Counterintelligence Awareness
Counterintelligence Program for Operation Warp Speed Industry Partners
Job Aids
Countering Foreign Intelligence Threats: Implementation and Best Practices Guide 
This job aid from the National Counterintelligence and Security Center (NCSC) on countering foreign threats gives best practices for implementing a CI Program. This resource is best suited for facility security personnel and senior leaders.
Counterintelligence (CI) Awareness Integration Plan
This job aid provides basic guidelines on setting up a CI program. In this resource, it is very important to fill out page 4, Contact Information, with the Defense Counterintelligence and Security Agency (DCSA) team that visits to ensure members of Operation Warp Speed know who to contact. This job aid is best suited for facility security personnel.
Counterintelligence Best Practices for Industry
This job aid is a more in-depth look into CI programs and several of the foreign collection methods. Although oriented for Department of Defense (DOD) personnel, there are several items that are universal for a CI program anywhere. This is applicable for all facility personnel and would best serve as a desk-side quick reference.
Understanding Espionage and National Security Crimes
This job aid discusses the difference between economic espionage, trade secret theft, and Export Administration Regulation(EAR) or International Traffic in Arms Regulation (ITAR) Violations.
Posters
Reports
National Counterintelligence Strategy Executive Summary
This report provides an executive summary of the National Counterintelligence Strategy of the United States of America for 2020-2022.
Toolkits
This toolkit by the Cybersecurity & Infrastructure Security Agency (CISA) has several articles and tools to assist in building security into a program. This toolkit is more applicable for network administrators and information technology and security personnel.
Computer Security Resource Center
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) toolkit for computer security resources has a wealth of information for incorporating both CI and cyber into a security program. This toolkit is more applicable for network administrators and information technology and security personnel.
Watch & Learn
CDSE Counterintelligence Awareness Video Lesson
This four minute YouTube video is a basic primer on Counterintelligence and Security. This job aid is suited for all facility personnel.
CI and Insider Threat Support to Security
This seven minute YouTube video gives the basic “why” on Insider threat and Counterintelligence. The first four and a half minutes are more universal, and after this mark, the video becomes more Department of Defense (DOD) centric. This resource is best suited for facility security personnel and senior leaders.
Games
Test your knowledge and encourage CI Awareness at your organization with these two engaging games.
Supply Chain Risk Management for Operation Warp Speed Industry Partners
Job Aids
Health Industry Cybersecurity Supply Chain Risk Management Guide (HIC-SCRiM), v2.0, September, 2020
The Healthcare and Public Health Sector Coordinating Council (HSCC) Joint Cybersecurity Working Group (JCWG) Supply Chain Cybersecurity Task Group developed this supply chain cybersecurity risk management guide to provide structure and aid as a tool targeted at smaller to mid-sized health organizations. The suggested best practices herein directly address recommendations made in the 2017 Health Care Industry Cybersecurity Task Force "Report on Improving Cybersecurity in the Healthcare Industry."
Deliver Uncompromised: Supply Chain Risk Management
This job aid delivers the basics on Supply Chain Risk Management (SCRM), which is essential to protect supply chains and deliver uncompromised. It defines the supply chain, highlights external supply chain threats, and helps you make a self-assessment of your own supply chain security. This job aid is suited for all facility personnel, but it is especially helpful for those in acquisitions-type roles.
Exploitation of Global Supply Chain
This job aid from the Defense Counterintelligence and Security Agency (DCSA) and National Counterintelligence and Security Center (NCSC) focuses on the perils of supply chain exploitation. This job aid is best suited for facility security personnel, senior leaders, and employees in acquisitions-type roles.
This is a more advanced job aid from the Office of the Director of National Intelligence (ODNI) that details the compromise of software code that may come from legitimate sources. This job aid is best suited for security personnel, network administrators/information technology personnel, and technically minded employees.
Toolkits
This toolkit from the National Counterintelligence and Security Center (NCSC) on Supply Chain Risk Management (SCRM) hosts multiple resources for developing a more advanced supply chain center security plan. This toolkit is best suited for facility security personnel, senior leaders, and employees in acquisitions-type roles.
CDSE Supply Chain Risk Management
This toolkit from the Defense Counterintelligence and Security Agency (DCSA) Center for Development of Security Excellence (CDSE) contains resources, including policy documents pertaining to supply chain risk management.
Watch & Learn
Know The Risk – Raise Your Shield: Supply Chain Risk Management Video Lesson
This is a five minute video on YouTube developed by the Office of the Director of National Intelligence (ODNI). This short video gives the basics of Supply Chain Risk Management (SCRM) and is best suited for security personnel and senior leaders.
Webinars
Counterintelligence, the Supply Chain, and You
This hour long webinar provides the basics on Supply Chain Risk Management (SCRM). A Defense Counterintelligence and Security Agency (DCSA) CI Special Agent (CISA) also talks about some tactics, techniques, and procedures for SCRM as seen in the field. This is a good introductory for anyone involved in the facility’s supply chain.
