Publications

An Assessment of Data Analytics Techniques for Insider Threat Programs

A wide array of data analytics methods, tools, and techniques exist to improve the detection and mitigation of insider threats – trusted employees who seek to steal an organization’s data or intellectual property or to harm an organization or its staff. Determining which data analytics methods and software tools are best for an organization, however, depends on the quality and comprehensiveness of data, the clarity of rules, the organization’s risk tolerance, and other factors. This paper prese ...

Civilian Careers in U.S. Intelligence and National Security

THE U.S. INTELLIGENCE COMMUNITY (IC) offers a wide range of interesting, engaging, and exciting career paths. Whether you choose to work at an intelligence agency as a career civilian or to support the Community through work at a private sector contractor, you will have the chance to serve your country by contributing to U.S. national security. This paper provides some information on the types of intelligence-related opportunities and career paths one can pursue as a civilian in government and ...

Getting Ahead of Foreign Influence Operations

Russia’s manipulation of social media during the 2016 presidential campaign has made clear that the United States is particularly vulnerable to foreign influence operations. The INSA Cyber Council outlines how government and industry can proactively mitigate foreign influence operations. ...

Improving Information Sharing on Suspected Financial Fraud

The USA PATRIOT Act permits financial institutions to share information with each other and the government only in instances of suspected terrorism and money laundering. This constrains banks' ability to combat other types of financial crime. INSA recommends steps to strengthen information sharing under the Act. ...

INSA Survey on Security Clearance Reciprocity

In an effort to improve security clearance reciprocity, INSA undertook a study that compiled data from member companies on the movement of contractors with Top Secret (TS) clearances and Sensitive Compartmented Information (SCI) access across intelligence agencies. ...

FINnet: Classified Information Sharing for the Financial Sector

INSA encourages the US Government to partner with financial institutions to establish a unique, public-private CS/IA program. Such a program should include a portal modeled on DIBnet to enable the real-time, secure flow of classified and unclassified cyber threat data between federal and non-federal entities. ...

Improving the Acquisition of Services in the Intelligence Community

INSA presents recommendations that the Intelligence Community (IC) can implement within existing authorities to get better results from its professional services contracts. ...

Assessing the Mind of the Malicious Insider

A new INSA white paper that integrates several accepted psychological constructs into a behavioral model that can be adapted for practical use and suggests new tools to mitigate threats from insiders who may intentionally decide to harm their organization or U.S. national security. ...

Protecting the Homeland: Intelligence Integration 15 Years after 9/11

The Homeland Enterprise consists of a vast series of formal and informal relationships between federal departments and agencies; state, local, tribal, and territorial (SLTT) entities; and the private sector. Each of these entities and relationships – some long-established, others newly emergent – contribute to the body of information that is collected and analyzed to produce the intelligence necessary to protect the U.S. homeland. INSA’s Homeland Security Intelligence Council (HSIC) conducted in ...

Tactical Cyber Intelligence

Since 2013, the Intelligence and National Security Alliance (INSA) Cyber Intelligence Task Force has presented foundational thinking and approaches to the discipline, paying particular attention to how cyber intelligence functions at the strategic and operational levels within an organization, with white papers published in March and October of 2014, respectively. This paper, the fourth in the series, will concentrate on tactical cyber intelligence, which addresses the daily management of cyber ...