If you don’t think threats to private data are a problem, you’re not paying attention. Breaches occur seemingly by the day, although we often don’t always hear about them in real time as companies (Sony, Anthem, JPMorgan Chase) and government agencies (the unsecured White House network) scramble to patch their systems.
Now the Obama Administration is poised to create a new agency — the Cyber Threat Intelligence Integration Center — to fight back, according to the Washington Post. Lisa Monaco, President Obama’s assistant homeland security and counterterrorism advisor, will announce the news later Tuesday.
This is not the first time in recent history that world events have prompted a new agency. The 9/11 attacks spurred the creation of National Counterterrorism Center, for example.
Everyone is scrambling to deal with these threats. Of course the creation of another organization will spark discussion about whether we need yet another level of bureaucracy to deal with a problem. After all, silos of information held by different agencies are often blamed for security snafus.
I usually don’t quote from any of the myriad ambulance-chasing pitches that come in on stories like this, but this emailed statement attributed to Jeff Williams, CTO of Contrast Security, summed up the decentralized data problem pretty well:
How will the new center work with DHS, DISA, NSA, CIA, FBI … all of whom have some responsibility for cybersecurity. In principle, having a single “belly button” is a nice idea. But in reality, it’s just one more agency with cybersecurity responsibility.
But the problem is obviously also a private sector opportunity and tech companies are snatching up security expertise. The latest example being yesterday’s news that [company]Hewlett-Packard[/company] is buying encryption specialist Voltage Security. Last summer, FireEye bought Mandiant, a high-flying cyber forensics company, for $1 billion.
This story was updated at 11:08 a.m. PST with an additional quote.