recommended reading

DHS center could extend classified Pentagon cyber program to nondefense industries

Mark J. Terrill/AP file photo

If Congress fails to pass cyber information sharing reforms, the Homeland Security Department could offer all critical industries entry into a little-known facility that circulates classified warnings about threats, similar to the way an exclusive Pentagon initiative works, said a former DHS official who started the operation. The National Cybersecurity and Communications Integration Center, or NCCIC, is a 24-hour crisis center that has been investigating and responding to breaches since 2009.  

“On that watch floor right now you have representatives with full security clearances, up to the Top Secret level, from energy companies, financial services companies, water companies, telecommunications companies, sitting there next to intelligence analysts, sitting next to government cyber analysts, sitting next to Secret Service agents and FBI agents,” said former NCCIC director Seán McGurk, at a talk sponsored by Government Executive Media Group and National Journal.

McGurk became managing principal for industrial control systems cybersecurity at Verizon in May. The telecom firm is one of the critical sector companies stationed at the NCCIC (pronounced N-kick). “They are all sharing the information in near real-time, machine-to-machine speed, not necessarily just human to human, so they can get that overall operational picture to identify cyber risk,” he said.

There also has been discussion of allowing all vital sectors into a more high-profile program that today exchanges classified threat data only within the defense industrial base. The Pentagon recently announced plans for renewing a contract with Booz Allen Hamilton to beef up capacity of the initiative, which currently supports about 15,000 individuals from more than 2,650 defense suppliers.

McGurk acknowledged that NCCIC must ramp up if it is tasked with providing nondefense critical sectors the same services available from the defense industrial base program.

We started the capability -- and now we need to advance that capability and we need to extend it” beyond the currently six or seven active industries, he said. “We need to ensure that the public is aware that this is a resource.”

NCCIC is an outgrowth of a Bush administration presidential directive commonly known as the Comprehensive National Cybersecurity Initiative. Under the initiative, data sharing activities must comply with federal privacy policies for personal information and other protected information.

By “collaborating and sharing classified information, unclassified information, proprietary information, we have a better idea of what the activity is and how the activity propagates through these various sectors,” McGurk said. For example, an oil company executive may spot a danger that could disrupt energy industrial control systems, while a water plant employee may look at the same information and see separate ramifications for that utility.

“And then it becomes actionable because the energy sector person sits there and says that’s important to me in this way and I need that information to protect my sector, which may be different from what the water person sees,” he said. The center is “something that can be enhanced, it’s something that can be expanded but it’s something that currently exists.”

Mark Weatherford, the top cyber official at DHS, increasingly is promoting NCCIC during speeches. “The NCCIC is going to be the nexus of information,” he said this summer. Weatherford, who previously served as chief security officer at the North American Electric Reliability Corporation, which enforces reliability standards for the bulk power system, predicts that eventually businesses in all critical industries “will have NCCIC on speed dial.”

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.