Russia’s manipulation of social media during the 2016 presidential campaign has made clear that the United States is particularly vulnerable to foreign influence operations. The INSA Cyber Council outlines how government and industry can proactively mitigate foreign influence operations. ...
The USA PATRIOT Act permits financial institutions to share information with each other and the government only in instances of suspected terrorism and money laundering. This constrains banks' ability to combat other types of financial crime. INSA recommends steps to strengthen information sharing under the Act. ...
In an effort to improve security clearance reciprocity, INSA undertook a study that compiled data from member companies on the movement of contractors with Top Secret (TS) clearances and Sensitive Compartmented Information (SCI) access across intelligence agencies. ...
INSA encourages the US Government to partner with financial institutions to establish a unique, public-private CS/IA program. Such a program should include a portal modeled on DIBnet to enable the real-time, secure flow of classified and unclassified cyber threat data between federal and non-federal entities. ...
INSA presents recommendations that the Intelligence Community (IC) can implement within existing authorities to get better results from its professional services contracts. ...
A new INSA white paper that integrates several accepted psychological constructs into a behavioral model that can be adapted for practical use and suggests new tools to mitigate threats from insiders who may intentionally decide to harm their organization or U.S. national security. ...
The Homeland Enterprise consists of a vast series of formal and informal relationships between federal departments and agencies; state, local, tribal, and territorial (SLTT) entities; and the private sector. Each of these entities and relationships – some long-established, others newly emergent – contribute to the body of information that is collected and analyzed to produce the intelligence necessary to protect the U.S. homeland. INSA’s Homeland Security Intelligence Council (HSIC) conducted in ...
Since 2013, the Intelligence and National Security Alliance (INSA) Cyber Intelligence Task Force has presented foundational thinking and approaches to the discipline, paying particular attention to how cyber intelligence functions at the strategic and operational levels within an organization, with white papers published in March and October of 2014, respectively. This paper, the fourth in the series, will concentrate on tactical cyber intelligence, which addresses the daily management of cyber ...
Though essential to an organization’s cyber activities, cyber intelligence as a professional discipline is relatively emergent, particularly its unique tradecraft – a blend of technical knowledge (e.g., network operations, communications, and perhaps digital forensics or malware reverse engineering) and classic analytic skills (e.g., hypothesis and alternative testing). Cyber intelligence – assessing an adversary’s capabilities, intentions, and activities in the cyber domain – should support and ...
The third white paper in the “Levels Of Cyber Intelligence” series – While much attention has been paid to cyber attacks against organizations of all sizes and from across all sectors, there has been less discussion of how organizations can strengthen their risk management processes in such a diverse and evolving threat climate. Operational cyber intelligence encompasses an understanding of both tactical means – how cyber threats function to disrupt and/or degrade an organization’s networks and ...
