History of NCSC
Counterintelligence in the 21st Century
The position of the National Counterintelligence Executive (NCIX) was established in 2001 and the Counterintelligence Enhancement Act of 2002 established the Office of the National Counterintelligence Executive (ONCIX). In November 2014 the Director of National Intelligence (DNI) established NCSC by combining ONCIX with the Center for Security Evaluation, the Special Security Center and the National Insider Threat Task Force, to effectively integrate and align counterintelligence and security mission areas under a single organizational construct. The Director of NCSC serves in support of the DNI’s role as Security Executive Agent (SecEA) to develop, implement, oversee and integrate personnel security initiatives throughout the U.S. Government.
The Office of the National Counterintelligence Executive (ONCIX) was established in 2002 and then integrated into the Office of the Director of National Intelligence (ODNI) in 2004. The ODNI/Special Security Center (SSC) and the ODNI/Center for Security Evaluation (CSE) were integrated into ONCIX in 2010 to strengthen the synergies between CI and Security. SSC – renamed the Special Security Directorate (SSD) – continues to focus on personnel security, serving as the Director of National Intelligence’s (DNI’s) lead for Security Executive Agent (SecEA) authorities, clearance reform, and continuous evaluation. CSE, in consultation with the IC, supports the Department of State in protecting classified national security information and provides other security-related functions affecting IC interests at U.S. diplomatic and consular facilities abroad. ONCIX, on behalf of the DNI, along with the FBI, on behalf of the U.S. Attorney General provides direction and oversight of the National Insider Threat Task Force (NITTF) which was formed in 2011.
On 1 December 2014, the DNI established the National Counterintelligence and Security Center (NCSC) to effectively integrate and align counterintelligence and security mission areas and allow the DNI to address counterintelligence and security responsibilities under a single organizational construct. The establishment of NCSC is consistent with the DNI’s authority to establish national intelligence centers to address intelligence priorities. The National Counterintelligence Executive (NCIX) also serves as the Director of NCSC.
On 1 December 2015, on the one-year anniversary of NCSC, a new seal replaced the legacy ONCIX seal to represent the role of CI– to deter, disrupt, and defeat foreign intelligence threats and the role of security– to protect and defend U.S. infrastructure, facilities, classified networks, information and personnel. NCSC’s vision is to be the nation’s premier source for CI and security expertise and a trusted mission partner in protecting America against foreign and other adversarial threats.
CI and Security Advocacy
The National Counterintelligence and Security Center (NCSC) oversees the allocation of CI and security resources within the National Intelligence Program (NIP). It advocates for implementing CI and security programs that may not be directly funded by the NIP.
The NCSC utilizes the Intelligence Planning Programming, Budgeting, and Evaluation (IPPBE) system to shape and sustain intelligence capabilities. Through this system, the NIP is developed. The NIP encompasses resources and initiatives critical for intelligence operations.
The NCSC conducts mission reviews, assessing progress based on the implementation of the National Counterintelligence (CI) Strategy. Additionally, it evaluates the state of the mission, guided by the Unifying Intelligence Strategy for Counterintelligence. By identifying key intelligence gaps, the NCSC seeks to leverage existing CI capabilities before proposing new ones.
In summary, the NCSC’s strategic planning, resource allocation, and gap analysis contribute to effective counterintelligence efforts, ensuring the protection of U.S. interests and national security.
Physical Security
NCSC works with the Department of State to protect classified national security information and to perform other security-related functions affecting U.S. diplomatic and consular facilities abroad.
Technical and cyber threat assessments bring an understanding of foreign scientific and technical developments and capabilities that might pose potential threats, targets, or opportunities for the U.S. Government and its partners.
Technical Surveillance Countermeasures (TSCM) represent the convergence of counterintelligence and security. Countermeasures are designed to detect and nullify a wide variety of technologies used to gain unauthorized access to classified national security information, restricted data or otherwise sensitive information.
Relevant Reports, Briefings, & Reading Material
i. Protecting U.S. Embassies and Consulates
NCSC, in consultation with the IC, works with Department of State (DoS) to protect classified national security information and to perform other security-related functions affecting U.S. diplomatic and consular facilities abroad. NCSC provides IC input to the DoS biannual Security Environment Threat List for the Human Intelligence and Technical Threat categories and conducts risk assessments for U.S. diplomatic facilities abroad in response to specific requests from DoS that involve analyses of asset value, threats, and vulnerabilities as well as recommendations for risk mitigation.
