In the wake of news-making attacks on Sony Pictures, Home Depot and many others, the federal government is establishing a new information integration center to focus on cyber threats. The center will analyze intelligence contributed by several agencies, along with the private sector, a model that will face some serious hurdles.
The proposed Cyber Threat Intelligence Integration Center will fall under the Office of the Director of National Intelligence and it will not be responsible for actually gathering any threat intelligence. Rather, it will serve as an aggregation point for information collected by intelligence agencies and, the Obama administration hopes, private companies. A major piece of the plan for the CTIIC is for it to be a point of information exchange with the private sector, said Lisa Monaco, Assistant to the President for Homeland Security and Counterterrorism, in a speech Tuesday.
That’s a strategy that the United States government has been trying to implement for the better part of two decades now in various incarnations. But there are two main issues with the information-sharing model: the government tends to hoard its intelligence and the private sector tends not to want to give and get nothing in return. Monaco said that for the CTIIC to be effective, both sides need to get past those challenges and start helping one another.
“We’re not going to bottle up intelligence. We want the flow of information to go both ways,” Monaco said.
In her speech at the Wilson Center in Washington, Monaco said that the CTIIC will be modeled after the National Counterterrorism Center and will draw on what the government and intelligence community learned about responding to and tracking threats after 9/11. She also hinted that the administration is going to be more aggressive in the future in tracking and prosecuting cyber criminals and other attackers.
“There are structural, cultural and organizational shifts made in the government in counter-terror that also apply to cyber,” she said. “Those who would do us harm should know they will be found and they will be held to account.”
Monaco cited the attack on Sony Pictures late last year as a key example of the kind of attack that the new CTIIC will be able to deal with.
“That was a game-changer, because it wasn’t about profit, it was about a dictator trying to impose censorship,” she said. “Which is why we took the extraordinary step of identifying the attackers publicly.”
Administration officials blamed the Sony hack on North Korea and later imposed more sanctions on the country as a result. Monaco did not specify when the CTIIC would be operational or who would be part of the new group.
Image from Flickr photos of Niklas Wickstrom.