The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

U.S. Counterintelligence Center Pledges to Focus on Supply Chains, Democracy

by Chris Brook on Wednesday February 12, 2020

Contact Us
Free Demo
Chat

The National Counterintelligence and Security Center said this week it plans to double down on securing critical infrastructure, supply chain, the economy, democratic institutions, and cyber/technical operations.

Now that 2020, and with it a new decade, has begun, federal organizations are refocusing their efforts to tackle oncoming cyber threats.

The National Counterintelligence and Security Center (NCSC) - an arm of the Office of the Director of National Intelligence – in particular is reframing how it addresses threats.

The center outlined its plans in its National Counterintelligence Strategy for 2020-2022 (.PDF) released on Monday.

It's the first time the center has revised its guidance since 2016.

According to the new strategy, which was signed more than a month ago, back on January 7, but finally disclosed this week, the center will focus more on five key areas: critical infrastructure, key U.S. supply chains, the U.S. economy, American democratic institutions, and cyber and technical operations.

The center is looking to combat threats to both the nation's infrastructure and U.S. supply chains - areas that if exploited could severely disrupt operations. The strategy points out that external adversaries are increasingly targeting the country's supply chains with malware and critical infrastructure in an effort to influence U.S. decision makers. The office hopes to thwart future malfeasance with this rededicated effort.

In addition to critical infrastructure and supply chains, the NCSC is looking to crackdown on hacks looking to wrestle away technology and intellectual property from organizations.

“America is a tremendous target for the theft or acquisition of   critical technology and intellectual property, costing the U.S. hundreds of billions of dollars annually and reducing U.S. economic and military competitive advantage globally’ the NCSC said this week.

The office's fourth strategic objective aims to help the country's democratic institutions. With the continued scrutiny given to the instability around the nation's election system – especially in an election year - this objective is a common sense one for the center.

Protecting democracy is especially key to Bill Evanina, the director of the NCSC. Evanina said Monday that concerns around confusion of the Iowa caucuses could be hijacked by adversaries to fuel distrust in democracy.

The NCSC's last objective relies on overseeing - and combating any threats that may pop up - next generation technologies like the Internet of Things, 5G technology, quantum computing, and artificial intelligence. If mishandled, these areas of technology could allow foreign hackers a new vector to collect intelligence and carry out cyber operations.

The center cites an uptick in threat actors targeting the U.S., increasingly sophisticated intelligence capabilities - advanced encryption, big data analytics, biometric capabilities - and a renewed focus on hacking all the things, not just federal agencies but those in the private sector and academic sector as well.

A lot has changed in four years.

In 2016, the NCSC called for greater cooperation and information sharing between the U.S. government, academic institutions, and the private sector to further its understanding of foreign intelligence. Like this year's guidance, 2016's mission objectives also relied heavily around disrupting any operations that could threaten U.S. national interests, mitigating insider threats and safeguarding sensitive information.

The NCSC is just the latest in a growing list of federal entities to release new strategies for 2020. The SEC issued its own cybersecurity and resiliency best practices earlier this month while the U.S. Department of Health and Human Services released its federal health IT plan for 2020-2025 in January.

Tags: Government

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.