NCSC has responsibility for overseas security which requires: maintaining databases on foreign intelligence threats to and the vulnerabilities of U.S. diplomatic facilities abroad; collaborating with the IC and DoS to enhance information assurance standards and policies for the protection of classified national security information held in U.S. diplomatic facilities abroad, and partnering with DoS, industry and the IC elements to assess technical security shortfalls, identify solutions and manage the integration of emerging technologies to improve security countermeasures.
ii. Protecting IC Facilities Domestically and Abroad
NCSC oversees the management of U.S. Government facilities containing Sensitive Compartmented Information Facilities (SCIFs) and a framework for common security standards for IC domestic facilities enabling savings through shared, multi-use spaces. NCSC provides a single automated source for secure facility information worldwide. SCIF locations can be an invaluable tool to identify sites in jeopardy due to national disasters, heightened security alerts, as well as domestic and international hostilities.
iii. Technical Threat Assessment and Technical Surveillance Countermeasures
The protection of national intelligence and intelligence sources and methods, and the neutralization of foreign intelligence threats, are fundamental to the success of the CI and security mission. Technical and cyber threat assessments bring an understanding of foreign scientific and technical developments and capabilities that might pose potential threats, targets, or opportunities for the U.S. Government and its partners.
Technical Surveillance Countermeasures (TSCM) represent the convergence of counterintelligence and security. Countermeasures are designed to detect and nullify a wide variety of technologies used to gain unauthorized access to classified national security information, restricted data or otherwise sensitive information.
Information on foreign technical penetrations, technical surveillance, or technical collection efforts against the U.S. is centralized and managed, including information and techniques obtained through U.S. TSCM activities and subsequent CI investigations.
National and IC Strategy Development
The National Counterintelligence and Security Center (NCSC) is responsible for developing and overseeing National CI and Security Policy. The National Counterintelligence Policy Board, established under the Counterintelligence and Security Enhancements Act of 1994, serves as the principal mechanism for creating national policies and procedures that guide the conduct of counterintelligence activities across the U.S. Government.
Additionally, the NCSC ensures alignment of policies related to personnel security, suitability, access to sensitive positions, and access to classified information. These policies aim for reciprocal recognition and protection of national security information.
One specific strategy is the National Counterintelligence Strategy. This strategy plays a crucial role in safeguarding the United States against foreign intelligence threats by outlining how the U.S. Government will address foreign intelligence threats. It focuses on a few key strategic objectives:
- Protecting the American People and Homeland: By countering espionage and other harmful intelligence activities conducted by foreign adversaries.
- Promoting American Prosperity: By safeguarding the economy from theft of technology and intellectual property by foreign adversaries.
- Preserving Peace and Security: By actively countering aggressive foreign intelligence services that work against democracy, U.S. allies, and national security priorities.
The United States faces an array of threats from foreign intelligence services. These adversaries employ sophisticated methods to harm U.S. interests, interfere with elections, and erode economic and military superiority. The strategy emphasizes collaboration between the U.S. Government, private industry, and the public to strengthen counterintelligence capabilities and secure the nation.
NCSC leads the development, implementation, and assessment of the Unifying Intelligence Strategy for Counterintelligence (Intelligence Community) . It aims to unify counterintelligence efforts across the Intelligence Community (IC) by identifying gaps, making recommendations, and shaping resource decisions, the strategy enhances the IC’s ability to anticipate and deter foreign intelligence threats.
In summary, the National Counterintelligence Strategy serves as a vital blueprint for protecting national security, economic interests, and democratic values against foreign adversaries. Collaboration and vigilance remain essential in this ongoing effort.
Information Sharing and Audit Data
IC elements treat information collected and analysis produced as national assets. They are stewards of information who have a "responsibility to provide." Authorized IC personnel have a "responsibility to discover" information believed to have the potential to contribute to their assigned mission need and a corresponding "responsibility to request" relevant information they have discovered.