OPINION — America’s cyber intelligence capabilities are being eviscerated while the threats to national security emanating from cyber space are increasing. The latest cuts to the cyber capabilities within the Office of the Director of National Intelligence (ODNI) further undermine America’s ability to protect itself against the adversaries that use cyberspace to put American’s security at risk.
Russia, China, and Iran are targeting the United States through cyber means, attacking communications, energy, transportation, and water systems — putting the ability of Americans to access critical services at risk, not to mention raising questions about the Pentagon’s ability to quickly mobilize and transport military forces. And yet, since January, the executive branch has gutted critical defensive cyber and counter malign influence operations efforts across the government.
ODNI assets are now on the chopping block, with a plan to slash the intelligence processing and information sharing services that enable critical cyber capabilities and resiliency across public and private sectors. Last week, as part of an “ODNI 2.0” plan to “eliminate redundant missions, functions and personnel” Director of National Intelligence Tulsi Gabbard announced a downsizing of her staff by more than 40 percent by this October, including the termination of entire offices that are critical for coordination of cybersecurity intelligence.
Created after the September 11, 2001, attacks revealed what happens when intelligence is siloed across disparate agencies, ODNI is supposed to serve as the critical hub for coordination across the many agencies of the intelligence community, synthesizing and enriching the information. While the totality of ODNI 2.0 purports to save Americans $700 million annually, in the cyber realm, it threatens to send the nation back to pre-9/11 dysfunction.
The Cyber Initiatives Group Fall Summit on Wednesday, September 17 from 12p – 3p is convening experts to engage on the most pressing cybersecurity risks. Save your virtual seat now.
Specifically, the plan eliminates the Cyber Threat Intelligence Integration Center (CTIIC). In addition to collating America’s exquisite intelligence, CTIIC ensures all intelligence bodies and civilian federal agencies had access to commercial threat intelligence. Rather than each federal agency separately purchasing commercial information, CTIIC’s Sentinel Horizon program negotiated a single contract, efficiently and cost-effectively ensuring all federal agencies had access to timely threat information and analysis.
CTIIC also disseminates government cyber intelligence to the private sector, which owns and operates the vast majority of U.S. critical infrastructure. CTIIC serves as the “focal integration point” between federal cyber intelligence and industry partners who are defending America’s most critical systems against nation-state threats — connecting and disseminating information in real time not only across federal agencies but also to the private sector.
Through its CI3 initiative, for example, the CTIIC brought together the intelligence community and other government threat experts to provide actionable, classified cyber threat intelligence briefings to critical infrastructure owners and operators. Occurring monthly, these briefings were providers’ lifeline to federally monitored cyber threat information, enhancing situational awareness and increasing collaboration between on-the-ground providers and the intelligence community. The initiative’s goal is to take “all the great information we have in the IC [intelligence community] and get it out to those people who need it on a day-to-day basis,” says Lauren Goldman, CTIIC’s former head of analysis and analytic integration, who left the agency earlier this year.
At the very least, these programs will be scaled back if not terminated with the impending closure of CTIIC. The center was already operating with reduced expertise with the departure of three of its most senior leaders earlier this year.
Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.
Five years ago, even before these latest successes in building public-private intelligence sharing, the Cyberspace Solarium Commission recognized the important role CTIIC plays in ensuring the government understands cyber threats and “providing analysis and coordination necessary for rapid and accurate attribution.” The congressionally mandated commission called on Congress to codify CTIIC in law and appropriate more funding to support its efforts. While doing the latter, Congress failed to codify the center, meaning lawmakers have fewer avenues to adjust Gabbard’s plan.
Gabbard is also closing the Foreign Malign Influence Center (FMIC). While CTIIC focuses on cyber-specific intelligence integration, FMIC synthesizes intelligence related to both cyber and non-cyber efforts by foreign actors to influence the perspectives of the American public. FMIC played a critical role in uncovering online influence operations against the United States from Iranian, Russian, and Chinese threats throughout the 2024 election cycle. It worked with the FBI and the Cybersecurity and Infrastructure Security Agency to release regular public updates debunking malign content circulated by adversaries. The director falsely equates FMIC’s work with censorship of American citizens. Instead, cuts to the center will reduce Washington’s ability to protect American citizens from the state-sponsored influence operations running rampant on the internet.
The ODNI was created to integrate and make sense of the massive amounts of threat information gathered by the U.S. intelligence community. There is no doubt value in some of the “ODNI 2.0” effort, but gutting the national cyber threat and foreign malign influence integration efforts is not where the savings should be harvested. America’s nation-state adversaries are moving into these mission areas; our intelligence community should not be moving out.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to [email protected] for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
Kommentoi