SUPPORT THE CYBER THREAT INTELLIGENCE
INTEGRATION CENTER'S MISSION TO BUILD AWARENESS,
INTEGRATE ANALYSIS, AND IDENTIFY OPPORTUNITIES
* The following text is taken directly from the Cyber Threat Intelligence Integration Center website:
The Cyber Threat Intelligence Integration Center (CTIIC) is the newest of four multiagency centers under the Office of the Director of National Intelligence (ODNI) integrating intelligence about threats to US national interests. The DNI established CTIIC in 2015, pursuant to a Presidential Memorandum, to produce coordinated IC analysis of foreign cyber threats to US national interests, ensure the information is shared among the federal cyber community, and support the work of operators, analysts, and policymakers with timely intelligence about significant cyber threats and threat actors
The Presidential Memorandum outlined five responsibilities for the Center:
CTIIC's mission is to build understanding of foreign cyber threats to US national interests to inform decision-making by federal cyber centers, departments and agencies, and policy makers. CTIIC integrates information from the network defense, intelligence, and law enforcement communities; facilitates information-sharing; leads community analysis of cyber threats; and supports interagency planning to develop whole-of-government approaches against cyber adversaries. CTIIC publishes intelligence products that place current cyber threats in context and provide integrated IC assessments of an adversary’s capabilities and motivations for using cyber means to achieve its strategic goals.
CTIIC’s responsibilities were designed to support and complement, but not duplicate, the roles of other members of this community. CTIIC is organized along three lines of effort:
BUILDING AWARENESS
CTIIC integrates threat reporting with context and commentary, helping consumers understand its potential significance. CTIIC engages with the other cyber centers as well as the primary producers of intelligence and analysis, including non-cyber experts. This engagement builds meaningful analysis of threat activity and makes it accessible to non-cyber specialists who need to factor it in to their regional understanding. CTIIC’s work focuses the community on significant reporting, provides a quick community perspective on new reporting, generates greater understanding of the bigger picture, and acts as a building block for trend analysis.
INTEGRATING ANALYSIS
The cyber community in recent years has faced increasingly aggressive activity from adversaries that has demanded detailed and complex community analysis on current/near-term threats. CTIIC collaborates with cyber and non-cyber subject-matter experts to initiate and integrate community analysis that considers adversaries’ threat activity, intent, and motivations in a geopolitical context. Presidential Policy Directive 41 (PPD-41) on cyber incident coordination, issued in 2016, designated CTIIC as the federal lead for intelligence support in response to a significant cyber incident. CTIIC, on behalf of the IC, will integrate analysis of threat trends and events to build situational awareness—identifying knowledge gaps—and support interagency efforts to develop options to degrade or mitigate adversary threat capabilities.
IDENTIFYING OPPORTUNITIES
CTIIC supports and facilitates whole-of-government options in response to cyber threats to help ensure decision-makers receive potential courses of action that reflect all instruments of national power. CTIIC delivers opportunity analysis and helps develop measures of effectiveness for cyber campaign efforts. The Center identifies ways to facilitate critical decision points and creates repeatable, threat actor–agnostic frameworks that balance risks, benefits, and equities early in the decision-making process.
Evidence:
United States. Office of the Director of National Intelligence. "Who We Are." Cyber Threat Intelligence Integration Center. 27 June 2018
United States. Office of the Director of National Intelligence. "What We Do." Cyber Threat Intelligence Integration Center. 27 June 2018
United States. Office of the Director of National Intelligence. "How We Work." Cyber Threat Intelligence Integration Center. 27 June 2018
Provide integrated all-source analysis of intelligence related to foreign cyber threats or to cyber incidents affecting U.S. national interests.
Support federal cyber centers by providing access to intelligence necessary to carry out their respective missions.
Oversee development and implementation of intelligence-sharing capabilities to enhance shared situational awareness of intelligence related to foreign cyber threats and incidents.
Ensure that indicators of malicious cyber activity and, as appropriate, related threat reporting contained in intelligence channels are downgraded to the lowest classification possible for distribution to both U.S. Government and U.S. private sector entities.
Facilitate and support interagency efforts to develop and implement coordinated plans to counter foreign cyber threats to U.S. national interests using all instruments of national power, including diplomatic, economic, military, intelligence, homeland security, and law enforcement activities.