Tag Archives: Network Security

DNI announces CTIIC leadership

DNI_Ugoretz_Tonya_370Director of National Intelligence James Clapper has named a career FBI analyst and an Iraq War veteran to head up the cyber intelligence center that the White House ordered created after the massive hack of Sony Pictures Entertainment.

Tonya Ugoretz, the FBI’s former chief intelligence officer, will head the Cyber Threat Intelligence Integration Center. She has done stints at the CIA, Department of Homeland Security and National Intelligence Council, and is listed as an adjunct associate professor at Georgetown University.

Maurice Bland, who most recently was the National Security Agency’s associate deputy director for cyber, will serve as Ugoretz’s deputy. Bland has done two combat tours in Iraq and Afghanistan, according to his official biography.

Ugoretz and Bland could be talking face-to-face with President Obama following the next large-scale hack of U.S. assets.

Clapper also tapped Thomas Donahue, a nearly three-decade veteran of the CIA with a PhD in electrical engineering, as CTIIC’s research director. The center will “build understanding of cyber threats to inform government-wide decision-making,” Clapper said in a statement.

The White House announced the creation of CTIIC last February. It is based at the Office of the Director of National Intelligence, and is modeled after the National Counterterrorism Center in an effort to “connect the dots” on cyber threats. Michael Daniel and Lisa Monaco, respectively the top White House advisers on cybersecurity and counterterrorism, have been the driving forces behind CTIIC, according to an administration official involved in the agency’s standup.

CTIIC is meant to fill a void in the bureaucratic chain of command wherein Obama had no one entity to turn to for an all-source briefing on foreign cyber threats. That void became abundantly clear to White House officials after the digital destruction of Sony Pictures’ IT systems in November 2014.

The agency got off to a rocky start. House lawmakers were irked that they didn’t get a heads-up on its creation, and DHS officials were worried that the new agency might encroach on their own work.

But several months later, agency turf battles that appeared ready to unfold have been quieted, and there is agreement on Capitol Hill on the need for CTIIC, according to the administration official. The omnibus package funding the government this fiscal year includes money for CTIIC; the exact amount of funding is classified.

“CTIIC is vital because the foreign cyber threats we face as a nation are increasing in volume and sophistication,” DHS Deputy Secretary Alejandro Mayorkas said in a statement. “The CTIIC will help DHS better understand various cyber threats and provide targeted intelligence community support” to the department’s own cyber threat center.

Bland’s battlefield experience could come in handy, as there is increasingly a cyber dimension to kinetic war. A key to the “surge” of U.S. troops in Iraq in 2007 was an accompanying surge in cyber weapons that the NSA unleashed, as journalist Shane Harris reported in his book “@War.”

Bland’s LinkedIn profile touts his experience “leading numerous efforts regarding the organization of cyber units, policy, and authorities related to cyber operations.”

Applauding the President’s Cybersecurity National Action Plan


The Cybersecurity industry is fundamentally broken… and the problem is not technology, but mindset.”  These recent remarks by RSA President Amit Yoran have been echoed around the country and in the halls of government in the wake of serious breaches to the Federal government. From last year’s OPM breach, to last week’s breaches impacting DHS and FBI employees – there has been concern that the mindset protecting our government’s IT systems needed a refresh.

That’s why RSA applauds the President’s Cybersecurity National Action Plan (CNAP) issued this morning and will participate in many regards, but will also watch a couple of things to see if clarity really is brought to the federal government’s efforts. First, it will be interesting to see how the role of the federal CISO pans out. What real authority, accountability and responsibility will this new position entail that couldn’t have been executed by the President’s Special Assistant and Cybersecurity Coordinator? Second, how does the role of DHS change explicitly or implicitly?

This renewed approach to securing our government from our adversaries seeks to tackle the mindset that has limited cybersecurity effectiveness to-date. RSA has publicly endorsed one of the signature components of the President’s plan: driving widespread adoption of multi-factor authentication for email and other critical applications and systems. I’m proud of RSA’s efforts to raise awareness on this important issue. Multifactor authentication – even going beyond the government’s CAC/PIV infrastructure – is a vital step to delivering increased security. Organizations such as the National Cyber Security Alliance and many other organizations have worked hard to keep this issue on the forefront of our IT security consciousness.

Other components of today’s announcement are also very important to tackle, including:

  • Increased funding for cybersecurity.
  • A broad plan to modernize the government’s IT defenses.
  • Creation of a Federal CISO (empowered to cut through silos across civilian government, DOD, and the Intelligence community).
  • Activity promoting adoption of the NIST Cybersecurity framework, especially to the critical infrastructure community.
  • Efforts to enhance the quantity and capability of the Federal cyber workforce.

One additional aspect of today’s announcement is the launch of a Bipartisan Commission – with input from the private sector – that will focus on developing solutions to our most significant cyber challenges. RSA looks forward to supporting the work of this Commission. As the President noted in his OpEd in The Wall Street Journal, “we still don’t have in place all the tools we need, including ones many businesses rely on every day.” It’s imperative that funding and momentum focus on the capabilities that matter most in today’s advanced threat world. In broad terms, our vision to secure the Federal government consists of three pillars:

  1. Complete, real-time, visibility into threats across our critical infrastructure at the Federal CISO level and at the agency and program level.
  2. Deployment of new identity assurance and access governance technologies that are built natively for the cloud and mobile era.
  3. A mature enterprise risk management approach to identifying and prioritizing efforts to mitigate risk.

Today’s announcement by the president and previous efforts by our legislative branch show that our government and elected officials in congress are taking a renewed focus on “operationalizing cybersecurity.” Each one of us in the IT security industry has a role in this mission. I know it will be a key topic at this year’s RSA Conference – and it is certainly a ‘contest’ we can’t afford to lose.