A New Approach to IT Security

Cyber Intelligence Requires Stakeholders to Share Information

By , September 14, 2011.
A New Approach to IT Security

Intelligence expert Terry Roberts says cyber intelligence, a new approach to IT security, could make significant gains in the coming year. "The good thing is, this isn't really rocket science," says the chair of the Intelligence and National Security Alliance's Cyber Council. Pilot projects are underway to determine if methods employed by the 17 federal intelligence agencies could be adapted to safeguard non-classified but sensitive information in the private sector. To succeed, Roberts says, the government and private sector must collaborate and share information. "In a year or two, we could actually have the private-public partnership established, with the beginnings of an unclassified cyber-intelligence approach," Roberts says in an interview with Information Security Media Group (select one of the Podcast Options at right to listen).

Roberts edited the alliance's just-issued paper, Cyber Intelligence: Setting the Landscape for an Emerging Discipline (see Cyber Intelligence: What Exactly Is It?), which discusses how the current cyberthreat landscape requires a new way to share intelligence in unclassified cyberspace.

"It's important to understand that when we use the word intelligence that we're really talking about knowledge, not just information, and we're not necessarily talking about something that has to be classified," Robert says. "When we're talking about intelligence as an approach for the cyber arena, it's really about pulling together all the information that we know, processing it, analyzing it and providing unclassified, situational awareness and situations of warning to both government and industry."

In the interview, Roberts discusses the:

  • Difficulties of industry to adapt the highly sophisticated approach the federal intelligence agencies employ to share cyber intelligence. "What we are not doing really is applying those intelligence techniques and tradecraft to the unclassified arena," she says. "Think about it this way: 90 percent of infrastructure in the cyber arena is owned by industry, and 90 percent of the information or data of cyber activity is in the unclassified arena. But we're not focusing on that realm in a comprehensive, consistent manner that we can provide unclassified cyber intelligence to all of industry."
  • Multidisciplinary skills that cyber intelligence requires. "In the beginning nuclear age, you brought in people with the technical body of knowledge, then your brought people with a body of knowledge on that particular adversary, the culture, the leadership, and you brought it all together so you would have a 360 view," she says. "We haven't been doing that in the (private-sector) cyber realm. Many non-tech folks say, 'Eh, cyber, it's technical, I have nothing to do with this.'

    "Actually, in cyber intelligence, you need analytics types of folks, you need people who understand the network environment, that operational background; you need people with technical background who understand the particulars of an attack vector or a fraud approach or sabotage approach that's being used. And, those folks together, need to be looking at the data, analyzing it and coming up with so what, the impact of what they're seeing today and what that means for the future."

Top Intelligence Officer

Roberts is executive director of the acquisition support program/interagency and cyber at Carnegie Mellon University's Software Engineering Instituting, leadings its customer support for the Department of Defense, the intelligence community and the federal government, with a special focus on network security and acquisition in today's cyber environment and architecture areas.

Before joining SEI, Roberts served as the deputy director of Naval Intelligence, where she led, together with the director of Naval Intelligence, more than 20,000 intelligence and information-warfare military and civilian professionals and managed more than $5 billion in resources, technologies and programs globally, working seamlessly with the entire defense-intelligence and Intelligence-Community senior leadership.

Earlier, Roberts served as the director of requirements and resources for the Office of the Undersecretary of Defense for Intelligence, leading the creation, establishment and implementation of the Military Intelligence Program, in partnership with the Director of National Intelligence, the services, the combat support agencies and the Office of the Secretary of Defense.

Follow Eric Chabrow on Twitter: @GovInfoSecurity

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Threat Intelligence - Define, Share

Everyone is talking about threat intelligence. But what are they actually doing to create...

Latest Tweets and Mentions

ARTICLE Threat Intelligence - Define, Share

Everyone is talking about threat intelligence. But what are they actually doing to create...

The ISMG Network