Laura Galante, Intelligence Community’s Cyber Executive and Director of the Cyber Threat Intelligence Integration Center (CTIIC), Office of the Director for National Intelligence, United States
By Amit Roy Choudhury
Meet the Women in GovTech 2024.
Laura Galante, Intelligence Community’s Cyber Executive and Director of the Cyber Threat Intelligence Integration Center (CTIIC), Office of the Director for National Intelligence, United States, shares her journey. Image: Laura Galante
1. How do you use technology/policy to improve citizens’ lives? Tell us about your role or organisation.
I run the US Intelligence Community’s Cyber Threat Intelligence Integration Center called CTIIC. To put it simply, we take the best intelligence available—from classified and commercial sources—and we use it to help people make better security decisions. This includes informing national security decisions that face the White House and Congress, all the way to specific security actions the an operator at a water plant or hospital needs to know about to defend their operations from cyber threats.
To subscribe to the GovInsider bulletin click here.
2. What was the most impactful project you worked on this year?
In 2024, we saw a real uptick in cyber operations against US critical infrastructure for disruptive purposes. We addressed this through a series of what we called “Industry Analytic Partnerships” where we brought together Intelligence Community’s best analysts, commercial cybersecurity teams, industry trade groups, and critical infrastructure owners who are grappling with these attacks on their systems. These partnerships helped us refine our intelligence products for key operational audiences. They also help the private sector stakeholders consider their role in national security.
3. What advice do you have for public sector innovators?
I came to public service after more than a decade of building capabilities in the commercial intelligence world—so I just intuitively focus on customers and market development. I think innovation comes into the picture when you’re working very closely with customers to grasp the problems they are trying to solve—not just ‘take requirements.’ If you can figure out how to create something valuable for one customer, there’s usually a good chance there’s a wider market there. This was how CTIIC’s work on analyzing ransomware attacks and trends evolved and where we’ve had some good success in defining how this particular threat continues to morph.
To subscribe to the GovInsider bulletin click here.
4. What are you looking forward to in 2025?
I also love taking some of these huge, multi-year, multi-stakeholder type of problems that we deal with in government—and taking fresh look. In our case, we needed to figure out how to better use and acquire cyber threat intelligence from the commercial and cybersecurity world for the 17 agencies in the US Intelligence Community. Given how much of the digital attack surface in the US and across the globe is owned by private sector, we need to have a smart approach to getting insights about attacks against those networks—we can’t just rely on traditional intelligence sources. In 2024 we signed the first Intelligence Community enterprise-wide contracts for commercial cyber threat intelligence. I’m excited to see how this kind of foundational intelligence acquisition broadens our visibility and analysis of cyber threats in 2025 and beyond.
5. Who inspires you today?
My 11 year old son! I love seeing how he works the latest new AI utility into whatever he’s doing—even on our farm here about an hour and a half outside Washington DC. The other day he was using some different AI bots to create new marketing materials for his wool and egg business. I know there are so many fears about AI becoming a crutch for students and the next generation. Then I see some of the creative ways that my son and his friends are using these tools and it puts these advances into some perspective. These advances come with the same good and bad of any new technology—and we have to dive in and figure out the right balance between security and utility.