Trump Issues Threat Sharing Directive to Intelligence Community

President Trump issued a memorandum on Oct. 5 requiring the intelligence community to establish an inter-agency information sharing network. Agency heads are required to submit a plan within 270 days. Missing from the memorandum is any mention of existing projects such as the Cyber Threat Intelligence Center (CTIC) or the Intelligence Community IT Enterprise (IC ITE, pronounced ‘eyesight’).
Inter-agency information sharing has been a pressing issue and problem since 9/11 when it was suggested that different agencies had partial information about the terrorist plot, but there was no way to ‘connect the dots’ and see the overall picture. Since then there have been numerous initiatives to improve information sharing — such as the Cybersecurity Information Sharing Act (CISA) and the CTIC and IC ITE projects.
IC ITE is a long-term intelligence community initiative to provide what this new memorandum seems to require. The current strategy document, produced by the Office of the Director of National Intelligence (at that time, James Clapper) states (PDF): “The IC ITE represents a strategic shift from agency-centric information technology (IT) to a common enterprise platform where the Intelligence Community (IC) can easily and securely share technology, information, and capabilities across the Community.” However, the timeframe covered by this document is 2016 to 2020 — and it may be that the new Trump memorandum is seeking to speed the process.
手机实名制正式实施,落实起来,却路途漫长,似乎阻力重重,它的目的是为了解决在手机上前阵子泛滥“黄毒”和各种垃圾短信以及诈骗信息。这可以有效打击各类犯罪,有利于掌握证据。
Trump has been a critic of the intelligence community since before his election. It is not clear whether this memorandum is designed to replace the existing projects or merely to hasten their completion. Memoranda are used by presidents in a manner similar to executive orders, and place a similar legal requirement on government agencies. They have been described as ‘an executive order by another name’.
The gist of the memorandum is that the intelligence community must establish a ‘threat actor’ information sharing architecture under guidance from NIST, and present their plan to the president within 270 days. “The Secretary of Defense, the Attorney General, the Secretary of Homeland Security, and the Director of National Intelligence, in coordination with the Secretary of State, the Secretary of the Treasury, and the Secretary of Energy, shall, through the Assistant to the President for Homeland Security and Counterterrorism, submit to the President a plan to implement this memorandum.”
There is no indication on how the threat sharing is to be implemented; and of course no guarantee that the president will accept the plans. There is, however, a strong concentration on the need to share personal information of potential threat actors. “National security threat actor information,” states the memorandum, “comprises identity attributes and associated information about individuals, organizations, groups, or networks assessed to be a threat to the safety, security, or national interests of the United States that fall into one or more of the categories listed in the annex to this memorandum.”
‘Identity attributes’ are then defined as “Information (including biometric and biographic data) that can be used independently or in combination with other data to identify a specific individual.”
It is the lack of detail that is most worrying. The devil is always in the detail, comments Christopher Bray, SVP at Cylance Inc. The big question, he suggests, is how this can be translated into policy while respecting applicable laws, civil liberties and individual privacy. “These are extremely important questions that need to be crisply defined and addressed within established legal and constitutional frameworks,” he told SecurityWeek. “You only need to think about the clumsy implementation of the ‘no fly list’ and the examples of completely innocent people arbitrarily getting placed on it in error — with lack of a clear process for recourse or getting removed, to see what a minefield this could become if not thought through well.”  Will this be implemented into anything meaningful at all, he wonders, or just become ‘policy shelf-ware’ that someone can point to later as having ‘done something’.
Nathan Wenzler, chief security strategist at AsTech, sees nothing that addresses the long-standing problems for information sharing. “The challenge previously is that each of the agencies involved tends to collect information that is very specific to their purposes and it is in that specificity that there is fear that others who possess the data will be able to discern how that data was obtained and collected. This has caused many in the intelligence community to fear the compromise of those data gathering sources, whether human or technological, and has made previous efforts to integrate and share such data nearly impossible.”
万通地产新老板又傍中植系 地产金融成最后希望

Like Bray, he is also concerned about the privacy impact of the memorandum. “The potential for compromise to intelligence sources, the vast privacy concerns that will exist should any U.S. citizen wrongly be targeted in these profiling efforts, and the fact that effectively locating multiple copies of the same data sets in different places means that cyber attackers have more potential targets in which to steal this information means this memorandum creates far more questions than it begins to answer.”
Ross Rustici, senior director, intelligence services at Cybereason, wonders if the memorandum is designed to increase the capability of the CTIC, “which was stood up in the twilight of Obama’s administration. The idea behind the CTIC,” he told SecurityWeek, “was to create a new cyber threat center for cyber. However, because the initial operating capacity was being built as the administration was packing up it never got the full capability or support necessary to be effective.”
However, he also suggests that the memorandum is indicative of the slow progress made to date. It “shows how little the creation of the Director of National Intelligence and the 9/11 Commission has impacted business as usual in the intelligence community. In addition, the focus on ‘threat actors and their networks’ speaks to something beyond sharing data for defending networks. This directive is about increasing the intelligence community’s ability to share all the dots they already have to connect them better.”
Related: Industry Reactions to Trump’s Cybersecurity Executive Order 
Related: Is the Trump Administration Serious About Cybersecurity? 
Related: U.S. Intelligence Chief James Clapper Resigns 
云计算的选择,重要的是服务级别协议,也就是说要加强服务管理,和云服务商确定好平均无故障时间、故障恢复时间、数据安全级别等等,这些同样是您要承诺给您的客户的。

猜您喜欢

点牛金融,你拿什么来守护我的资金安全?
信息、信息安全与管理体系
CyberSecurity Law Introduction 网络安全法宣传视频系列
纽约举行哥伦布日游行
NATGEOSHOP STRADEGYADVERTISING
网络安全宣传短片——勿乱连通公司内部网络与运营商数据网络