How We Work
“CI and security are interconnected and cannot be
executed in isolation.” – NCSC Director Evanina
The solutions to countering adversarial threats often lie at the intersection of the CI and security disciplines. CI has both a defensive mission — to protect our nation’s secrets and assets from theft, manipulation, or destruction by foreign adversaries by knowing their intentions, targets, capabilities and methods — and an offensive mission — to exploit, deceive or disrupt their hostile activities. Assuring the security of personnel, data, networks, national & trade secrets, and physical facilities – is a critical element. The U.S. faces higher cyber, physical, and technical threat levels than ever before; and security policies, standards, guidelines and practices must be based on sound threat analysis and risk management.
NCSC blends CI and security expertise to lead and support CI and security activities across the U.S. Government, the Intelligence Community and U.S. private sector entities at risk of intelligence collection, penetration or attack by foreign and other adversaries.
- For Counterintelligence, the Director of NCSC serves as both the National Counterintelligence Executive (NCIX) and the National Intelligence Manager for Counterintelligence (NIM-CI).
- For Security, NCSC is responsible for Security Executive Agent (SecEA) activities, on behalf of the Director National Intelligence, across the Executive Branch and is the DNI’s designee for oversight and direction for safeguarding national security programs across the IC.
We also:
- Co-lead, with the FBI, the National Insider Threat Task Force (NITTF).
- Provide CI & Security public awareness and education through the Know the Risk | Raise Your Shield national campaign and practitioner training for the public and private sectors.
- Work closely with Mission Partners and an array of Stakeholders to address the enduring and emerging foreign and other adversarial threats to accomplish our five Strategic Goals.
Chief Information Officer
IC Technical Specifications
Revision Recall
Overview
This IC enterprise data encoding specification defines detailed implementation guidance for using XML to encode RevRecall data. It defines the XML elements and attributes, associated structures and relationships, mandatory and cardinality requirements, permissible values, and constraint rules for representing RevRecall data concepts using XML.
This standard supports Executive Order (EO) 13526, Classified National Security Information which "prescribes a uniform system for classifying, safeguarding, and declassifying national security information," across national security disciplines, networks, services, and data.
Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package.
The IC Chief Information Officer maintains this specification via the Data Coordination Activity (DCA) and Common Metadata Standards Tiger Team (CMSTT).
Technical Specification Downloads
Latest Approved Public Release:
- XML Data Encoding Specification for Revision Recall (V2021-NOVr2022-MAY - Standalone Package)
- XML Data Encoding Specification for Revision Recall (V2021-NOVr2022-MAY - Convenience Package)
- XML Data Encoding Specification for Revision Recall (V2021-NOVr2022-MAY - Light Package)
Mission Requirements
This specification expresses information related to the revision and recall of intelligence products. This information allows recipients to be aware of revisions and recalls and to take necessary actions in regards to previous versions.
This specification is intended to meet the requirements put forth in the Memorandum for Distribution signed by Negroponte on August 5, 2005. This includes declaring the title or subject of the intelligence product being revised or recalled, type of revision or recall, the date the revision or recall was issued, the reason for its issuance, and any required actions to be taken as a result of its issuance.
Chief Information Officer
IC Technical Specifications
XML Data Encoding Specification for Body Of Evidence
Overview
This XML Data Encoding Specification for Body of Evidence (BOE.XML) defines detailed implementation guidance for the XML-encoding of elements to convey a system's body of evidence, where body of evidence is the set of data that documents the information system’s adherence to the security controls applied as defined in National Information Assurance (IA) Glossary (CNSSI 4009).
This specification is intended to provide the data fields necessary to capture and convey the relevant information that would be used to facilitate the acceptance and reciprocity of established systems and their security authorizations. To facilitate this exchange, this specification has been closely aligned with Risk Management Framework Documentation, Data Element Standards, and Reciprocity Process for National Security Systems (CNSSI 1254), associated policies, and the concepts and terminology within. It seeks to encourage an exchange of CNSSI compliant system security information and authorization to promote reciprocity between agencies/organizations in XML.
This specification is maintained by the IC Chief Information Officer via the Data Standards Coordination Activity (DSCA) and Common Metadata Standards Tiger Team (CMSTT).
Technical Specification Downloads
Latest Approved Public Release:
- XML Data Encoding Specifications for Body of Evidence (V2018-APR - Standalone Package)
- XML Data Encoding Specifications for Body of Evidence (V2018-APR - Convenience Package)
- XML Data Encoding Specifications for Body of Evidence (V2018-APR - Light Package)
Mission Requirements
Information sharing with the national intelligence enterprise is increasingly dependent on the exchange of information about an exchange format. Systems, users, and developers all need a more consistent machine processable format for exchanging information describing data. This specification is a reaction to that need.