National Counterintelligence and Security Center


National Counterintelligence and Security Center

NCSC is transforming its workforce and capabilities through strategic hiring and implementation of its professional development strategy. Through these efforts, NCSC will retain current talent and acquire new skills necessary to lead the nation's counterintelligence and security efforts to counter the foreign intelligence threat. NCSC has rotational opportunities for current federal civilian personnel that are interested in working in our dynamic and diverse organization.

Assessment Icon  NITTF Assessments


Executive Order (E.O.) 13587 and the National Insider Threat Policy directs the NITTF to conduct ‘’independent assessments of the adequacy of agency programs to implement established policies and minimum standards’’ and to report the results to the Steering Committee. It directs U.S. executive branch departments and agencies (D/As) to ‘‘provide information and access…to enable independent assessments.’’ The National Insider Threat Policy also requires the NITTF to conduct assessments to determine the level of organizational compliance with the Policy and Minimum Standards. All executive branch D/As that possess national security information or own or operate a classified network are subject to independent assessments.


An independent assessment is an integral part of the NITTF’s mission to assist D/As in establishing their insider threat programs. It provides a D/A with an outside view of its progress in implementing the Insider Threat Minimum Standards, identifies best practices the D/A has incorporated into its insider threat program, and makes recommendations in the areas where the NITTF assesses there is still work to be done to meet a Minimum Standard. These recommendations provide a guide for the D/A to focus its efforts towards reaching full operating capability—implementing all of the Minimum Standards. Recommendations in an independent assessment also provide a roadmap for the NITTF to provide tailored assistance to the D/A. Individual D/A independent assessment reports are shared only with D/A insider threat officials; for DoD components, the individual assessment reports are also shared with USD(I), as the Department’s Designated Senior Official.


If you are a Designated Senior Official or Program Manager for your Insider Threat Program, you may contact the NITTF to discuss scheduling an assessment.


Traits of a D/A that reaches FOC:


Click here to view traits of a program that reaches Full Operating Capability (PDF)

Insider Threat Program Milestones:

 NITTF Program Maturity Levels


Insider Threat Minimum Standards by Category:

 NITTF Minimum Standards by Category



Assistance Icon  NITTF Outreach


Executive Order (E.O.) 13587 and the National Insider Threat Policy direct the NITTF to assist departments and agencies (D/A) in developing, implementing, and improving their Insider Threat Programs. The assistance effort is a collaborative process between the NITTF and the individual D/A. Through the assistance program, NITTF subject matter experts provide expertise, guidance, and advice on how best to achieve the Minimum Standards required for all insider threat programs. All components of the NITTF help facilitate the assistance mission in order to aid the executive branch D/As in meeting the requirements of E.O. 13587.


The NITTF Liaison Team is a critical part of the assistance program. Liaison Team members work directly with individual Federal Partners and select Department of Defense components. They provide direct assistance to insider threat program managers and personnel and help identify common solutions to common problems that are present across the enterprise. The Liaison Team also serves as an intermediary between D/As and the NITTF, helping identify task force resources, such as training or technical assistance, that may be beneficial to insider threat programs.


If you have any questions and/or insistence in establishing and insider threat office contact NITTF Assistance at This email address is being protected from spambots. You need JavaScript enabled to view it..



News Events Icon   NITTF News & Events


As a collaboration service to the Insider Threat Community, this section serves a bulletin board for upcoming NITTF and other D/A events of interest. Please check here periodically for newly posted information that may be of assistance.  The NITTF is open to post information about events of interest to the Insider Threat community that other agencies sponsor to ensure maximum visibility.


The NITTF News and Events section contains open source content on insider threat and its related topics such as continuous evaluation, espionage, unauthorized disclosures, and user activity monitoring amount others.  Providing this open source information is neither an endorsement by nor reflection of the opinions of the NITTF.


Upcoming Events:

  • NEW: The Fall 2018 National Insider Threat Task Force Community forum will take place on November 1, 2018. Click here for additional information. Continue to check on our site for future updates.
  • NEW: NITTF is proud to announce the Insider Threat Hub Course Schedule for 2019. Please check the NITTF Training Page for more details.


  • NEW: NITTF has developed technical bulletins to provide additional information to the insider threat community on technical topics existing  within the Insider Threat community. Please review the NITTF Technical Page to view these bulletins.
  • NEW: NITTF has added additional resources to the NITTF Resource Library in the Additional Insider Threat Resources section (formerly known as Briefings to the Insider Threat Community section). Please take some time to review these resources provided by members of the Insider Threat Community.

Contact the NITTF at This email address is being protected from spambots. You need JavaScript enabled to view it. if you have any questions.



Products Services Icon NITTF Resource Library


Welcome to the updated NITTF Resource Library.  As part of its assistance mission, the NITTF works within the Insider Threat community to identify best practices, policy templates, and guidance to assist in the development of Insider Threat Programs and Insider Threat Training.  Please check here periodically for newly posted information that may be of assistance.


