This post is also available in: heעברית (Hebrew)

The US intelligence community guards some of the most closely held secrets and helps defend the country from attacks. However, even it needs protection, part of that mission falls to the Intelligence Community Security Coordination Center (IC SCC), one of the six federal cybersecurity centers designed to create real-time cybersecurity situational awareness.

IC SCC’s mission is to coordinate the cybersecurity incident response for the intelligence community, the center’s director, Wally Coggins, recently told

To improve its mission, the center wants to reinforce its data-sharing capabilities, coordinate cybersecurity functions and conduct more life-like training. The center achieves its mission through continuous two-way communication with the 17 intelligence agencies and their incident response centers.

Coggins notes that the cybersecurity threat environment is dynamic and always changing,“we’re continuously assessing and evaluating our incident response plan.”

He says that the IC SCC is focusing on three main areas this year. An important point of emphasis for the IC SCC is “automating the data flows between the security coordination center and the agencies across the community,” Coggins says.

The intelligence community is moving toward a model in which data sharing is encouraged. About five years ago, the IC moved away from siloed IT and established the IC Information Technology Enterprise. IC ITE is a platform of nine shared services, including security, networking, email and virtual desktops, all delivered via a private cloud.

“Each part of the IT enterprise is provided by one or two agencies that do the thing they are best at, which they then make available to the rest of the community,” Jennifer Kron, the acting tech chief for the intelligence community said. “By evolving into this enterprise approach, we make it a lot easier to share information, enhance integration, improve our security and become more efficient”. Another main focus for the IC SCC is integrating functional areas, Coggins says.

A good example of that, he says, is bringing counterintelligence individuals and experts in to work with the intelligence community’s cybersecurity personnel in the center’s analytical cell.

The final area of focus for the IC SCC is a continuous exercise program, which Coggins describes as “a series of tabletop exercise war games, live-range exercises, where we’re working with the community to test realistic, complex scenarios.”

Coggins says the goal is to test the intelligence community’s response and “share lessons learned, best practices and build the partnerships for when real incidents occur so that we can respond quickly.”