthreat is one of the greatest threats we face, and policymakers and operators will benefit from having a rapid source of intelligence,” Lisa Monaco, assistant to the president for homeland security and counterterrorism, said in an interview.
Although the new center seems overdue, some agencies already operate their own cyber-defense centers – such as the DHS, FBI and NSA. The difference is that CTIIC will serve as the only independent, centralized location that coordinates and shares cyberthreats.
The administration wants CTIIC housed within the Office of the Director of National Intelligence, with an initial interagency staff of about 50, an administration official said. President Obama’s fiscal year 2016 budget proposal calls for $35 million for the center.
Why Now?
In recent months, there have been plenty of high-profile cyberassaults – Sony Pictures, healthcare insurance company Anthem, and retail stores Target and Home Depot. The cyberattacks that pounded U.S. enterprises and organizations were executed by individuals, hacker groups, and even nation-states.
After the Sony hack last year, as many as six federal departments suspected North Korea as the culprit, but there was no analysis compiling and integrating all agency views due to the lack of centralized oversight. That incident may have been the catalyst for CTIIC. If we could achieve optimal transparency between the private and public sector and among agencies, how many attacks could we prevent?
Many companies claim the government doesn’t share enough intelligence about looming attacks, particularly from other countries like Russia, North Korea and China.
The exigency for CTIIC is to build relationships with companies and share information on threats quickly in order to limit broader exposure.
Chairman Mike McCaul (R-Texas), who chairs the House Committee on Homeland Security, said CTIIC should serve to share information between the intelligence agencies and DHS’s National Cybersecurity and Communications Integration Center (NCCIC), a hub that shares threat information with law enforcement, intelligence agencies and the private sector.
Obama also signed an executive order to encourage private firms to share cyber threat data with NCCIC and to enable information sharing and analysis organizations (ISAOs) to enter information-sharing agreements with the center.
But how does CTIIC contrast with DHS’s NCCIC? That’s unclear. NCCIC has been a linchpin of the administration’s efforts to make information sharing more effective, as Ellen Nakashima writes at theWashington Post. DHS has declined comment to multiple publications on how NCCIC would interface with the new cyber threat center.
“Anything that can be done to improve coordination within the federal government will help to better protect our nation from cyber breaches,” McCaul said.
Sharing is Caring?
We’re left with an important question: will CTIIC really help agencies collaborate or will it just increase bureaucracy?
As new agencies, caucuses and task forces sprout up in the name of cybersecurity, many of them will simultaneously vie for resources. Additionally, CTIIC will find it difficult to pry information away from organizations that deem it too sensitive to share.
This is not the first attempt at creating a singular coordinating body for cybersecurity. The government attempted a similar approach in 2008 with the creation of the National Cybersecurity Center under DHS, but the organization faltered. Its head resigned, claiming the NSA tried to maintain ironclad control over all cybersecurity efforts. The administration hopes CTIIC’s fate is different.
“We’re only 26 years into this Internet Age. We’ve only scratched the surface,” said President Obama at the summit.
Cybersecurity remains a rapidly evolving area requiring constant policy updates and innovative improvements. But it remains to be seen if these new initiatives will serve to promote clearer collaboration or just add new bureaucratic layers to an already complex system.
Will CTIIC succeed where others have failed?
Want to weigh in? Post a comment below or email me at adoggett@300brand.com.