(Reuters) — Calling the destructive cyberattack on Sony Pictures "a game changer," a top White House official this week announced a new intelligence unit to coordinate analysis of cyber threats, modeled on similar U.S. government efforts to fight terrorism.
Lisa Monaco, President Barack Obama’s homeland security and counterterrorism adviser, said the new agency will rapidly pool and disseminate data on cyber breaches, which she said are ballooning in size and sophistication, to U.S. agencies.
"Currently, no single government entity is responsible for producing coordinated cyber threat assessments" and sharing the information rapidly, Monaco said in remarks at the Wilson Center think tank in Washington.
The new agency, the Cyber Threat Intelligence Integration Center, "is intended to fill these gaps," she said.
Obama has moved cybersecurity to the top of his 2015 agenda after recent hacking attacks against Sony, Home Depot, Anthem and Target – as well as the U.S. government itself.
Federal officials have described the Sony attack as particularly worrying because hackers stole data, debilitated computers and pressured the studio to halt release of a satirical film about North Korean leader Kim Jong-un. The FBI took the unusual step of publicly accusing North Korea of being behind the cyberattack.
Obama is slated to host a "cyber summit" with industry and government leaders at Stanford University in California tomorrow.
Industry executives lauded Obama’s increased focus on cybersecurity, but some questioned whether a new government agency is the answer, and whether it should be part of the secretive U.S. intelligence community.
Responsibility for cybersecurity is already spread across the U.S. government, including the National Security Agency, the Homeland Security Dept., the FBI, and the U.S. military’s Cyber Command.
"Is this going to be effective? Is it another reorg(anization)?" asked Amit Yoran, president of security firm RSA.
Still, Yoran said, the series of high-profile attacks showed that change was needed. "We aren’t getting the cyber job done," he said.
"I do think it is redundant," said Tom Kellermann, chief cybersecurity officer at Trend Micro. "You don’t necessarily need a new center," he added, noting the existence of a similar Homeland Security unit that shares cyber threat information with the private sector.
Monaco rejected the criticism. She said the new unit, which is expected to be relatively small, will not overlap existing agencies that have operations that investigate and disrupt cyber attacks. Instead it will rapidly feed them timely intelligence.
"This is filling a critical gap," she said.
Rep. Michael McCaul (R-Texas), chairman of the House Committee on Homeland Security, welcomed efforts to improve U.S. government coordination on cyber breaches.
"Streamlining the process by which information is shared between the intelligence community and civilian government counterparts … is a good first step," McCaul said in a statement.
Monaco renewed a White House plea for Congress to pass legislation encouraging companies to share data from cyber attacks with the government and with each other.
Past efforts were stymied by liability issues and privacy concerns. Last month, Obama proposed legislation to strike a balance, offering liability protection to companies that provide information in near real time to the government, while requiring them to delete personal data.
