Cyber Threat Intelligence Integration Center

Director of National Intelligence Honors Former Congresswoman Harman

Erin Joe


Erin Joe is an attorney and senior FBI cyber professional who served as the Section Chief of Cyber Operations at FBI before joining CTIIC as its second Director. Ms. Joe has more than 22 years’ experience in national security and criminal operations as a Special Agent in FBI, most recently leading the Bureau’s strategy and response to nation-state cyber threats emanating from the Middle East and Africa and to cyberterrorism threats worldwide.

In 2015, Ms. Joe became the first Section Chief of FBI’s Office of Partner Engagement, responsible for managing FBI’s Domestic Director of National Intelligence program; engaging with federal, state, and local partners; and addressing issues common to both law enforcement and the IC—including emerging cyber threats.

In addition, Ms. Joe served as Assistant Special Agent in Charge, FBI Los Angeles, where she oversaw intelligence, surveillance, and aviation programs; established collection priorities; directed operations; and integrated intelligence and operations across the office’s areas of responsibility. Ms. Joe has served in FBI Field Offices in Oklahoma City, Salt Lake City, and New Haven, where she was Acting Special Agent in Charge. Before joining FBI, Ms. Joe served as an administrative law judge in Dallas, Texas.

Ms. Joe has completed senior executive leadership courses at the Naval Post Graduate School, Kellogg School of Business, Carnegie Mellon, and Harvard. Ms. Joe earned a BA in English, with high distinction, from the University of Illinois and a JD from Ohio State University. She is a member of the Oklahoma Bar Association and the State Bar of Texas.

Ms. Joe succeeds Tonya Ugoretz, a career FBI intelligence analyst who served as CTIIC Director for almost three years.

Please contact us at:


Liberty Crossing 1

Room 3N400

Washington, DC 20505

CTIIC offers rotational (joint duty) opportunities for federal employees interested in working for a dynamic organization at the forefront of forging the nation’s response to cyber security threats. We are a multidisciplinary staff of cyber intelligence analysts, operations officers, executive staff, IT specialists, and publications officers.



CTIIC’s responsibilities were designed to support and complement, but not duplicate, the roles of other members of this community. CTIIC is organized along three lines of effort:

Building Awareness

CTIIC integrates threat reporting with context and commentary, helping consumers understand its potential significance. CTIIC engages with the other cyber centers as well as the primary producers of intelligence and analysis, including noncyber experts. This engagement builds meaningful analysis of threat activity and makes it accessible to noncyber specialists who need to factor it in to their regional understanding. CTIIC’s work focuses the community on significant reporting, provides a quick community perspective on new reporting, generates greater understanding of the bigger picture, and acts as a building block for trend analysis.

Integrating Analysis

The cyber community in recent years has faced increasingly aggressive activity from adversaries that has demanded detailed and complex community analysis on current/near-term threats. CTIIC collaborates with cyber and noncyber subject-matter experts to initiate and integrate community analysis that considers adversaries’ threat activity, intent, and motivations in a geopolitical context. Presidential Policy Directive 41 (PPD-41) on cyber incident coordination, issued in 2016, designated CTIIC as the federal lead for intelligence support in response to a significant cyber incident. CTIIC, on behalf of the IC, will integrate analysis of threat trends and events to build situational awareness—identifying knowledge gaps—and support interagency efforts to develop options to degrade or mitigate adversary threat capabilities.

Identifying Opportunities

CTIIC supports and facilitates whole-of-government options in response to cyber threats to help ensure decision-makers receive potential courses of action that reflect all instruments of national power. CTIIC delivers opportunity analysis and helps develop measures of effectiveness for cyber campaign efforts. The Center identifies ways to facilitate critical decision points and creates repeatable, threat actor–agnostic frameworks that balance risks, benefits, and equities early in the decisionmaking process.