Fewer than one-in-four Homeland Security fusion centers across the country receive cyberthreat reporting or other intelligence products from DHS’ National Protection and Programs Directorate, hampering their nascent efforts to help defend the country against online attacks, a congressional report said Tuesday.
Those efforts are further hampered because fusion center representatives do not sit on the floor of NPPD’s 24 hour watch center, the National Cybersecurity and Communications Integration Center (NCCIC), the majority staff of the House Homeland Security Committee found.
The report includes material from dozens of interviews and a long survey completed by 68 major fusion centers across the country. The centers were set up to integrate state and local law enforcement agencies into DHS’ homeland protection mission by providing them with threat warnings they could use to inform their local priorities and by vacuuming up local intelligence reporting in the hope that it could cast light on national trends or geographically dispersed terrorist plotting.
“Significantly, only 16 out of 68 survey respondents reported they receive NPPD cyber-related products,” reads the report, “Given current cyber threats and fusion centers’ nascent efforts to develop cybersecurity capabilities, the committee believes DHS should ensure these products are made accessible to fusion center personnel, when appropriate.”
One problem with the NPPD intelligence: It’s too highly classified. “A significant amount of cyberthreat information is classified at the Top Secret level, which has prevented some fusion centers from conducting analysis on this issue” because they lack the special facilities required to receive and store top secret information, states the report.
Even the half of all fusion centers which do have a special room, known as a SCIF, to receive and store classified reporting, cannot share it with the state and local law enforcement agencies they’re supposed to work with due to a lack of clearances for state-level employees.
“Their ability to share it with their state and local partners is restricted because there are a limited number of products at the Sensitive but Unclassified (SBU) level,” reads the report.
DHS leadership “should proactively work with the NCCIC to develop a process for sharing cyber threat information with fusion centers at the unclassified level,” the report recommends.