How We Work

How We Work


CTIIC’s responsibilities were designed to support and complement, but not duplicate, the roles of other members of this community. CTIIC is organized along three lines of effort:

Building Awareness

CTIIC integrates threat reporting with context and commentary, helping consumers understand its potential significance. CTIIC engages with the other cyber centers as well as the primary producers of intelligence and analysis, including noncyber experts. This engagement builds meaningful analysis of threat activity and makes it accessible to noncyber specialists who need to factor it in to their regional understanding. CTIIC’s work focuses the community on significant reporting, provides a quick community perspective on new reporting, generates greater understanding of the bigger picture, and acts as a building block for trend analysis.

Integrating Analysis

The cyber community in recent years has faced increasingly aggressive activity from adversaries that has demanded detailed and complex community analysis on current/near-term threats. CTIIC collaborates with cyber and noncyber subject-matter experts to initiate and integrate community analysis that considers adversaries’ threat activity, intent, and motivations in a geopolitical context. Presidential Policy Directive 41 (PPD-41) on cyber incident coordination, issued in 2016, designated CTIIC as the federal lead for intelligence support in response to a significant cyber incident. CTIIC, on behalf of the IC, will integrate analysis of threat trends and events to build situational awareness—identifying knowledge gaps—and support interagency efforts to develop options to degrade or mitigate adversary threat capabilities.

Identifying Opportunities

CTIIC supports and facilitates whole-of-government options in response to cyber threats to help ensure decision-makers receive potential courses of action that reflect all instruments of national power. CTIIC delivers opportunity analysis and helps develop measures of effectiveness for cyber campaign efforts. The Center identifies ways to facilitate critical decision points and creates repeatable, threat actor–agnostic frameworks that balance risks, benefits, and equities early in the decisionmaking process.