National Counterintelligence and Security Center

Damage Assessments


Damage assessments are conducted by NCSC to evaluate actual or potential damage to national security from the unauthorized disclosure or compromise of classified information.  NCSC coordinates equity reviews and damage assessments across the IC, as directed by the DNI.  Lessons learned from these assessments are shared with our mission partners.

Threat Assessments


The foundation of all counterintelligence (CI) work is the study of foreign intelligence entities (FIE) — to understand their behavior— how they define and carry out their missions.


NCSC produces the National Threat Identification and Prioritization Assessment (NTIPA) which informs policy makers and senior officials with CI responsibilities on current and emerging foreign intelligence threats that could seriously damage US national security.


The National Intelligence Priority Framework (NIPF) reflects customers’ priorities for national intelligence support and ensures that enduring and emerging intelligence issues are addressed.

Personnel Security


NCSC serves in support of the DNI’s role as Security Executive Agent (SecEA) and chairs the Directors’ Security Board (DSB).  SecEA authorities direct the SecEA to develop, implement, oversee, and integrate joint security and suitability initiatives with its U.S. Government partners for effective, efficient, and uniform policies and procedures in conducting investigations and adjudications for eligibility for access to classified information or to hold a sensitive position.

Training Icon  NITTF Insider Threat Training


The National Insider Threat Task Force (NITTF) was established under Executive Order (E.O.) 13587 (PDF). The NITTF is the principal interagency task force responsible for developing an Executive branch insider threat detection and mitigation program to be implemented by all federal departments and agencies. Integrated in this mission of insider threat program development is the requirement to develop, provide and establish training standards for Insider Threat program personnel, specifically for those people directly involved with Insider Threat “hubs.” Hubs are responsible for gathering, integrating, and analyzing anomalous activities, and ensuring that appropriate inquiries are conducted and steps taken in response to insider threat concerns.


NITTF Insider Threat Hub Operations Course:


Demand for insider threat training continues to increase in order to meet requirements for implementing insider threat programs, and for professionalizing the insider threat workforce. Since the NITTF's inception, several versions of no-cost training covering establishment and implementation of insider threat programs have been hosted.


In 2015, the NITTF launched the Insider Threat Hub Operations Course to deliver a practical, scenario-based approach for teaching insider threat hub activities. This professional training course focuses on teaching fundamental concepts and requirements for insider threat response actions, along with policy and legal authority considerations, from an initial trigger event to mitigation measures. It aids in satisfying national training requirements for insider threat program personnel, and better prepares Executive branch departments’ and agencies’ hub personnel to legally and appropriately handle day-to-day activities for deterring, detecting, and mitigating insider threats. To date, NITTF’s training on establishing and running an insider threat program has reached over 4,500 people in over 80 departments and agencies. Training has been delivered in formal classroom settings and practical exercises, as well as insider threat-specific forums, working groups, and conferences.


Insider Threat Hub Operations Course  

Upcoming Class Dates:

  • May 8-10, 2018 (Full; waitlisted)
  • June 12-14, 2018 (Full; waitlisted)
  • September 18-20, 2018 (Full; waitlisted)
  • October 16-18, 2018 (Full; waitlisted)
  • November 6-8, 2018 (Full; waitlisted)

Please note:  This course is for government employees assigned to, and/or supporting, an executive branch agency's insider threat program.  Contractors assigned to these programs may be considered with agency COR approval.Requests to attend this course must be submitted by the agency's insider threat program manager or designated senior official.  Submit requests via email to This email address is being protected from spambots. You need JavaScript enabled to view it. with participant(s) name, email address, agency, and requested class date.


Any Given Day – An Insider Threat Short (8 minute video):


Any Given Day Training Video

Any Given Day (VIDEO) is an 8-minute video that was produced to enhance insider threat education and awareness.  It highlights the balance between collecting information and privacy concerns, and presents a side of insider threat programs that is not often considered: protecting national security at the human level.  Executive Order 13587 focuses on safeguarding classified networks and classified information, but it's not just about information, it's also about protecting people.  NITTF encourages inclusion of this video in your existing training plan for your workforce.

NITTF Endorsed Workforce Training:

In addition to training tailored for your insider threat professionals, the Minimum Standards also require insider threat awareness training for the federal workforce. Many D/As have taken the initiative to develop their own training in line with the standards. For agencies without "in house" training for their workforce, the NITTF issued a directive in 2014 for federal agencies to use the Defense Security Service (DSS) Center for Development of Security Excellence (CDSE) web-based Insider Threat Awareness course. The DSS CDSE site is open to all government D/As, and certificates are available after course completion. Additional DSS CDSE training can be found at http://www.cdse.edu/catalog/insider-threat.html





Welcome to CI References, the place where you will find interesting facts relating to counterintelligence.


Terms & Definitions of interest for Counterintelligence Professionals

CI Reader

CI Reader: An American Revolution Into the New Millennium, Volumes I, II, and III

National Counterintelligence and Security Center