National Counterintelligence and Security Center
Operations Security
NCSC executes the roles and responsibilities of the National Operations Security (OPSEC) Program Office, as described in National Security Presidential Memorandum 28 (NSPM-28) and supports department and agency implementation of OPSEC programs. NCSC/ETD provides additional guidance, works with all Executive Branch departments and agencies to develop their programs, and provides program development, training, and awareness materials.
As set forth in NSPM-28, the National Operations Security Program (NOP) supports the establishment, implementation, and standardization of stakeholder OPSEC programs across the Executive Branch of the U.S. Government (USG) and, as appropriate, beyond to trusted partners.
NSPM-28 requires all Executive Branch departments and agencies to implement OPSEC capabilities that identify and protect their most critical assets, identify and mitigate vulnerabilities, consider foreign adversarial threats in their organization’s risk management activities, and apply sufficient threat mitigation practices to counter the threat. NOP requirements are set forth in NSPM-28.
National OPSEC Awareness Month
NEW! National OPSEC Awareness Month Changed to May, starting 2025!
January 2024 —
Enterprise Risk Mitigation
October 2023 —
OPSEC Bulletins
May 2024 —
- Enterprise Threat Bulletin – Bystander Engagement
- Enterprise Threat Bulletin – Cloud Computing: Risk Considerations
April 2024 —
March 2023 —
NOP Authorities & Policies
- NSPM – 28 Requirements
Please Note: National Security Presidential Memorandum (NSPM) 28 is Unclassified but not approved for public release and therefore cannot be posted on this website. Stakeholders within the US government may reach out to This email address is being protected from spambots. You need JavaScript enabled to view it. to obtain a copy.
- NCSC Memo – National Security Operations Security
OPSEC Training
- Registrar: This email address is being protected from spambots. You need JavaScript enabled to view it.
- 2025 OPSEC Training Schedule
- 2024 OPSEC Training Schedule
- OPSEC for All
OPSEC Resources & Templates
- Critical Information List (CIL) Example
- OPSEC Analysis Resources
- OPSEC for Publicly Facing Websites Checklist
- OPSEC Program Manager Appointment Letter Sample
- OPSEC Program Continuity Book (Table of Contents) Example
- OPSEC Program Plan Template 1
- OPSEC Program Plan Template 2
- OPSEC Program Plan Template 3
- OPSEC Program Policy Checklist
- OPSEC Program Policy Template
- OPSEC Program Self-Evaluation Checklist
- OPSEC Working Group Appointment Letter Template
- OPSEC Working Group Charter Template
- NCSC Memo on National Operations Security Program
- OPSEC Training Standards NOP PMO ADVISORY
- NSPM 28 List Of Requirements Appendix A
- OPSEC Awareness Month Messaging Champion Communications Packet for Universities/Colleges
OPSEC Posters
Matthew Halvorsen, Strategic Program Director for NCSC’s Supply Chain and Cyber Directorate, recently sat down with Andrew Coffey, a Deputy Director with the High Intensity Drug Trafficking Areas (HIDTA) Program at the Office of National Drug Control Policy (ONDCP), for an audio interview on how the HIDTA program worked quickly to implement supply chain security measures to stem risks from certain Chinese companies, as mandated by Section 889 of the National Defense Authorization Act (NDAA) of 2019. The discussion is instructive for other federal agencies working to comply with supply chain security provisions of the NDAA.
This episode is the second in a series of interviews with experts and practitioners from government, industry, research and academia to spotlight threats to key U.S. supply chains and highlight mitigation.
- Check out the podcast interview, click here
- For a transcript of the interview, click here
Guest Speaker
Andrew Coffey, Ph.D. is a Deputy Director with the High Intensity Drug Trafficking Areas (HIDTA) Program at the Office of National Drug Control Policy (ONDCP). He oversees a number of portfolios to include policy development, intelligence and information sharing, and performance management. Prior to joining ONDCP he held various positions in the private sector advising clients around the globe on security and risk management. He holds a doctorate in public administration and policy from Virginia Tech, and a bachelor’s degree from Radford University. From 2016-2017, he was a Senior Fellow with the George Washington University Center for Cyber and Homeland Security.
test
test
Cyber Security
The cyber threat is simultaneously a national & homeland security threat and a counterintelligence problem. State and non-state actors use digital technologies to achieve economic and military advantage, foment instability, increase control over content in cyberspace and achieve other strategic goals — often faster than our ability to understand the security implications and neutralize the threat.
