US Cyber Intelligence Agency – Will it work?

The Obama administration is about to create a new agency to monitor cybersecurity threats and share data about possible attacks among government departments.

The Cyber Threat Intelligence Integration Center will pool information from a variety of sources and ensure that the data flows among government agencies, including those that handle communications about security with the private sector. No government agency handles this function, which is critical to protecting the US from hacks, an administration official, speaking on the condition of anonymity.

The agency will be formed along the lines of the National Counterterrorism Center, which was created after the Sept. 11, 2001, attacks to better coordinate sharing of intelligence in the federal government.

Currently, the United States intelligence community comprises of 17 federal agencies assigned an array of missions relating to national defense, foreign relations, homeland security and law enforcement. These agencies form just the foundation of a sprawling enterprise that incorporates intelligence and non-intelligence components of many other federal agencies, state and local police, including fire and emergency response, international government partners, as well as private companies and organizations.

These entities connect through an array of information sharing platforms and portals, including the National Counterterrorism Center, the Joint Counterterrorism Assessment Team, 71 FBI Joint Terrorism Task Forces, 56 Field Intelligence Groups, and 78 state and local intelligence fusion centers, which can incorporate military and private sector participants. Information collected by any of them can be distributed through official information sharing systems like the Defense Department’s Secret Internet Protocol Router Network, or SIPRNet and many others.

FBI and Department of Homeland Security officials operate several private sector intelligence sharing organizations as well, including the Domestic Security Advisory Council, InfraGard, and the National Cyber Forensics and Training Alliance. In 2010, the Washington Post documented almost 2,000 private companies working on counterterrorism, homeland security, and intelligence. Over 5 million government employees and private contractors now hold security clearances giving them access to classified information.

US intelligence agencies also have close working relationships with international partners, including the governments of the United Kingdom, Canada, Australia and New Zealand under the “five eyes” agreement. They share intelligence with other nations such as Israel and Saudi Arabia through memoranda of understanding, or other less formal agreements. The U.S. military maintains from 598 to 1,000 bases and installations in at least 40 foreign countries.

The annual intelligence budget exceeds $70 billion per year, but that figure represents just a small portion of what the US spends on national defense and homeland security. In a recent interview, Ben Friedman of the Cato Institute does the math:
The nonpartisan Project on Government Oversight and the Columbia Journalism Review back up Friedman’s estimate that the US now spends roughly $1 trillion a year for national security. This figure dwarfs the combined defense budgets of all possible contenders, combined.

Friedman argues that the threats we face today don’t justify such profligate spending. Protected by oceans and bordered by friendly nations, there’s little risk of a foreign invasion. Deaths from wars and other political violence abroad have sharply decreased as well. Terrorism and violent crime in the US are at historically low levels. Unfortunately, the excessive secrecy shrouding intelligence activities means Americans have little public information from which to evaluate whether the intelligence enterprise is worth the investment.

There are many culprits we can blame for spreading undue public fear, from a sensationalist media to manipulative politicians. But a significant part of the problem is that intelligence officials are incentivized to exaggerate threats, which risks the misapplication of security resources and poor national security policies.

http://cwonline.computerworld.com/t/9125365/1284819890/718635/17/

http://www.defenseone.com/ideas/2015/02/us-intelligence-community-bigger-ever-it-worth-it/104799/

« Data Breaches in Europe
Cyber Warfare: Technology backfires on the powerful. »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Malwarebytes

Malwarebytes

Malwarebytes provides artificial intelligence-powered technology that stops cyberattacks before they can compromise computers and endpoints.

FIDO Alliance

FIDO Alliance

FIDO Alliance is a non-profit organization formed to address the lack of interoperability among strong authentication devices.

Cybercrime Investigation & Coordinating Center (CICC) - Philippines

Cybercrime Investigation & Coordinating Center (CICC) - Philippines

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Alpine Security

Alpine Security

Alpine Security provides penetration testing, security assessments and cybersecurity training services.

972VC

972VC

972VC was created to help entrepreneurs find potential funding for their startups. Your guide to the Israeli startup funding ecosystem.

Gorodissky IP Security

Gorodissky IP Security

Gorodissky IP Security is a comprehensive approach to protecting your intellectual property on the Internet and beyond.

Vention

Vention

Vention (formerly iTechArt) is the partner of forward-thinking tech leaders around the globe.

Lifetech

Lifetech

Lifetech is a software development, product engineering and system integration company. Cybersecurity services include SIEM deployment and training.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Conversant Group

Conversant Group

Conversant Group is an IT infrastructure and security consulting company, providing technical, organizational, procedural, and process consulting internationally.

Anterix

Anterix

Anterix is focused on empowering the modernization of critical infrastructure and enterprise businesses by enabling private broadband connectivity.

Data Priva

Data Priva

Data Priva is the UK's leading subscription-based data protection, governance, risk and and compliance service.

ExchangeDefender

ExchangeDefender

ExchangeDefender provides cybersecurity services that secures your company email and data, and guarantees 24/7 email access.

Finite State

Finite State

Finite State enables product security teams to protect the devices we rely on every day through market-leading software threat, vulnerability, and risk management.

DeXpose

DeXpose

DeXpose is a hybrid dark/deep web monitoring and attack surface mapping platform to help you find compromised data or exposed assets related to your organization way before threat actors.

Sprinto

Sprinto

Ambitious tech companies all over the world trust Sprinto to power their security compliance programs and sprint through audits without breaking their stride.