An unnamed senior Obama administration official confirmed the news when speaking to the Washington Post earlier today, saying that the Cyber Threat Intelligence Integration Center would have around 50 staff and a budget of US$ 35 million (£22.9 million) to act as a central point for monitoring and responding to cyber-security threats.
The official added that the group, to be announced formally by White House counter terrorism coordinator Lisa Monaco in Washington DC later today, will be an “intelligence centre that will ‘connect the dots' between various cyber-threats to the nation so that relevant departments and agencies are aware of these threats in as close to real time as possible.”
The agency is apparently modelled on the National Counter-terrorism Center set-up after the 9/11 terrorist attacks, and is said to have been called for by Monaco in light of high-profile data breaches, such as last year's hack of Sony Pictures.
Various federal agencies already have cyber-security components in the US, such as the National Security Agency, the FBI, CIA and Department of Homeland Security, but the new group is designed to allow for “seamless intelligence flows among centres, including those responsible for sharing with the private sector.”
The news drew a mixed response from the information security industry; CrowdStrike president Shawn Henry told CBS that this attempt to connect the agencies would act as “one belly button for the entire US government.”
"That's a good strategy. It's important because there's so many different pieces of intelligence coming in. You've got to collaborate and put it together," he said during the This Morning show.
Trey Ford, global security strategist at Rapid7, told SCMagazineUK.com that he had mixed feelings about the announcement. “The Ghostbusters had it easy when they said “Who you gonna call?” – the answer was clear. Yet currently when I have a cyber-attack or threat indicator I wish to share it's much less clear who I should call? It seems the new Cyber Threat Intelligence Integration Center (CTIIC) will address this problem. I look forward to that clarity.
“The big question I have is how this is different from the National Cybersecurity and Communications Integration Center (NCCIC), which is currently the hub for cyber-security information sharing across more than 50 Government agencies. NCCIC has faced a challenge in having to de-conflict jurisdiction and response across those agencies. With several NCCIC fusion centres across the US, perhaps CTIIC will provide a bird's eye view over the fusion centres, tying together threats that might have been otherwise overlooked. I look forward to seeing how these fit together as more information emerges.”
Sean Mason, VP of incident response at Resolution1, agreed with Ford, adding that sharing intelligence has been ‘nothing short of a mess' in recent years. “For years it has been extremely difficult working with the US government in regards to cyber-security and sharing threat intel. Between the various government branches and programmes that have tried to assist private companies, to include the FBI, NCIS, DIB and more it has become nothing short of a mess and a burden in many cases.
"Timely and relevant information was lacking, different agencies had different pieces of the bigger picture, and many times there was overlap and lag. For example, you could speak to an FBI office in Pittsburgh and be given different information by an FBI office in Detroit. While I remain skeptical about the ability for the US government to be successful in this area, I am cautiously optimistic that this is a step in the right direction depending on how well it is executed.”
Earlier this month, president Obama announced new measures to protect companies who share data with agencies following data breaches, while the US and UK governments recently committed to working together on establishing “cyber-cells” and “cyber-war games".