Cyber Threat Intelligence Integration Center in the United States

Presidential Memoranda

Presidential Memoranda regarding with the Establishment of the Cyber Threat Intelligence Integration Center (February 25, 2015):

“By the authority vested in me as President by the Constitution and the laws of the United States of America, I hereby direct as follows:

Establishment of the Cyber Threat Intelligence Integration Center

The Director of National Intelligence (DNI) shall establish a Cyber Threat Intelligence Integration Center (CTIIC). Executive departments and agencies (agencies) shall support the Director of National Intelligence’s efforts to establish the Cyber Threat Intelligence Integration Center, including by providing, as appropriate, personnel and resources needed for the Cyber Threat Intelligence Integration Center to reach full operating capability by the end of fiscal year 2016.

Responsibilities of the Cyber Threat Intelligence Integration Center

The Cyber Threat Intelligence Integration Center shall:

• provide integrated all-source analysis of intelligence related to foreign cyber threats or related to cyber incidents affecting U.S. national interests;
• support the National Cybersecurity and Communications Integration Center, the National Cyber Investigative Joint Task Force, United States Cyber Command, and other relevant United States Government entities by providing access to intelligence necessary to carry out their respective missions;
• oversee the development and implementation of intelligence sharing capabilities (including systems, programs, policies, and standards) to enhance shared situational awareness of intelligence related to foreign cyber threats or related to cyber incidents affecting U.S. national interests among the organizations referenced in subsection (two or second) of this section;
• ensure that indicators of malicious cyber activity and, as appropriate, related threat reporting contained in intelligence channels are downgraded to the lowest classification possible for distribution to both United States Government and U.S. private sector entities through the mechanism described in section 4 of Executive Order 13636 of February 12, 2013 (Improving Critical Infrastructure Cybersecurity); and
• facilitate and support interagency efforts to develop and implement coordinated plans to counter foreign cyber threats to U.S. national interests using all instruments of national power, including diplomatic, economic, military, intelligence, homeland security, and law enforcement activities.

Implementation

(as follows:)

• Agencies shall provide the Cyber Threat Intelligence Integration Center with all intelligence related to foreign cyber threats or related to cyber incidents affecting U.S. national interests, subject to applicable law and policy. The CTIIC shall access, assess, use, retain, and disseminate such information, in a manner that protects privacy and civil liberties and is consistent with applicable law, Executive Orders, Presidential directives, and guidelines, such as guidelines established under section 102A(b) of the National Security Act of 1947, as amended, Executive Order 12333 of December 4, 1981 (United States Intelligence Activities), as amended, and Presidential Policy Directive-28; and that is consistent with the need to protect sources and methods.
• Within 90 days of the date of this memorandum, the Director of National Intelligence, in consultation with the Secretary of State, the Secretary of Defense, the Attorney General, the Secretary of Homeland Security, the Director of the Central Intelligence Agency, the Director of the Federal Bureau of Investigation, and the Director of the National Security Agency shall provide a status report to the Director of the Office of Management and Budget and the Assistant to the President for Homeland Security and Counterterrorism on the establishment of the Cyber Threat Intelligence Integration Center. This report shall further refine the Cyber Threat Intelligence Integration Center’s mission, roles, and responsibilities, consistent with this memorandum, ensuring that those roles and responsibilities are appropriately aligned with other Presidential policies as well as existing policy coordination mechanisms.

Privacy and Civil Liberties Protections

Agencies providing information to the Cyber Threat Intelligence Integration Center shall ensure that privacy and civil liberties protections are provided in the course of implementing this memorandum. Such protections shall be based upon the Fair Information Practice Principles or other privacy and civil liberties policies, principles, and frameworks as they apply to each agency’s activities.”