clock menu more-arrow no yes

Filed under:

US creates centralized cybersecurity agency following Sony attack

New, 18 comments

Cyber Threat Intelligence Integration Center will be tasked with sharing intelligence and coordinating responses to major attacks

Mark Wilson/Getty Images

The White House today will announce the creation of a new agency tasked with thwarting cyberattacks by sharing intelligence across other agencies in the event of a crisis, The Washington Post reports. The new Cyber Threat Intelligence Integration Center (CTIIC) will be formally unveiled at the Wilson Center in Washington, DC, later today. The unit will be created as part of the Office of the Director of National Intelligence, and will start off with a staff of about 50 people and a budget of $35 million, officials tell the Post.

The idea is to apply lessons learned after the September 11th terrorist attacks — which were blamed, in part, on intelligence failures — to the realm of cybersecurity. The new agency will be structured like the National Counterterrorism Center (NCTC), created in the aftermath of September 11th, and will be charged with analyzing and coordinating responses to cyberthreats.

"The cyberthreat is one of the greatest threats we face."

"The cyberthreat is one of the greatest threats we face, and policymakers and operators will benefit from having a rapid source of intelligence," Lisa Monaco, President Obama's assistant for homeland security and counterterrorism, tells the Post. Monaco will announce the creation of the CTIIC in a speech at today's event. "It will help ensure that we have the same integrated, all-tools approach to the cyberthreat that we have developed to combat terrorism."

Monaco had been pushing for the creation of a new agency for several months, amid signs of the growing dangers that cyberattacks posed, but the initiative gained new momentum following last year's hack of Sony Pictures. The response to that attack, Monaco says, demonstrated the need for a centralized body to analyze intelligence gathered from various agencies — in this case, the FBI, NSA, and CIA — and the White House agreed. Earlier this month, Obama announced new measures to protect companies who share their data with federal intelligence agencies following cyberattacks, in the hope that doing so will help coordinate responses.

Experts say accessing data from private sector companies will be critical to the CTICC's effectiveness going forward, but others aren't convinced that creating another government agency is the answer. "We should not be creating more organizations and bureaucracy," Melissa Hathaway, a former White House cybersecurity coordinator, tells the Post. "We need to be forcing the existing organizations to become more effective — hold them accountable."