Cybersecurity threats have risen to the top of the nation’s national security concerns, according to U.S. Director of National Intelligence Daniel Coats, who spoke at the Billington CyberSecurity Summit on Sept. 13.
“What keeps me up at night now is the wide diversity of threats that we have from all across the world, including the ever-expanding list of cyber threats,” Coats said. “It’s clear that cybersecurity has become one of the most important priorities for the director of national intelligence and the intelligence community. Among the many threats that we discuss on an almost daily basis, cyber threats have risen to almost the top for a couple reasons.”
Coats explained that the reason for this rise is that cyber adversaries are becoming increasingly assertive and capable, theft and espionage attacks could cause major damage to networks, adversaries are targeting the integrity of U.S. data, and threat actors can use the Internet as an “echo chamber” to enforce false beliefs through repetition.
“All these types of cyber operations have the power to erode public trust and confidence in our information, services, and institutions,” said Coats. “Russia has clearly assumed an even more aggressive cyber posture by increasing cyber espionage operations, leaking data stolen from these operations. China continues to conduct cyber espionage against the U.S. government, our allies, and U.S. companies. Iran and North Korea are improving their capabilities to launch destructive cyberattacks to support their political objectives. And nonstate actors, notably terrorist groups like ISIS, are using the Internet to organize, to recruit, spread propaganda, raise funds, collect intelligence, inspire action, and coordinate operations.”
Coats said that the intelligence community (IC) has the advantage of knowing about the details of threats and the actors behind them, but cannot force the rest of the government or industry to respond to them. Therefore, he added, it is important to improve relationships and information sharing practices among the three groups.
“The first recommendation that I want to make is that we must improve information sharing between the government and the private sector,” said Coats. “The intelligence community has a key role in identifying the threats. In other words, we must explain not only what we see and what it means, but also what can be done about it from a security perspective.”
A core problem with current information sharing, according to Coats, is the diversity of methods for sharing threat data, making the whole system more unwieldy than it needs to be.
“The good news here is that the private sector is increasingly focusing on cyber intelligence and increasingly understanding the need for interconnectedness and the sharing of information,” said Coats. “The not-so-good news is that collaboration within the government and the private sector on cyber threat intelligence is growing unnecessarily complex, because we each do it in different ways, for different purposes, and describe them differently to each other. In the intelligence community, we’ve learned that the application of a common approach and shared vocabulary can help more accurately and timely sharing information with policymakers and cyber experts.”
The IC has its own model for information sharing, which is not proprietary or secret, and Coats recommended that industry take a look at whether it could be applicable to their cyber operations.
“We’re not saying our approach is perfect or a one-size-fits-all, but the use of a common, structured, hierarchical approach will help the government and the private sector communicate and share data,” said Coats. “My second recommendation is that in the long term, government and private industry need to work collaboratively to design future products with security in mind.”
Coats also hit back at rumors that the IC was not working well with the current administration, saying that the president often holds intelligence briefings longer than scheduled to get a deeper understanding of the threats identified by the IC.
“I’m in the Oval Office nearly every day,” Coats said, “and I know for a fact that the president and his national security team appreciate the work of the intelligence community.”