Governance & Risk Management , Incident & Breach Response , Managed Detection & Response (MDR)

White House Creates Cybersecurity Agency

'Integration Center' Will Analyze Digital Intelligence
White House Creates Cybersecurity Agency
Lisa Monaco, right, announces the new cyberthreat analysis hub as former Rep. Jane Harmon listens.

The White House announced Feb. 10 that it's creating a federal agency to analyze information culled from other agencies to battle cyberthreats posed to the government and the private sector.

See Also: Deception-Based Threat Detection: Shifting Power to the Defenders

But some cybersecurity experts already are saying that they see the new agency as being duplicative of other government cyberthreat analysis initiatives.

Lisa Monaco, assistant to the president for homeland security and counterterrorism, unveiled the Cyber Threat Intelligence Integration Center, which will be run out of the Office for the Director of National Intelligence.

"No single government entity is responsible for producing coordinated cyberthreat assessments, ensuring information is shared rapidly among existing cyber centers and other elements of our government, and supporting the work of operators and policymakers with timely intelligence about the latest cyberthreats and threat actors," Monaco said in a speech at the Wilson Center, a Washington think tank. "The CTIIC is intended to fill these gaps."

Impact of Sony Breach

Citing the hacking of Sony Pictures Entertainment as a "game changer," Monaco said the increasingly destructive and malicious nature of cyber-attacks is concerning.


Lisa Monaco explains why the Sony breach was a "game changer."

"In short," she said, "the threat is becoming more diverse, more sophisticated and more dangerous, and I worry that attacks like the one on Sony Pictures will increasingly become the norm unless we adapt quickly and take comprehensive approach just as we have in other context."

According to a senior administration official, Obama's fiscal year 2016 budget includes $35 million, which, along with existing funds from the 2015 budget, will be used to launch the center. The official didn't say when the center would begin operations, but suggested it would be "in the near term."

The new center will initially be staffed by about 50 individuals from other government agencies, the administration official said.

Several cyberthreat analysis centers operated by the Department of Homeland Security, FBI and National Security Agency already collect and analyze cyberthreat intelligence and share cyberthreat information.

"The CTIIC will not collect intelligence," Monaco said. "It will analyze and integrate information already collected under existing authorities. Nor will the CTIIC perform function assigned by other centers. It's intended to enable them to do their jobs more effectively. And, as a result, it will make the federal government more effective as a whole, responding to cyberthreats. CTIIC will draw on existing cyber centers to draw on their expertise and information to improve our collective response to cyberthreats."

Duplication of Effort?

Melissa Hathaway, a former top cybersecurity policymaker in the Obama and George W. Bush administrations, characterizes CTIIC as unnecessary and an inappropriate use of taxpayer dollars. "We already have three centers to do this stuff," Hathaway says. "To create a fourth center is duplication of effort. It's creating another layer of bureaucracy."

Hathaway also questions whether creating NTIIC is an indication that the other centers aren't functioning effectively. "If they're being ineffective, one has to start to look at why are they ineffective," she said. "Is it because of leadership? Is it because of a lack of cooperation across the other centers?"

Monaco dismissed such criticism, noting that CTIIC is modeled after the National Counterterrorism Center, or NCTC, which was created in the wake of the Sept. 11 terrorist attacks to get federal agencies to share intelligence.

"The National Counterterrorism Center did nothing to take away the mission or the role or responsibilities of the CIA counterterrorism center, of the FBI's joint terrorism task forces [and] its operational hub," Monaco said. Those are operational arms and operational centers that have clear responsibilities and clear missions.

"What we need, and the gap that the CTIIC fills, is critical, rapid, coordinated intelligence to seed those operations; so it's not duplicative at all. What we've seen with NCTC in the terrorism realm is operators and policymakers are very, very well served in facing an evolving threat by having a source of rapid integrated intelligence at their disposal."

Congressional Support

Monaco called on lawmakers in both parties to back the administration's cyberthreat sharing initiative. CTIIC quickly received the backing of Rep. Mike McCaul, the Texas Republican who chairs the House Homeland Security Committee and has sponsored cyberthreat information sharing legislation. He characterized CTIIC as "a good first step," according to Reuters.

Cybersecurity has become a top priority for the Obama White House, with the president proposing last month a number of initiatives, including a national breach notification law and legislation to encourage businesses to share cyberthreat information with the government.

On Feb. 13, the White House will host a cybersecurity summit at Stanford University.


About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.