The Obama administration is establishing a new Cyber Threat Intelligence Integration Center (CTIIC), serving an analogous role as the National Counter Terrorism Center (NCTC) does for terrorism, Lisa Monaco, the Assistant to the President for Homeland Security and Counterterrorism said Tuesday.
“Currently no single government entity is responsible for producing coordinated cyber threat assessments,” Monaco said at keynote speech at the Wilson Center. The CTIIC is intended to fill that gap.
Comparing the new CTIIC to the NCTC, Monaco said it will integrate intelligence about cyber threats, provide all source analysis to policymakers and operators, and support existing federal cyber centers, networks defenses, and law enforcement.
Monaco highlighted that the CTIIC will not collect intelligence. “It will analyze and integrate information already collected under existing authorities. Nor will the CTIIC perform functions already assigned to other centers.”
One such center is the National Cybersecurity and Communications Integration Center (NCCIC), which coordinates and synchronizes partners engaged in cybersecurity and communications protection. While the new CTIIC is expected to be small and feed centers like this with intelligence, the NCCIC protects federal agencies, coordinates national response to significant cyber incidents, orchestrates national protection activities, and maintains situational awareness.
The CTIIC will operate under the auspices of the Director of National Intelligence and is expected to have a staff of about 50.
Monaco also said that the government has to work with the private sector to “truly safeguard Americans online and enhance the security of what has become a vast cyber ecosystem.”
One example of the government’s commitment to working with the private sector in cybersecurity was that within 24 hours of learning of the Sony [ADR] cyber attack, “the U.S. government pushed out information and malware signatures to the private sector, to update their cyber defenses so they could take action,” Monaco said.
Moving forward, Monaco said the government’s cyber strategy will focus on four key elements: improving defenses using the cybersecurity framework and using basic cyber hygiene; improving the ability to disrupt, respond to, and recover from threats; enhancing international cooperation; and making cyberspace intrinsically more secure by replacing passwords with better technologies, building more resilient networks, and enhancing consumer protections.
Monaco also said that in addition to this executive action, “we need durable, long-term solutions codified in law that bolster the nation’s cyber defenses.” She said Congress should pass the package of cybersecurity measures President Obama outlined last month, focusing on information sharing, setting a national standard for companies to report breaches, and providing law enforcement with updated tools to combat cyber crime.
“This is not and should not be a partisan issue. The future security of the United States depends on a strong, bipartisan consensus that responds to a growing national security concern,” Monaco said.
Monaco also said that later this week she, Obama, and several Cabinet members will join hundreds of experts and private sector representatives for a White House summit at Stanford University. They will discuss how to improve trust, enhance cooperation, and strengthen consumer protections and cyber defenses (Defense Daily, Feb. 5).