A recently released presidential memorandum on national security will make the leadership of both intelligence and civilian agencies responsible for developing the technical architecture and policy framework to improve the sharing of national threat identification information, an effort that will have to span the many formats currently used by agencies for national intelligence.
“I’m expecting that there will be challenges on multiple fronts, but that’s not a reason not to do something,” a National Security Council official told Federal Times, adding that lessons learned from creating the Terrorist Identities Datamart Environment (TIDE) repository within the National Counterterrorism Center could be used as a basis for this new threat intelligence architecture.
The official elaborated that an objective of the memo was to come up with a system where one agency’s investigations and information can be deconflicted so that another agency doesn’t unintentionally take contradictory action.
The memo does not list one single owner of this technical architecture for threat intelligence information, nor which established threat information architecture should be used as the basis for the new system, as the NSC official said that they didn’t want to mandate one way of doing things over another.
The memo makes the Attorney General, Secretary of Homeland Security, Director of National Intelligence, Secretary of State, Secretary of the Treasury, Secretary of Defense, Secretary of Energy and the Director of the CIA responsible for developing and reviewing the federal government’s threat identification systems.
The responsible agency heads will also “jointly identify, as between themselves, the department or agency — or component thereof — best suited to serve as the executive agent for each individual category of national security threat actor information.”
In addition, “the Director of National Intelligence shall work with intelligence community elements to explore and implement solutions for standardizing and publishing key identity attributes captured within intelligence information reports in machine readable formats to support automated processing within the technical architectures.”
The NSC official said different agencies will be better situated to handle different categories of threat intelligence, such as DHS for critical infrastructure and DoD for military threats.
The memo also makes the heads of each agency responsible for maintaining and making available their own threat actor information within the established technical architectures, and the Commerce Secretary is tasked to lead a standing interagency effort to establish the models for information exchange.
The memo received support from DHS, who already holds the responsibility of lead federal department for the protection of critical infrastructure and the furthering of cybersecurity and relies on information sharing to achieve that mission, according to the agency website.
“The department supports National Security Presidential Memorandum-7 as it will facilitate the organization and integration of information that DHS uses to protect the homeland,” said DHS spokesperson Joanne Talbot. “DHS will continue to collect, assess, retain and disseminate information appropriately as required by all applicable legal and policy requirements.”
Within 270 days, the memo also requires the directors and agency secretaries to submit a plan on how they will implement its objectives, which the NSC official said intentionally gave agencies a large window of time to figure out the best solution.
“We think this is the right way to do it,” said the official.
Jessie Bur covers federal IT and management.