National Counterintelligence and Security Center
Information Sharing and Audit Data
IC elements treat information collected and analysis produced as national assets. They are stewards of information who have a "responsibility to provide." Authorized IC personnel have a "responsibility to discover" information believed to have the potential to contribute to their assigned mission need and a corresponding "responsibility to request" relevant information they have discovered.
Damage Assessments
Damage assessments are conducted by NCSC to evaluate actual or potential damage to national security from the unauthorized disclosure or compromise of classified information. NCSC coordinates equity reviews and damage assessments across the IC, as directed by the DNI. Lessons learned from these assessments are shared with our mission partners.
Threat Assessments
The National Counterintelligence and Security Center (NCSC) plays a critical role in understanding Foreign Intelligence Entities (FIE). The foundation of all counterintelligence (CI) work lies in comprehending foreign intelligence entities (FIE). This involves studying their behavior, understanding how they define their missions, and analyzing their operational patterns. By gaining insights into FIE activities, CI professionals can effectively counter their efforts and protect national security.
The 2024 Annual Threat Assessment of the U.S. Intelligence Community focuses on the most direct, serious threats to the United States primarily during the next year.
The NCSC produces the National Threat Identification and Prioritization Assessment (NTIPA). The NTIPA is a crucial assessment that informs policymakers and senior officials with CI responsibilities. The NTIPA identifies and prioritizes current and emerging foreign intelligence threats that could significantly harm U.S. national security. By staying informed about these threats, decision-makers can allocate resources effectively and take proactive measures to mitigate risks.
The NCSC works within the National Intelligence Priority Framework (NIPF). The NIPF reflects the priorities set by customers for national intelligence support. It ensures that both enduring and emerging intelligence issues receive attention and appropriate resources. By aligning intelligence efforts with customer priorities, the NIPF enhances the overall effectiveness of U.S. intelligence operations.
In summary, the NCSC’s multifaceted approach involves understanding FIE behavior, assessing threats, and prioritizing intelligence efforts. Collaboration, timely assessments, and strategic alignment are essential in safeguarding U.S. interests and countering foreign intelligence threats.
Personnel Security
NCSC serves in support of the DNI’s role as Security Executive Agent (SecEA) and chairs the Directors’ Security Board (DSB). SecEA authorities direct the SecEA to develop, implement, oversee, and integrate joint security and suitability initiatives with its U.S. Government partners for effective, efficient, and uniform policies and procedures in conducting investigations and adjudications for eligibility for access to classified information or to hold a sensitive position.
Enterprise Threat Mitigation Training
OPSEC Training:
The National OPSEC Program Office continues to offer OPSEC training thru FY22. Potential learners can sign up for OPSEC training via the web at www.iad.gov/ioss. Below links provide course descriptions and schedule.
OPSEC Course Description and FY-2022 OPSEC Training Calendar
"OPSEC Awareness Materials Coming Soon"
Insider Threat Training:
The final iteration of the NITTF Insider Threat Hub Ops course was held on September 14-15, 2021. There will no longer be a virtual or an in-person version of the course. NITTF will continue to advocate for insider threat training opportunities that professionalize the insider threat workforce. Please see advisory announcing the sunset of the Insider Threat Hub Ops course and the CDSE eLearning courses listed below that are available for training the insider threat community via direct link NITTF Directives & Advisories.
NITTF Endorsed Workforce Training
Virtual Insider Threat Detection Analysis Course:
NITTF has partnered with DITMAC and DIA’s Joint Military Intelligence Training Center (JMITC) to extend enrollment in the Virtual Insider Threat Detection Analysis course to all Executive Branch departments and agencies at no cost. This course is designed for all federal insider threat program analysts from Department of Defense (DoD), Intelligence Community (IC), and Non-Title 50 (NT-50) communities.
Specifically, this course provides entry level Counter-Insider Threat Analysts the ability to apply critical thinking skills and applicable structured analytic techniques to potential insider threat indicators as learners obtain and use holistic data in conjunction with the application of critical pathway theory. Participants will apply Executive Order, Department of Defense, and IC
authorities to gather this holistic data while they ensure constitutional and privacy rights are maintained. Participants will execute the appropriate processes for conducting and reporting insider threat response actions from intake of an initial potential threat to mitigation of the threat.
