Cybersecurity

Obama’s Cyberthreat Intel Aggregator Plan Divides Security Experts

The Obama Administration on Tuesday announced plans to set up a national Cyber Threat Intelligence Integration Center to integrate all data from government agencies and the private sector, and disseminate it appropriately.

Lisa Monaco, assistant to the president for homeland security and counterterrorism, made the announcement following months of research by White House cybersecurity coordinator Michael Daniel’s staff.

Reactions from cybersecurity experts were mixed.

“Having a single agency with primary responsibility for cyberdefense is a smart idea,” John Gunn, vice president of VASCO Data Security, told TechNewsWorld. “Even those who are opposed to additional federal agencies will have to agree that reducing redundancies and adding accountability for directly measurable results is a positive move.”

The move “is a step in the right direction, coming at a time when we’re seeing a marked increase in the sophistication of cyberattacks and cyberterrorism across all fronts,” suggested Marc Gaffan, CEO and cofounder of Incapsula.

Such an agency may help connect the dots during an attack, but “we must not overlook the privacy concerns it may raise,” Gaffan told TechNewsWorld.

Private Sector Involvement

A major problem is that the center “will rely on private sector participation, which means private sector cost, which will never get private sector funding without some teeth,” argued Jonathan Sander, strategy & research officer, at STEALTHbits Technologies.

“No business will spend money to give [it] data from a sense of national pride,” Sander told TechNewsWorld. While the security community is keen on information sharing, it “doesn’t write the budgets. There will either need to be a motivating carrot or a regulatory stick.”

Cooperation with the private sector is a major tenet of the Obama administration’s approach to cybersecurity, but it has met with a lukewarm reaction at best so far.

Genesis of the Plan

Daniel’s staff concluded that U.S. intelligence agencies have their own silos of information about cybersecurity and cyberterrorism and these aren’t coordinated to provide an overall picture.

This problem manifested clearly in the Sony breach last year: The U.S. National Security Agency reportedly knew in advance about the attack because it had penetrated that country’s cybersystems, but did not warn Sony, possibly because its mandate is to protect national security and not the private sector.

Daniel’s staff recommended the establishment of a central authority to aggregate all data on cyberthreats and push out the information to all concerned.

The intelligence integration center will initially have a staff of 50 and a budget of US$35 million.

Monaco said it will not collect intelligence, but will analyze information collected by other agencies and will integrate the intelligence.

It will be under the purview of James Clapper, the Director of National Intelligence.

More Battles Ahead

The White House apparently did not inform Congress about its plan to establish the new intelligence center, leaking the information to the Washington Post on Monday instead, Politico reports. This may ruffle congressional feathers.

Further, Clapper had previously lied to Congress under oath about the NSA’s activities, denying the agency had spied on Americans, only to be unmasked by whistleblower Edward Snowden’s revelations.

That prompted several senators to call for Clapper’s dismissal in a letter to President Obama.

Whether the various U.S. intelligence agencies will cooperate remains uncertain.

“One of the big challenges with interagency intelligence sharing will be internal politics that come into play,” pointed out Ken Westin, senior security analyst at Tripwire. “There has been a history of this within these agencies which has impacted the effectiveness of several cyberdefense programs.”

It “takes a lot more than a speech, handshake and a promise to build complex, robust and scalable information sharing systems,” Westin told TechNewsWorld. “Like many others, I really want to see this program work, but a lot of us are skeptical because we understand the complexities and pitfalls of [doing this].”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Richard Adhikari
More in Cybersecurity

Technewsworld Channels