National Counterintelligence and Security Center
Security Clearance Reform
Current Status
Since IRTPA and E.O. 13467, the SecEA has instituted a variety of reform efforts to improve background investigation and adjudication timeliness, improve the quality of information used to make security clearance decisions, compile system-wide metrics, and assess and oversee personnel security program implementation across the executive branch. With increasing cybersecurity threats and incidents, and large classified information leaks coupled with background investigation backlogs, there will be the need to drive continuous and future security clearance reforms.
As the SecEA, the DNI is the champion for reform activities that include the issuance of guidance, training, oversight, and implementation assessment that are vital for standardizing and improving Executive Branch personnel security programs. The Director of the National Counterintelligence and Security Center (NCSC) serves in support of the DNI’s role as SecEA to develop, implement, oversee and integrate personnel security initiatives throughout the U.S. Government.
Recent reform activities have focused on the following:
- The 2010 Intelligence Authorization Act (IAA) requires the President to submit an annual report on security clearance determinations to Congress and directs this report to include the number of U.S. Government employees and contractors who hold a security clearance at each level. SecEA gathers performance metrics government-wide on the timeliness of personnel security investigations, adjudication and reciprocal actions.
- The SecEA issues Executive Correspondence and Security Executive Agent Directives (SEADs) as a primary means of disseminating national security policy and requirements in order to institutionalize reform initiatives, provide a foundation to government-wide personnel security policies, and conduct oversight of processes related to security clearances and sensitive national security positions.
- In 2012 the Federal Investigative Standards (FIS) were jointly issued by Security and Suitability Executive Agents. FIS is a critical security clearance reform initiative that established new federal investigative criteria to conduct background investigations to determine eligibility for logical and physical access, suitability for U.S. Government (USG) employment, eligibility for access to classified information or to hold a sensitive position, and fitness to perform work for or on behalf of the USG as a contractor employee.
- SecEA considers Agency Head requests for delegated authority, or modification of their existing authority, to conduct personnel security investigations and adjudications.
- Ensuring reciprocal recognition among the USG agencies for eligibility of access to classified information and eligibility to hold a sensitive position, including acting as the final authority to arbitrate and resolve disputes involving the reciprocity of investigations and eligibility determinations.
- Reducing the backlog of periodic reinvestigations (PR). The SecEA issued guidance directing agencies to prioritize out of scope background investigations and focus on their required PRs. The FY 16 Omnibus Appropriation, H.R. 2029-673 requires the DNI to develop a plan to eliminate the backlog of PRs.
- Expansion of eAdjudication (electronic adjudication) to other types of national security and suitability investigations offers the opportunity to improve clearance processing and permit adjudicators to focus on investigations presenting adjudicative issues.
- The Quality Assessment Standards (QAS) were approved by the PAC on 22 January 2015. The QAS Implementation Plan was approved 1 April 2016, which identified separate milestones for Departments and Agencies (D/As) that are only assessing the quality of background investigations (BIs) and those D/As that are responsible for conducting BIs and assessing their quality.
Security Clearance Reform - Overview
The Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA) called for improvements in the U.S. Government’s security clearance processes. The Director of National Intelligence (DNI) and the Undersecretary of Defense for Intelligence co-authored a charter to establish a Joint IC/DoD Security Clearance Reform Team that convened on 18 June 2007. Additionally, Executive Order (E.O.) 13467, Reforming Processes Related to Suitability for Government Employees, Fitness for Contractor Employees, and Eligibility for Access to National Security Information, and Executive Order 13764 amended and clarified several personnel security-related statutory and executive authorities when creating the DNI’s Security Executive Agent (SecEA) role. The SecEA is a key figure with Security Clearance Reform and is a Principal member on the Suitability and Security Clearance Performance Accountability Council (PAC). Chaired by Office of Management and Budget, the PAC is the principal interagency forum for ensuring the alignment of security clearance and suitability processes across the Executive Branch.