The Resource Library is now divided into 4 sections to help visitors view the various information on Insider threat information:


NITTF Produced Guides and Templates NITTF Directives & Advisories
External Learning Modules NEW: Additional Insider Threat Resources


NITTF Produced Guides and Templates: This section of the NITTF Resource Library provides Insider threat information that was developed by NITTF.  Included in this section are the 2017 Insider Threat Guide: A Compendium of best practices to accompany the National Insider Threat Minimum Standards (PDF) (and the errata) and the Any Given Day video.


NITTF Directives and Advisories:  This section of the resource library provides the various advisories and directives. This section provides information to departments and agencies information on key Insider Threat topics such as User Activity Monitoring (UAM) and data mining.


External Learning Modules:  This section of the resource library provides Insider Threat learning and information developed by our external partners.  This section includes the recently uploaded Mental Wellness and Insider Threat modules develop by the IC-EEOD and members of the Intelligence Community respectively.


NEW: Additional Insider Threat Resources:  This section provides additional resources that have been developed by our various partners that provide additional information and resources to the Insider Threat Community. Resources include external links, briefings, and documentation.  NITTF would like to thank our partners who are willing to share their information to the Insider Threat Community.
New Information Available


NOTE:  Materials in the NITTF Resource Library marked with asterisk (*) is For Official Use Only, and has not been approved for public release.  Please contact the This email address is being protected from spambots. You need JavaScript enabled to view it. if you have an official need for this item.


NITTF Collaboration Efforts:

As part of the NITTF’s focus on assisting the executive branch with meeting the minimum standards, the NITTF has partnered with D/As to develop solutions to visualize complex data at no cost, provide a GOTS case management tool to D/As insider threat programs, and have assisted classified network providers with developing written data sharing agreements to meet minimum standard requirements.



NCSC does not provide printed copies of our posters. These materials are NOT copyrighted, and you are welcome to download, print, and disseminate our posters freely to promote greater counterintelligence awareness.


"I Want You..."
This poster highlights the counterintelligence threat from non-state actors, such as drug cartels and other transnational criminal organizations. Non-state actors actively recruit US government employees, law enforcement, contractors, and military personnel with knowledge, access, and skills of value, including operational knowledge, access to sensitive or classified information, and military and law enforcement training. Verifying the true origin and nature of business proposals can reduce the risk of unwittingly assisting a non-state actor.

"Recruitment Classified Ads"
Recruitment attempts by a drug cartel or terrorist organization are never as obvious as in this poster. The poster highlights that non-state actors, just as foreign intelligence services, recruit US government officials, law enforcement, contractors, and military personnel for their knowledge, access, and skills.

Economic Espionage: $240 Million - 1
Years of research. Hundreds of millions of dollars invested. All Lost.

Economic Espionage: $240 Million - 2
Years of research. Hundreds of millions of dollars invested. All Lost.

Economic Espionage: Made in the USA
Stolen and transferred to an unnamed country with a cool wall, great noodles, and countless cyber hackers.

Economic Espionage: USB Port - 1
"The research project of a lifetime just ran out my ... USB Port." Corporate thieves no longer use the front door.

Economic Espionage: USB Port - 2
"The research project of a lifetime just ran out my ... USB Port." Corporate thieves no longer use the front door.

W. Kendall Myers
A CI education and awareness poster highlighting a recent Cuban espionage case.

Treason from Within
A CI awareness poster on the insider threat with a special emphasis on Cuban espionage.

X-Rays Poster
A CI awareness poster showcasing proactive counterintelligence.

Tall Order Poster
A CI awareness poster reminding us that protecting our most valuable data makes all of us safer.

Espionage Poster
The ONCIX's award-winning poster serves as a reminder that there are no winners in the espionage game.

Our Country Poster
The ONCIX's CI and security-awareness poster showcasing America's cities, states, and landmarks.

Tears Poster
This poster emphasizes CI support to force protection.

Lincoln Poster - Need To Know
A CI and security-awareness poster underscoring the "Need To Know."

Protecting Sensitive Information
An ONCIX poster that highlights the importance of protecting sensitive information to help safeguard our people and our country.

One Evil
This poster features the pictures of several convicted spies and a George Washington quote.

Robert P. Hanssen
This poster ... Spy, Traitor, Deceiver..., which captures the essence of Robert P. Hanssen's career, is available as a reminder of the life he chose and its ultimate conclusion.

Don't Tread On Me
This ONCIX poster features quotes from Presidents George W. Bush and Thomas Jefferson, along with renderings of the US and "DON'T TREAD ON ME" flags.

Trade Secrets Are The Key
A great reminder to your employees that protecting your company's trade secrets is critical to the economic survival of both your company and our country.

Without Its Trade Secrets
A poster showing the devastating effects that economic espionage can have on a country.

National Counterintelligence and Security Center