Government

House committee dings DHS’s cyber intelligence for fusion centers

Fusion centers aren't getting information from NPPD, are caught dealing with over-classified info, and struggle to find people with clearances who can access the information they do get.

By Shaun Waterman

November 7, 2017

Fewer than one-in-four Homeland Security fusion centers across the country receive cyberthreat reporting or other intelligence products from DHS’ National Protection and Programs Directorate, hampering their nascent efforts to help defend the country against online attacks, a congressional report said Tuesday.

Those efforts are further hampered because fusion center representatives do not sit on the floor of NPPD’s 24 hour watch center, the National Cybersecurity and Communications Integration Center (NCCIC), the majority staff of the House Homeland Security Committee found.

The report includes material from dozens of interviews and a long survey completed by 68 major fusion centers across the country. The centers were set up to integrate state and local law enforcement agencies into DHS’ homeland protection mission by providing them with threat warnings they could use to inform their local priorities and by vacuuming up local intelligence reporting in the hope that it could cast light on national trends or geographically dispersed terrorist plotting.

“Significantly, only 16 out of 68 survey respondents reported they receive NPPD cyber-related products,” reads the report, “Given current cyber threats and fusion centers’ nascent efforts to develop cybersecurity capabilities, the committee believes DHS should ensure these products are made accessible to fusion center personnel, when appropriate.”

One problem with the NPPD intelligence: It’s too highly classified. “A significant amount of cyberthreat information is classified at the Top Secret level, which has prevented some fusion centers from conducting analysis on this issue” because they lack the special facilities required to receive and store top secret information, states the report.

Even the half of all fusion centers which do have a special room, known as a SCIF, to receive and store classified reporting, cannot share it with the state and local law enforcement agencies they’re supposed to work with due to a lack of clearances for state-level employees.

“Their ability to share it with their state and local partners is restricted because there are a limited number of products at the Sensitive but Unclassified (SBU) level,” reads the report.

DHS leadership “should proactively work with the NCCIC to develop a process for sharing cyber threat information with fusion centers at the unclassified level,” the report recommends.

House committee dings DHS’s cyber intelligence for fusion centers

More Like This

Campaigns and political parties are in the crosshairs of election meddlers

CISA ransomware warning program has sent out more than 2,000 alerts

Ex-White House cyber official says ransomware payment ban is a ways off

Top Stories

FCC wants rules for ‘most important part of the internet you’ve probably never heard of’

More Scoops

The long, bumpy road to cyber incident reporting legislation — and the one still ahead

CISA’s advisory panel is announced, set to make recommendations on major cyber topics

White House preps order to clarify top cyber roles in federal government

Senate confirms former White House, NSA official Jen Easterly as CISA director after delay

White House to nominate NSA vets Chris Inglis, Jen Easterly as national cyber director, CISA chief

Mayorkas pledges to modernize US cyber-defenses after their failure to detect alleged Russian spies

John Felker, former head of DHS’s cyberthreat center, to retire from the department in September

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

Rumman Chowdhury on AI red-teaming; a Sisense supply chain attack

Government

Technology

Threats

Geopolitics