On Tuesday, the Obama administration announced that it is creating a new cybersecurity agency to coordinate between existing offices and groups that deal with cyber threats. The decision is motivated by recent high-profile incidents, like the Sony hack and a White House network that was reportedly infiltrated by Russian intelligence.
The new Cyber Threat Intelligence Integration Center (CTIIC) will operate within the Office of the Director of National Intelligence, which coordinates intelligence efforts between agencies and advises the president. As the Washington Post reports, the new agency is partly inspired by the National Counterterrorism Center, created after Sept. 11 to coordinate terrorism-related intelligence from different agencies. Officials say CTIIC will launch with a staff of about 50 and a $35 million budget.
The initiative is being championed by Lisa Monaco, the assistant to the president for homeland security and counterterrorism. She announced the new agency during a keynote at the Wilson Center think tank:
Currently, no single government entity is responsible for producing coordinated cyber threat assessments, ensuring that information is shared rapidly among existing cyber centers ... and supporting the work of operators and policymakers with timely intelligence about the latest cyber threats and threat actors. The CTIIC is intended to fill these gaps.
The Post reports that as the Sony hack unfolded, President Obama asked Monaco to summarize the investigations of the FBI, CIA, NSA, and other bodies. But no group existed to create such an analysis, so Monaco asked the FBI to do it. That experience seems to have motivated her drive to advocate for a dedicated coordinating group. And the idea has been gaining traction since. Last month, Obama said during his State of the Union address, “We are making sure our government integrates intelligence to combat cyber threats, just as we have done to combat terrorism.”
Echoing the Obama administration's broader technology goals, Monaco says that CTIIC will also be a crucial player in connecting government with private sector intelligence and strategies. This raises ongoing debate about government access to private companies' data, though. If infromation from any cyber investigation can funnel through CTIIC, this could represent a major privacy concern.
Furthermore, many in the cybersecurity community view the new agency as superfluous and as just another potential source of bureaucratic friction. Tom Kellermann, chief cybersecurity officer at Trend Micro Inc., told Reuters, “I do think it is redundant. ... You don't necessarily need a new center.”
Melissa Hathaway, a former White House cybersecurity coordinator and president of Hathaway Global Strategies, agrees that existing groups could be restructured to increase transparenecy and efficiency, rather than adding another agency. “We need to be forcing the existing organizations to become more effective—hold them accountable,” she told the Post.
But within the government there seems to be support for CTIIC. For example, Lee Hamilton, a member of the U.S. Homeland Security Advisory Council, and the former vice chairman of the 9/11 Commission, told FedScoop that, "I think it's the right concept, and it's badly needed ... What the government has lacked has been a kind of a clearinghouse that would bring together everybody to talk through the nature of the threats and attacks and to try to get some unity of effort."
But as Tony Cole, a top executive at cybersecurity firm FireEye, told the Guardian, “If you still are not restructuring agencies to be able to share in an automated fashion, then there’s probably little value to be had out of creating a new organization.”