The Obama administration, on February 10, announced its intention to create a new federal agency to combat cyber threats and coordinate digital intelligence among all federal agencies. This new agency will be called the Cyber Threat Intelligence Integration Center (CTIIC), and will be under the Office of the Director of National Intelligence.
The creation of CTIIC is timely in the face of increasing sophistication and diversification in cyber attacks. In 2014, more than 780 data breaches were publicly reported in the U.S. alone, up 38% from 2013. Barely 3 months into 2015, four major data breaches have also been reported. These recent breaches shed light on the gaps in sharing cyber intelligence and, according to Lisa O. Monaco, Assistant to the President for Homeland Security and Counterterrorism, it is expected that the CTIIC would be the “single government entity [that] is responsible for producing coordinated cyber threat assessments, ensuring that information is shared rapidly among existing cyber centers and other elements within the government, and supporting the work of operators and policymakers with timely intelligence about the latest cyber threats and threat actors.”
CTIIC will be responsible for centralizing and analyzing intelligence and disseminating such information to other agencies, and private entities when the need arises. In describing the new entity, President Barack Obama stated: “Just like we do with terrorist threats, we’re going to have a single entity that’s analyzing and integrating and quickly sharing intelligence about cyber threats across government so we can act on all those threats even faster.” According to Monaco, CTIIC will serve a similar function as the National Counterterrorism Center does for terrorism.
Several commentators ponder whether private companies, some of which have lost trust in the government, will cooperate and participate in this cybersecurity effort and share cyber intelligence with CTIIC. Speaking for the government, Monaco assured the private sector that when companies share information they can expect the government to respond quickly, to provide as much information as it can to help deal with the threat and protect networks, and to use all available tools and resources to disrupt the threats.