Additionally, students will be able to disclose mandated counterintelligence and criminal activity information to the appropriate agency/office.
Please contact Don Parnell at This email address is being protected from spambots. You need JavaScript enabled to view it. or 540-760-5715 to register. Fiscal Year (FY) 2022 course schedule is as follows:
FY22 SCHEDULE:
| Date |
|---|
| October 25 - 29, 2021 |
| December 6 - 10, 2021 |
| January 24 - 28, 2022 |
| March 7 - 11, 2022 |
| May 16 - 20, 2022 |
| June 6 - 10, 2022 |
| July 18 - 22, 2022 |
| August 15 - 19, 2022 |
Insider Threat Catalog:
Additional training materials for insider threat practitioners including job aids, webinars, videos and other performance support tools are available at the CDSE Insider Threat Toolkit. There are 15 eLearning courses to choose from as follows:
- Insider Threat Awareness Course INT 101.16
- Establishing an Insider Threat Program for Your Organization INT122.16
- Developing a Multidisciplinary Insider Threat Capability INT201.16
- Insider Threat Mitigation Responses INT210.16
- Preserving Investigative and Operational Viability in Insider Threat INT220.16
- Insider Threat Records Checks INT230.16
- Insider Threat Basic Hub Operations INT240.16
- Critical Thinking for Insider Threat Analysts INT250.16
- Insider Threat Privacy and Civil Liberties INT260.16
- Maximizing Organizational Trust INT270.16
- Cyber Insider Threat INT280.16
- Behavioral Science in Insider Threat INT290.16
- Continuous Monitoring Course CS200.16
- Counterintelligence Concerns for National Security Adjudicators CI020.16
- Unauthorized Disclosure (UD) of Classified Information and Controlled Unclassified Information (CUI) IF130.16
Awareness materials for the general workforce of USG and private sector organizations may also be found at the CDSE site and the mobile application “Insider Threat Sentry” which is available for free download at the Apple App or Google Play stores for iOS and Android.
External Learning Modules
NITTF features an insider threat training module developed by one of our Intelligence Community partners. This training addresses a variety of insider threat matters such as leaks, spills, espionage, sabotage, and targeted violence.
NITTF also features a mental wellness training module. This training was developed by the Office of Intelligence Community Equal Employment Opportunity and Diversity to explain challenges our workforce may endure if they are experiencing mental health issues. While there are times when behaviors of security concern overlap with mental disorders and require further review, the overwhelming reason for an employee to visit an agency’s Employee Assistance Program (EAP) is to have an objective, trained professional help sort out generally temporary and minor emotional problems.
Any Given Day – An Insider Threat Short (8-minute video)
Any Given Day (VIDEO) is an 8-minute video that was produced to enhance insider threat education and awareness. It highlights the balance between collecting information and privacy concerns and presents a side of insider threat programs that is not often considered: protecting national security at the human level. Executive Order 13587 focuses on safeguarding classified networks and classified information, but it's not just about information, it's also about protecting people. NITTF encourages inclusion of this video in your existing training plan for your workforce.
Archives
CI Strategy
- The National Counterintelligence Strategy of the United States, 2018 - 2022 (2018 - 2022 - 3MB)
- The National Counterintelligence Strategy of the United States, 2008 (2008 - 267KB)
- The National Counterintelligence Strategy of the United States, 2007 (2007 - 240KB)
- DNI Press Statement issued upon release of the National Counterintelligence Strategy of the United States. (2007 - 56KB)
- The National Counterintelligence Strategy of the United States, 2005 (2005 - 134KB)
CI Security Policy
Espionage
- Espionage Against the United States by American Citizens 1947-2001 published by TRW Systems (2002 - 969KB)
Counterintelligence Perspectives
- The Ten Commandments of CI published by CIA Center for the Study of Intelligence (2002 - 46KB)
Threats From Foreign Entities
- Chinese science and technology supported in Japan (2003 - 51KB)
- Department of Homeland Security Bulletin: Potential Terrorist Use of Official Identification, Uniforms, or Vehicles (2003 - 23KB)
- North Korea: Channeling foreign information technology to leverage IT development (2003 - 186KB)
- South Korea: Large boost in funds for technology transfer (2003 - 155KB)