NCSC works with the U.S. Government cyber community and the IC, to provide the CI and security perspective on foreign intelligence and other threat actors’ cyber capabilities and provides context and possible attribution of adversarial cyber activities.
Relevant Reports, Briefings & Reading Material:
Provides an indispensable series of basic steps every American can take to safeguard their home networks from cyber intrusions
Ci tips for cyber smarts:
- Spear Phishing and Common Cyber Attacks (PDF)
- Mobile Device Safety (PDF)
- Social Media Safety (PDF)
- Reducing Your Digital Footprint (PDF)
Other Links:
Cyber Threat Intelligence Integration Center (CTIIC)
This sections provides additional resources that have been developed by our various partners that provide additional information and resources to the Insider Threat Community. Resources include external links, briefings, and documentation. NITTF would like to thank our partners for sharing their information with the Insider Threat Community.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| PERSEREC | PERSEREC | Website |
PERSEREC Threat Lab. The Defense Personnel and Security Research Center (PERSEREC) is committed to improving the efficiency, effectiveness and fairness of the DoD personnel security and suitability programs. In furtherance of this mission, PERSEREC established the Threat Lab in 2018 to realize the DoD Counter-Insider Threat Program Director’s vision to integrate the social and behavioral sciences into the mission space. For more information on PERSEREC, please email This email address is being protected from spambots. You need JavaScript enabled to view it. and the Threat Lab, email This email address is being protected from spambots. You need JavaScript enabled to view it.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| Certified Counter-Insider Threat Professional (CCITP) | DOD | Website |
OUSD(I&S), in partnership with the NITTF, created two professional certifications. These certifications were developed with maximum participation from across the USG, resulting in broad applicability across the InT workforce. The website provides information for potential candidates that are interested in completing the program.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| EPRM | United States Air Force (USAF) | PowerPoint Briefing |
NOTE: Presentation was made during the NITTF Spring Forum in May 2018.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| Insider Threat Mitigation | Department of Homeland Security (DHS) | Website |
NOTE: This website was developed by the department of Homeland Security to discuss the importance of mitigating insider threats.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| Active Shooter Preparedness Portal | Active Assailant Security Branch, CISA (AAS CISA) | Website |
NOTE: The website provides products, tools, and resources to help you prepare for and respond to an active shooter incident.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| Planning and Response to an Active Shooter: An Interagency Security Committee Policy and Best Practices Guide | Interagency Security Committee, CISA (ISC CISA) | Website |
NOTE: This second edition of the Planning and Response to an Active Shooter: An Interagency Security Committee Policy and Best Practices Guide removes the FOUO material from the first edition released in July 2015 so that this guidance could be distributed to the public.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
|
Insider Threat Awareness Course Additional Training: http://www.cdse.edu/catalog/insider-threat.html |
Defense Security Service (DSS) Center for Development of Security Excellence (CDSE) | Online Training |
NOTE: For agencies without "in house" training for their workforce, the NITTF issued a directive in 2014 for federal agencies to use the Defense Security Service (DSS) Center for Development of Security Excellence (CDSE) web-based Insider Threat Awareness course. The DSS CDSE site is open to all government D/As, and certificates are available after course completion.
