TOP-SECRET – Defense Security Service Cybersecurity Operations Division Counterintelligence Presentation

https://publicintelligence.net/wp-content/uploads/2013/05/DSS-CyberCI.png

 

Defense Security Service Cybersecurity Operations Division

  • 33 pages
  • For Official Use Only
  • December 2012

Download

DSS Supports national security and the warfighter, secures the nation’s technological base, and oversees the protection of U.S. and foreign classified information in the hands of Industry

CI Mission

DSS CI identifies unlawful penetrators of cleared U.S. defense industry and articulates the threat for industry and government leaders

Scope

-10K+ firms; 13K+ facilities; 1.2m personnel
-1 CI professional / 261 facilities
-10.5% of facilities report

Capability

• (U) 11 personnel conducting analysis, liaison, field support, strategic development and program management
• (U) Wide range of skill sets – CI, CT, LE, Cyber, Security, Intel, IA, CNO and more
• (U) Direct access to cleared industry across 25 DSS field offices nationwide
• (U) Large roles at U.S. Cyber Command, National Security Agency, National Cyber Investigative Joint Task Force and the Department of Homeland Security

Challenges

• (U) Secure sharing of threat information with industry partners
• (U) Identifying and reporting suspicious network activity
• (U) Limited resources to execute for an quickly expanding mission area Significant Achievements and Notable Events
• (U) Since September, 2009 – Assessed over 3,000 cyber-related suspicious contact reports from Industry and the Intelligence Community; facilitating action on over 170 federal investigations/operations
• (U) Developed four benchmark product lines for Industry and the Intelligence Community to include the 3rd edition of the DSS Cyber Trends
• (U) Briefed at 24 venues and over 1,000 personnel in FY12 on the cyber threat
• (U) In FY12, delivered over 350 threat notifications to industry, detailing adversary activity occurring on their networks.

(U) FY12 Industry Cyber Reporting

• (U//FOUO) 1,678 suspicious contact reports (SCR) categorized as cyber incidents (+102% from FY11)
• (U//FOUO) 1,322 of these were assessed as having a counterintelligence (CI) nexus or were of some positive intelligence (PI) value (+186% increase from FY11)
• (U//FOUO) 263 were categorized as successful intrusions (+78% increase from FY11)
• (U//FOUO) 82 SCRs resulted in an official investigation or operation by an action agency (+37% increase from FY11)

Advertisements