This hour long webinar conducted by the Defense Counterintelligence and Security Agency (DCSA) Center for Development of Security Excellence (CDSE) and National Counterintelligence and Security Center (NCSC) gives a more holistic look at Supply Chain Risk Management within the Federal Government. This webinar may be especially helpful for those in a facility’s acquisitions department.
Threat Awareness for Operation Warp Speed Industry Partners
eLearning Courses
Counterintelligence Awareness and Security Brief, CI112.16
Although this thirty-minute eLearning course was developed for Department of Defense (DOD) personnel, it contains the basics a security professional needs to understand about threat awareness. This short course is best suited for facility security personnel.
Surveillance Awareness: What You Can Do
The purpose of this course is to make critical infrastructure employees and service providers aware of actions they can take to detect and report suspicious activities associated with adversarial surveillance.
Job Aids
Foreign Collection Methods: Indicators and Countermeasures
This job aid provides information and indicators to look out for on several foreign collection methods.
Foreign Intelligence Entity (FIE) Targeting And Recruitment
This is a basic primer on what the recruitment phases look like. Knowing the signs can help identify whether you or your coworkers are being targeted and keep you off the road to recruitment. This job aid is suited for all facility personnel.
Counterintelligence Awareness for Defense Critical Infrastructure
This job aid is more Department of Defense (DOD) oriented for critical infrastructure but has some applicable information for those outside the DOD as well. Specifically, there is a section on the second page for Health Affairs that you will find valuable. This job aid is best suited for facility security personnel.
Public Service Announcement
PRC Targeting of COVID-19 Research Organizations
The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are issuing this announcement to raise awareness of the threat to COVID-19-related research.
Reports
Advisory: APT29 Targets COVID-19 Vaccine Development
This report details recent Tactics, Techniques, and Procedures (TTPs) of the group commonly known as ‘APT29,’ also known as ‘the Dukes’ or ‘Cozy Bear.’ It provides indicators of compromise as well as detection and mitigation advice.
Foreign Economic Espionage in Cyberspace 2018
This National Counterintelligence and Security Center (NCSC) report focuses on foreign economic and industrial espionage against the United States; foreign intelligence services and threat actors working on their behalf; and disruptive threat trends that warrant attention. This report is more applicable for network administrators, information technology and security personnel, and senior leaders.
Targeting U.S. Technologies: A report of Foreign Targeting of Cleared Industry 2019
The Defense Counterintelligence and Security Agency (DCSA) produces an annual report of trends from the suspicious contact reporting coming in from cleared industry. Although this is geared for cleared industry, there is a discussion of the basic methods of operation and contact used. This report is best suited for security personnel.
Toolkits
DCSA Threat Awareness Products
This Defense Counterintelligence and Security Agency (DCSA) toolkit houses several job aids applicable to all personnel. It links to job aids on Academic Solicitation, CI Awareness, Conferences, Conventions & Tradeshows, Cyber Threats, Exploitation of Business Activities, Exploitation of Global Supply Chain, Exploitation of Insider Access, Foreign Visits, and Personal Contact.
Watch & Learn
This 10 minute interactive video details the threat of suspicious emails and gives countermeasures and indicators. The video is more focused on solicitation and the attempted illicit acquisition of facility assets or information. This job aid is suited for all facility personnel, especially those in research, development, or business development.
Counterintelligence Video Lesson: Request for Information and Suspicious Emails
This is a three minute news video on YouTube detailing an actual arrest of a foreign national for smuggling, money laundering, and conspiracy to commit espionage. Although the example concerns export controlled items, this is applicable to any facility in any sector as the methods used to illicitly acquire the goods are universal. This job aid is suited for all facility personnel.
This 36 minute YouTube video and accompanying information from the Federal Bureau of Investigation is the dramatization of a true story concerning the attempted recruitment of an employee to commit economic espionage. This is applicable for all facility personnel and would best serve as a group activity/discussion.
Webinars
Counterintelligence and Insider Threat in the Time of COVID-19
This hour long webinar focuses on the CI and Insider Threat and highlights some of the evolving threat vectors because of the COVID-19 Pandemic. This webinar is applicable for all employees.
2019 Targeting U.S Technologies Report
This hour long webinar focuses on foreign efforts to compromise and/or exploit cleared personnel in order to obtain unauthorized access to sensitive and classified information. This unclassified format provides analysis of the technology targeted, the methods of operation used, and the geographical regions targeting cleared industry and is based off of the Defense Counterintelligence and Security Agency (DCSA) annual trends report. Although this webinar is geared for cleared industry, there is a discussion of the basic methods of operation and contact used. This report is best suited for security personnel.
Counterintelligence Support to Personnel Security
This hour long webinar discusses the Personnel Security (PERSEC) mission by identifying foreign intelligence entity (FIE) threats to personnel and enacting efforts to detect, deter, and neutralize the threat. This webinar is applicable for all facility personnel.
Toolkit feedback/suggestions? Email dcsa.cdsetraining@mail.mil.