Creating “fusion centers” — where federal, state and local agency personnel join forces to fight terrorism and cyberthreats — can be tricky, but researchers are now offering strategies to make the process smoother.
A new paper by Andrew Coffey of the security consulting firm IEM released Monday identifies three characteristics of successful centers. After interviewing people associated with 18 of the nation’s 78 federally recognized fusion centers, Coffey believes a center needs a robust group of law enforcement liaison officers, analysts trained in intelligence and information analysis, and strong working relationships within and outside the center.
“We’ve all heard the saying ‘if you’ve been to one fusion center, you’ve been to one fusion center,’” Coffey said Monday at panel discussion hosted by George Washington University’s Center for Cyber and Homeland Security. “That’s true to a certain point, but once you dig deeper and go and look at multiple levels of analysis, you can find that fusion centers that everyone can agree are excelling have some similarities.”
In the analysis, each center’s level of funding varies — centers use a mix of federal grant money, and funds from state and local governments to keep the lights on — but Coffey said the amount of money each group pulls in is less important than how they meet those three prime criteria.
“It’s not simply about reaching a magic number in terms of funding or in terms of personnel, nor is there magic in terms of the number of ties or relationships they maintain. More is not always better,” Coffey said. “But these highly effective fusion centers have figured out their special sauce.”
A key part of that “sauce” are the liaison officers that share information gleaned from their work at the fusion center with the agencies they work for, Coffey said.
Liaison officers “are the mechanisms that allow the fusion centers to reach the front lines,” said Meghann Peterlin, senior policy analyst for the security consulting firm ICF International. “They are the mechanisms that enable that information flow.”
Lee Wight, director of the Washington Regional Threat Analysis Center, also voiced support for the second prong of Coffey’s analysis: the need for skilled analysts. Wight said he tries to insure that every analyst he recruits has a background in cybersecurity, regardless of their eventual area of focus, even if that often proves to be a challenge.
“We’ve got to have exceptional people,” Wight said. “With disciplines like cybersecurity, it’s very competitive for a publicly funded agency to be able to compete with quality talent in that realm, so we certainly have to maintain those sources of funding.”
Coffey’s final condition for success involves how fusion center staff work with each other and law enforcement agencies in their regions. Often, he said informal ties and friendships end up encouraging communication more than any formal mandates for information sharing.
“Those informal ties are really important in the network,” Coffey said. “When you talk to folks around the country, they know that intuitively or they’ve experienced that in one way or another.”
Coffey’s paper comes in response to some harsh criticism for fusion centers over the years. In a 2012 report issued by the Senate’s Permanent Subcommittee on Investigations, staff criticized the centers for producing intelligence that was “oftentimes shoddy, rarely timely, sometimes endangering citizens’ civil liberties” and “more often than not unrelated to terrorism.”
Coffey noted that his research suggests that “some fusion centers are excelling in certain areas, while others might be struggling,” but the perception of the centers is generally positive.
In a subjective field like intelligence, Wight believes the way law enforcement agencies and citizens perceive the groups is the true benchmark for measuring their effectiveness.
“The holy grail question of homeland security is ‘how many terrorists did you catch?’” Wight said. “But you just may never know.”
But Coffey does believe fusion centers still have plenty of room for improvement. Going forward, he especially wants to see centers become essential resources for identifying cybersecurity threats specific to each region.
“Centers know their jurisdictions better than their partners on the federal level,” Coffey said. “Cyberthreats are evolving and fusion centers are uniquely positioned to become translators for threats in jurisdictions going forward.”