Post on 10-Jan-2016
description
NSF Cyber Security NSF Cyber Security ConferenceConference
FBI Counterintelligence Domain Program FBI Counterintelligence Domain Program BriefingBriefing
History/Evolution of the History/Evolution of the ProgramProgram
•DECCADECCA– Developing Espionage and Developing Espionage and
Counterintelligence AwarenessCounterintelligence Awareness
•ANSIRANSIR– Awareness of National Security Awareness of National Security
Issues and ResponseIssues and Response
•DOMAINDOMAIN
Technology Development Life Cycle Time-Line
End of Acquisition Life
Technology DevelopmentTechnology Development
System FieldingSystem Fielding
Operational UseOperational Use
System ManufactureSystem Manufacture
System Test/DesignSystem Test/Design
Military Value of Information
Low
High
Fundamental Research
Classified/SAP Information
IINNFFOORRMMAATT IIOONN
AAVVAAIILLAABBIILLIITTYY
6.0-.1 6.2 6.3 6.4 6.5 6.6 6.7
Concept ExplorationConcept Exploration
System DemonstrationSystem Demonstration
==
Foreign Military SalesForeign Military Sales
Rapid Prototype Rapid Prototype
Un
iversities
Un
iversities
Labs & CentersLabs & Centers
Contractors
Contractors
Technology Lifecycle and Counterintelligence Technology Lifecycle and Counterintelligence ExposureExposure
Major Strategy Elements Major Strategy Elements Supported By Domain Supported By Domain
ProgramProgram• Change BehaviorsChange Behaviors
– Of most serious foreign threatsOf most serious foreign threats– Of exploited individuals/institutionsOf exploited individuals/institutions
• Reduce OpportunitiesReduce Opportunities– Of adversaries to collect intelligence and Of adversaries to collect intelligence and
conduct operationsconduct operations• Band Field Offices/Partners TogetherBand Field Offices/Partners Together
– To devise and implement joint To devise and implement joint operational plans that cross boundariesoperational plans that cross boundaries
• Transformation to Proactive ProgramTransformation to Proactive Program– Pursue foreign positive intelligence Pursue foreign positive intelligence
collection effort collection effort
Changing Changing Counterintelligence (CI) Counterintelligence (CI)
ParadigmParadigm• Shift from reactive to proactive operationsShift from reactive to proactive operations
• Acknowledgement of new business realities Acknowledgement of new business realities (“The World is Flat”)(“The World is Flat”)
• Development and advocacy of risk Development and advocacy of risk mitigation strategies vs. threat avoidancemitigation strategies vs. threat avoidance
• Pushing counterintelligence awareness out Pushing counterintelligence awareness out to the business/academic communityto the business/academic community
• Leveraging resources to mutual advantageLeveraging resources to mutual advantage
Holistic Approach to CI Holistic Approach to CI Risk ManagementRisk Management
• Insure that all facets of security Insure that all facets of security (physical, IT, personnel) are aware of (physical, IT, personnel) are aware of counterintelligence issues and counterintelligence issues and incorporate risk detection and incorporate risk detection and mitigation into cohesive business mitigation into cohesive business strategy. strategy.
• Partnership between USIC and Private Partnership between USIC and Private Sector to leverage resources to Sector to leverage resources to maximum benefit of nation.maximum benefit of nation.
