For almost five years, the White House’s inability to publish a new National Security Strategy (NSS) seemed to confirm the suspicions of the US national security commentariat that the Obama administration lacks effective strategies to deal with the security crises across the globe. But last weekend, the NSS 2015 finally came out, and although high on platitudes, what followed on Tuesday could yet be Barack Obama’s biggest national security legacy. Lisa Monaco, the homeland security advisor, announced that the US is setting up a new intelligence unit — the Cyber Threat Intelligence Integration Centre — to coordinate cyber threat analysis.
The gamechanger is the attack on Sony Pictures, blamed on North Korea but detected late. Assessing that the world was at a “transformational moment” vis-a-vis cyber threats, Monaco revealed “data breaches have increased roughly fivefold since 2009”. But the need for a separate agency is being questioned. The administration’s defence is that the new unit will not overlap with existing ones that investigate and disrupt cyber attacks, such as the National Security Agency (NSA), Department of Homeland Security, FBI and the military’s Cyber Command. Instead, it will feed them real-time intelligence on cyber breaches, streamlining the process and filling a “critical gap”, as no US agency currently makes coordinated cyber threat assessments.
Obama, who has put cyber security at the top of his 2015 agenda, is holding a “cyber summit” with industry and government officials on Friday, when he will sign an executive order making it easier for companies to share data with government. After the NSA data collection controversy, the need for striking the right balance between security and privacy has become paramount. For a state like India, whose corporate sector looks especially vulnerable, having reportedly lost $4 billion to cyber attacks in 2013, it is time to look at the best cyber security ecosystems worldwide, collaborate bilaterally and multilaterally, and begin building its own.