FBI-led national cyber threat information sharing stymied by ‘need to know’

April 29, 2011
Cyber Security, FedCyber Wire
No Comment

via Fierce Government IT

The inter-agency task force the FBI set up in 2008 to share information about domestic cyber threat investigations is holding information back from partner agencies, finds the Justice Department inspector general.

In a somewhat redacted audit dated “April 2011” and released publically April 27, the DOJ IG says the FBI-led National Cyber Investigative Joint Task Force was meant to provide a venue and a means for sharing information among participants, which include military and intelligence community agencies. The original concept was for participants to have a safe harbor for data sharing made on condition that further distribution outside the purview of the NCIJTF would require the permission of the agency from where the information originated.

But, agencies including the FBI have instead first attempted to determine the “relevance and importance” of their information to another agency’s operations before sharing it. Also, the NCIJTF memorandum of understanding is more restrictive than the original concept, since it gives agencies the right to control what information they share with the task force. Some agency representatives are often asked to leave “threat focus” meetings if they don’t have a known need to know the information being discussed.

One Air Force Office of Special Investigations representative to the NCIJTF told auditors that the degree of information sharing the FBI will extend often depends to whom he makes the request. A Navy Criminal Investigative Service official also told auditors that a May 2009 request for information on a hacker went ignored, although FBI officials later told auditors that they did in fact share the information, albeit 5 months after the request was made.

Continued here.