NITTF Policy & Legal
Executive Order (E.O.) 13587 (PDF) and the National Insider Threat Policy (PDF) directed the NITTF to develop a Government-wide policy for the deterrence, detection, and mitigation of insider threats, and, in coordination with appropriate agencies, develop minimum standards and guidance for implementation of the insider threat program’s Government-wide policy, both of which were signed by the President on 21 November 2012. The NITTF continually monitors these two foundational and dynamic documents, in collaboration with departments and agencies (D/A), to ensure they are meeting D/A needs as they develop and implement their insider threat programs.
NITTF promotes interdisciplinary and interprofessional collaboration across the executive branch of the U.S. Government with the Committee on National Security Systems and the National Institute of Standards and Technology publications on a range of related issues including continuous evaluation, privileged users, and privacy and civil liberties. The NITTF also ensures National Policy is aligned with D/A policy.
NITTF Core Documents
- Executive Order (E.O.) 13587: Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information (PDF)
- National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs (PDF)
- Summary of Federal Citations for the National Insider Threat Task Force (PDF)
Committee on National Security Systems (CNSS) Documents
- Committee on National Security Systems Directive (CNSSD) No. 504 - Directive on Protecting National Security Systems (NSS) from Insider Threat *
- Committee on National Security Systems Instruction (CNNSI) No. 1015 - Enterprise Audit Management Instruction for National Security Systems (NSS) (PDF)
- Committee on National Security Systems Instruction (CNNSI) No. 4009 – National Information Assurance (IA) Glossary (PDF)
Additional Insider Threat Related Documents
* This material is For Official Use Only, and has not been approved for public release. Please contact the NITTF if you have an official need for this item.
Mission
Lead and support the U.S. Government’s counterintelligence (CI) and security activities critical to protecting our nation; provide CI outreach to U.S. private sector entities at risk of foreign intelligence penetration; and issue public warnings regarding intelligence threats to the U.S.
Vision
NCSC is the nation’s premier source for counterintelligence and security expertise and a trusted mission partner in protecting America against foreign and other adversarial threats.
Strategic Goals
- Goal 1: Advance our Knowledge of, and our Ability to Counter Foreign and Other Adversarial Threats and Incidents
- Goal 2: Protect U.S. Critical Infrastructure, Facilities, Classified Networks, Sensitive Information, and Personnel
- Goal 3: Advance our Counterintelligence and Security Mission and Optimize Enterprise Capabilities through Partnerships
- Goal 4: Strengthen our Effectiveness through Stakeholder Engagement, Governance, and Advocacy
- Goal 5: Achieve our Mission through Organizational Excellence
Leadership
National Insider Threat Task Force (NITTF) Mission
National Insider Threat Task Force (NITTF) Mission
The primary mission of the NITTF is to develop a Government-wide insider threat program for deterring, detecting, and mitigating insider threats, including the safeguarding of classified information from exploitation, compromise, or other unauthorized disclosure, taking into account risk levels, as well as the distinct needs, missions, and systems of individual agencies.
Calendar Year 2024 Hub Ops Training
Establishment of NITTF
In October 2011, the president issued Executive Order (E.O.) 13587 (PDF) establishing the [National] Insider Threat Task Force (NITTF) under joint leadership of the Attorney General and the Director of National Intelligence. The president directed federal departments and agencies with access to classified information to establish insider threat detection and prevention programs, and the NITTF to assist agencies in developing and implementing these programs. In November 2012, following an extensive interagency coordination and vetting process, the president issued the National Insider Threat Policy and the Minimum Standards (PDF) via a Presidential Memorandum.
