New threat center to integrate cyber intelligence

By Cheryl Pellerin, DoD News, Defense Media ActivityMarch 27, 2015

New Threat Center to Integrate Cyber Intelligence
(Photo Credit: U.S. Army) VIEW ORIGINAL

WASHINGTON, D.C., Feb. 11, 2015 -- A new Cyber Threat Intelligence Integration Center is being created under the auspices of the director of national intelligence.

The center will serve a similar function for cyber as the National Counterterrorism Center does for terrorism, Lisa Monaco, assistant to the president for homeland security and counterterrorism, said during a keynote speech yesterday at the Woodrow Wilson International Center for Scholars.

The NCTC, established in 2004, puts into action a 9/11 Commission recommendation -- to break "the older mold of national government organizations" and "be a center for joint operational planning and joint intelligence, staffed by personnel from the various agencies."

"No single government entity," Monaco said, "is responsible for producing coordinated cyber threat assessments, ensuring that information is shared rapidly among existing cyber centers and other [government] elements, and supporting the work of operators and policymakers with timely intelligence about the latest cyber threats and threat actors."

New center intended to fill gaps

The Cyber Threat Intelligence Integration Center, she added, is intended to fill these gaps, analyzing and integrating information already collected under existing authorities, and is intended to enable centers that already perform cyber functions to do their jobs more effectively.

President Barack Obama's new budget backs up the commitment to fight cyber threats with $14 billion to protect critical infrastructure, government networks and other systems, Monaco said.

Safeguarding Americans online, she added, requires that the government work with the private sector "to enhance the security of what has become a vast cyber ecosystem."

A precondition of success

Though the private sector shouldn't rely on the government to solve its cybersecurity problems, the government won't leave the private sector to fend for itself, Monaco said, calling partnership a precondition of success.

"To the private sector, we've made it clear that we will work together," she added. "We're not going to bottle up our intelligence. If we have information about a significant threat to a business, we're going to do our utmost to share it."

Within 24 hours of learning about the Sony Pictures Entertainment attack, Monaco said, the U.S. government pushed out information and malware signatures to the private sector to update its cyber defenses.

"We want this flow of information to go both ways," she said.

Responding quickly

When companies share information about a major cyber intrusion or a potentially debilitating denial-of-service attack, they can expect government agencies to respond quickly, Monaco said, specifying that the government will:

-- Provide as much information as it can about the threat to help companies protect their networks and critical information;

-- Coordinate a quick and unified response from government experts, including those at the Department of Homeland Security and the FBI;

-- Look to determine who the actors are and hold them to account; and

-- Bring to bear, as government experts respond to attacks, all the available tools and draw on the full range of government resources to disrupt threats.

21st-century cyber threats

"I want to commend companies that have shown strong leadership by coming forward as soon as they identify breaches and seek assistance so we can work together and address threats more rapidly," Monaco said. "Across the board, we're tearing down silos, increasing communication and developing the flexibility and agility to respond to cyber threats of the 21st century, just as we have done in the counterterrorism world."

Despite this progress, Monaco added, "it has become clear that we can do more as a government to quickly consolidate, analyze and provide assessments on fast-moving threats or attacks."

During last month's State of the Union address, Obama pledged that the government will integrate intelligence to combat cyber threats, just as it has to combat terrorism.