Pitching PartnershipPitching Partnership• Emphasis on Confluence of InterestEmphasis on Confluence of Interest
– CI protection = Research protectionCI protection = Research protection
• Leveraging finite resourcesLeveraging finite resources– Recognition that we are all short handedRecognition that we are all short handed
• Encouraging dialogEncouraging dialog
• Building confidence/trustBuilding confidence/trust– Subject matter competenceSubject matter competence– No threat postureNo threat posture– ConfidentialityConfidentiality
Academic AllianceAcademic Alliance
• Foster spirit of Foster spirit of cooperationcooperation
• Establish a Establish a dialoguedialogue
• Share informationShare information
• Increase Increase awarenessawareness
Academic AllianceAcademic Alliance
• National Security Higher Education National Security Higher Education Advisory Board (NSHEAB)Advisory Board (NSHEAB)
• College and University Security Effort College and University Security Effort (CAUSE)(CAUSE)
National Security Higher National Security Higher Education Advisory Board Education Advisory Board
(NSHEAB)(NSHEAB)
• Members include 16 university presidents Members include 16 university presidents and chancellorsand chancellors
• Chaired by Graham Spanier, President of Chaired by Graham Spanier, President of The Pennsylvania State UniversityThe Pennsylvania State University
• Three meetings a yearThree meetings a year• Other participants include:Other participants include:
– National Science FoundationNational Science Foundation– Department of CommerceDepartment of Commerce– Central Intelligence AgencyCentral Intelligence Agency– Department of DefenseDepartment of Defense
NSHEAB MembersNSHEAB Members• The Johns Hopkins The Johns Hopkins
UniversityUniversity• UCLAUCLA• Carnegie MellonCarnegie Mellon• University of University of
WashingtonWashington• Texas A&MTexas A&M• Iowa State UniversityIowa State University• University of University of
PennsylvaniaPennsylvania
• MITMIT• PurduePurdue• West Virginia West Virginia
UniversityUniversity• University of FloridaUniversity of Florida• UNC – Chapel HillUNC – Chapel Hill• University of MarylandUniversity of Maryland• The Pennsylvania The Pennsylvania
State UniversityState University• University of University of
WisconsinWisconsin
Mission of the NSHEABMission of the NSHEAB
• Promote understandingPromote understanding• Create a forum for mutual issuesCreate a forum for mutual issues• Provide advice on the culture of Provide advice on the culture of
higher educationhigher education• Build on traditions of openness, Build on traditions of openness,
academic freedom and international academic freedom and international collaborationcollaboration
• Discuss matters pertaining to Discuss matters pertaining to national security.national security.
What is the RTP SIG?What is the RTP SIG?
• RTP = Research and RTP = Research and Technology ProtectionTechnology Protection
• SIG = Special Interest GroupSIG = Special Interest Group
• The RTP SIG is a tool for The RTP SIG is a tool for Domain Coordinators to use Domain Coordinators to use to provide information to their to provide information to their Domain representativesDomain representatives
http://www.infragard.nethttp://www.infragard.net
What is the RTP Special What is the RTP Special Interest Group?Interest Group?
• The RTP SIG is a tool the FBI utilizes to provide The RTP SIG is a tool the FBI utilizes to provide information to cleared Defense Contractors, information to cleared Defense Contractors, private industry and academia. Domain private industry and academia. Domain Coordinators are your local FBI contacts.Coordinators are your local FBI contacts.– Mission: to provide actionable and relevant Mission: to provide actionable and relevant
information to cleared defense contractors, private information to cleared defense contractors, private industry and academia to better enable them to industry and academia to better enable them to protect their research and technology.protect their research and technology.
Why we need the RTP Why we need the RTP SIGSIG
• To provide information to the targets of To provide information to the targets of foreign intelligence services and economic foreign intelligence services and economic espionage that will help them become a espionage that will help them become a tougher target.tougher target.
• To increase reporting of To increase reporting of Counterintelligence events.Counterintelligence events.
InfraGard RTP SIGInfraGard RTP SIG
Membership: the application Membership: the application process for the RTP SIG process for the RTP SIG
websitewebsite
• Must be a current InfraGard Must be a current InfraGard membermember
• Must have a need for information Must have a need for information on how to protect research and on how to protect research and technologytechnology
• Should have the capability to take Should have the capability to take action on the information provided action on the information provided to themto them
How do I access the RTP How do I access the RTP SIG?SIG?By selecting the “I want to join Research and By selecting the “I want to join Research and
Technology Protection InfraGard” button Technology Protection InfraGard” button you will be requested to answer 7 you will be requested to answer 7 questions:questions:
1.1. What is your full name and to what What is your full name and to what InfraGard chapter do you belong?InfraGard chapter do you belong?
2.2. What is you organization and has it What is you organization and has it been awarded any classified contracts?been awarded any classified contracts?
3.3. Do you have a security clearance?Do you have a security clearance?4.4. Does your company maintain or Does your company maintain or
develop processes, formulas or other develop processes, formulas or other things that might be considered things that might be considered intellectual property or trade secrets?intellectual property or trade secrets?
5.5. What is your title?What is your title?6.6. Please explain how your Please explain how your
responsibilities pertain to protecting responsibilities pertain to protecting your company’s research, technology your company’s research, technology or trade secrets.or trade secrets.
7.7. Would you like to be listed in the SIG Would you like to be listed in the SIG directory?directory?
DETERDETER
DETECTDETECT
DISRUPTDISRUPT