* Materials listed below is for Official Use only and has not been approved for public release. Please contact the NITTF if you have an official need for this item.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| *Civil Liberties and Privacy Training | Federal Bureau of Investigation (FBI) | Briefing |
NOTE: The FBI Office of the General Counsel, Privacy and Civil Liberties Unit, prepared these slides to aid federal departments and agencies (D/As) in training insider threat personnel on civil liberties and privacy laws. NOTE: This training presentation, in and of itself, does not meet the minimum standards. D/As may incorporate these into their own civil liberties and privacy training with added D/A-specific material from, and with the concurrence of, their general counsel.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| *OMBs Role in Federal Cybersecurity Risk Management | Office of Management and Budget (OMB) | Briefing |
NOTE: Presentation was made during the NITTF Fall Forum in November 2017.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| *DVE Pilots Summary | Department of Defense | Briefing |
NOTE: Presentation was made during the NITTF Spring Forum in May 2018.
| Name of Resource | Author of Resource | Resource Type |
|---|---|---|
| *Risky Business Threats as Opportunity for Innovation | Pacific Northwest National Laboratory (PNNL) | Briefing |
NOTE: Presentation was made during the NITTF Fall Forum in November 2017.
This section includes learning modules that have developed and shared by NITTF Partners and provides additional insider threat information and training to the Insider Threat Community. For additional information please contact This email address is being protected from spambots. You need JavaScript enabled to view it..
One of our Intelligence Community partners developed this training to address a variety of insider threat matters such as leaks, spills, espionage, sabotage, and targeted violence. Click on the image to access the module.
This mental wellness training was developed by the Office of Intelligence Community Equal Employment Opportunity and Diversity to explain challenges our workforce may endure if they are experiencing mental health issues. While there are times when behaviors of security concern overlap with mental disorders and require further review, the overwhelming reason for an employee to visit an agency’s Employee Assistance Program (EAP) is to have an objective, trained professional help sort out generally temporary and minor emotional problems. Click on the image to access the module.
NITTF Endorsed Workforce Training:
In addition to training tailored for your insider threat professionals, the Minimum Standards also require insider threat awareness training for the federal workforce. Many D/As have taken the initiative to develop their own training in line with the standards. For agencies without "in house" training for their workforce, the NITTF issued a directive in 2014 for federal agencies to use the Defense Security Service (DSS) Center for Development of Security Excellence (CDSE) web-based Insider Threat Awareness course. The DSS CDSE site is open to all government D/As, and certificates are available after course completion. Additional DSS CDSE training can be found at http://www.cdse.edu/catalog/insider-threat.html
NITTF Directives & Advisories
This section of the resource library provides the Executive order that establishes the NITTF as well as additional information on key insider threat topics developed by NITTF. For additional information please contact This email address is being protected from spambots. You need JavaScript enabled to view it..
As needed, the NITTF publishes advisories and directives, the former serve to inform, instruct, or guide and the latter to establish a policy, assign responsibilities or define objectives to be followed. In addition, NITTF has fostered the development and publication of policy and programmatic tools such as the Insider Threat Program Cost Model, the Insider Threat Security Classification Guide, and the Guide to Accompany the National Insider Threat Policy and Minimum Standards.
Directives and Advisories:
- Insider Threat Program Activities and Compliance with Trusted Workforce 2.0
- NITTF Advisory 2021-002: Sunsetting the NITTF Insider Threat Hub Operations Course
- NITTF Advisory 2021-001: Insider Threat Program Personnel Training (PDF)
- NITTF Advisory 2017-01: Insider Threat Competency Resource Guide (Unclassified) (PDF)
- NITTF Advisory: Maturing the Enterprise (Unclassified) (PDF) and Insider Threat Overlays (Unclassified) (PDF)
- NITTF Clarification of Enterprise Audit Management (EAM), User Activity Monitoring (UAM), Continuous Monitoring, and Continuous Evaluation Memorandum*
- NITTF Insider Threat Awareness Training Directive*
- NITTF Computer Banner Language Advisory*
- NITTF Data Mining Reporting Advisory*
- NITTF Legal Guidance Advisory*
- NITTF Records Management Advisory*
NOTE: Materials in the NITTF Resource Library marked with asterisk (*) are For Official Use Only and has not been approved for public release. Please contact the NITTF (Hyperlink to email This email address is being protected from spambots. You need JavaScript enabled to view it.) if you have an official need for this item.
For additional information on the National Insider Threat Policy, click on the NITTF Policy & Legal Page.
