Fusion Centers have been fairly successful since their inception back in the 1980s. The FC is a critical node in the collection and processing of intelligence from various sources. The actual operations of these centers are somewhat cloaked in secrecy. For that reason, fusion centers are somewhat controversial and mysterious. A fusion center is a physical location for interagency collaboration and intelligence synthesis based on disparate pieces of information obtained by one of the numerous agencies participating in the center.
Naturally, technology is a critical component but the human assets from the various agencies, departments, industries and businesses are the critical lynch-pin. The cyber threat fusion center will require all 15 members of the U.S. intelligence community plus many others. In total, about 25 entities from the government and representative from 6 industries as well as part-time contributions from up to 100 specifically identified businesses would make up the participants in the cyber threat fusion center.
Feeding the center with the latest cyber threat analysis is a critical aspect of pulling together a big picture of the threat environment. All Source Intelligence (ASI) is defined as a collection of intelligence products and/or organizations and/or activities that incorporate all sources of information, including, most frequently human resources intelligence, imagery intelligence, measurement and signature intelligence, signals intelligence, and open source data, in the production of finished intelligence. This is the organized collection and linking of intel from multiple sources in multiple forms about a specific subject matter under analysis. This is not an easy task. "Too much information can be just as big a problem as too little," says Spy-Ops. "We use scenario-based intelligence analysis (SBIA) coupled with trans-disciplinary intelligence engineering (TIE) to fuse the all source intelligence. By combining these two techniques we are able to capture the context with which the intelligence was collected and that directly impacts the resulting knowledge we extrapolate."
Over the past few years the experience and results gained from using these techniques warrant creating one to specifically address cyber threats. The Cyber Threat Fusion Center (CTFC) would bring together the various entities within the defense department, groups within Homeland Security, industry expertise as well as facilitate bi-directions threat intelligence information sharing with the business community.
While I have only participated twice in FC operations, both were an eye opening experience and the results were significant. Could the same results have been achieved without the use of a fusion center -- yes. However, the question is how much more time would be required to have come to the same conclusion. The difficulty will be getting all the parties to openly share the information they have. All too often the parties needed to participate in the fusion center see themselves in competition with each other. Given the severity of the threat against our nation's information infrastructure, establishing this center is time critical. When the massive intelligence community from the government is tightly coupled to and collaborates with the front line defense intelligence from the business community and both are supported by the high tech industry the output of this center will surely provide valuable insight into defending against the crowing threat of cyber attacks.