NITTF Announcements:
- October 2023 Enterprise Risk Mitigation Blueprint for Non-Intelligence Agencies
- NCSC and Federal Partners Focus on “Bystander Engagement” During National Insider Threat Awareness Month 2023
- 2023 Insider Threat Hub Operations Training
- NCSC and Federal Partners Focus on Countering Risk in Digital Spaces during National Insider Threat Awareness Month 2022
- Social Media And Insider Threat Risk, NITAM 2022 Bulletin 1
- Critical Thinking And Reducing Insider Threat Risk, NITAM 2022 Bulletin 2
- Critical Thinking As An Antidote to Misinformation and Influence Efforts, NITAM 2022 Bulletin 3
- Critical Thinking As An Antidote to Election Season Misinformation and Influence Efforts, NITAM 2022 Bulletin 4
- Understanding Why We Are So Susceptible to Mis/Disinformation, NITAM 2022 Bulletin 5
- NITTF whitepaper on State of Insider Threat Programs: Trends from Annual Reports, 2018-2020. Note, this product is only available to our US government partners. US government partners can contact the NITTF Client Engagement Group for a copy
- NCSC and Federal Partners Kick Off "National Insider Threat Awareness Month” 2021
- NITTF collaborated with CDSE to produce the Insider Risk Implementation Guide for the Food and Agriculture Sector.
- The Acting Director of the National Counterintelligence and Security Center has issued his letter of endorsement for the third annual National Insider Threat Awareness Month in September 2021. Please join us during September to emphasize the importance of safeguarding our nation by detecting, deterring, and mitigating insider threats. If you would like to increase awareness in your workforce, visit our partner the Center for Development of Security Excellence, to learn more about the serious risks posed by insider threats and how to recognize and report anomalous/threatening activities to enable early intervention.
- The National Counterintelligence and Security Center released Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence Perspective in March 2021. The publication is designed to raise awareness of insider threats to critical infrastructure organizations, provide information on how to incorporate this threat vector into organizational risk management, and offer best practices on how to mitigate insider threats.
- The National Threat Task Force (NITTF) released the Insider Threat Program Maturity Framework on November 1, 2018. The Framework is an aid for advancing federal agencies’ programs beyond the Minimum Standards, and builds upon best practices found in the 2017 NITTF Insider Threat Guide. The goal is to help programs become more proactive, comprehensive, and better postured to deter, detect, and mitigate insider threat risk.
- NITTF has developed technical bulletins to provide additional information to the insider threat community on technical topics existing within the Insider Threat community. Please review the NITTF Technical Page to view these bulletins.
- NITTF has added additional resources to the NITTF Resource Library in the Additional Insider Threat Resources section (formerly known as Briefings to the Insider Threat Community section). Please take some time to review these resources provided by members of the Insider Threat Community.
NITTF Products and Resources:
Provided below are some resources NITTF has available to the Inside Threat Community. To view additional resources please view our NITTF Resources Library.
| Maturity Framework | Frequently Asked Questions |
|
 |
| Click the image to download a copy | Click the image to download a copy |
| NITTF Insider Threat Guide | Protect Your Organization Guide |
 |
 |
| Click the image to download a copy | Click the image to download a copy |
| Any Given Day Video | |
 |
|
| Click the image to view the video | |
| Insider Threat Training | Mental Wellness Module |
 |
 |
| Click the image to access the module | Click the image to access the module |
Know the Risk Raise Your Shield
CBS' 60 Minutes (23 December 2018) interviewed NCSC Director Evanina on the threat of Chinese espionage aginst the United States:
- "To Catch a Spy" segment on how a former CIA officer was caught betraying his country.
- "How China can spy on your electronics -- even in the United States" on 60 Minutes Overtime
Know the Risk | Raise Your Shield
Foreign intelligence entities, which may include foreign governments, corporations, and their proxies, are actively targeting information, assets, and technologies that are vital to both U.S. national security and our global competitiveness. The National Counterintelligence and Security Center is dedicated to raising awareness among government employees and private industry about these foreign intelligence threats, the risks they pose, and the defensive measures necessary for individuals and organizations to safeguard that which has been entrusted to their protection.
This campaign and related products will enable personnel to better understand these threats and provide guidance and tips for protecting the sensitive information, assets, technologies, and networks to which employees have access. It will also serve to help them protect their personal, confidential information that may be used by others to gain their trust.
