SECURITY AND COUNTERMEASURES: IMPROVING THE SIG PROCESS

Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 % - - XCRET Executive Registry 86- 1870 /1 28 April 1986 MEMORANDUM FOR: Director of Central Intelligence FROM: Deputy Director of Central Intelligence SUBJECT: Security and Countermeasures: Improving the SIG Process (S) 1. We are under heavy pressure from the Senate Select Committee and the NSC Staff to make improvements in the security, counterintelligence and security countermeasures arenas. They and others believe that these issues do not receive nearly enough attention of senior managers in government, including the Intelligence Community, and that those efforts that do exist are disconnected and proceed in isolation. They also believe that somehow shortcomings in these areas contributed to the rash of spies in the last year or so. They may be right. (S) 2. As a result of my examination of this problem, I believe their concerns, particularly in the security countermeasures arenas, are reasonably well founded; in addition, you and I perceive problems that others do not. Specifically, the division of labor between the Security Committee and the IG/Countermeasures is totally ambiguous. Essentially, there are two groups charged with responsibility for the same problems. Where there is not inaction, there is paralysis as a result of bureaucratic tugs of war and parochial viewpoints. The Security Committee has 10 subcommittees and half a dozen or so working groups all involving people at the working level. As noted above, parochialism dominates in this area (more so than in any area I have ever seen). Moreover, there is little contact or coordination among the committees -- that is, across security disciplines (computer security, personnel security, physical security, etc.). The leadership of the Security Committee is competent but not very aggressive and lacking a charter to attack some of the more difficult problems. S RET Cl By Signer DECL OADR Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 JCL KL I -- Simultaneously, the leadership of the IG/CM is weak and provides little leadership or coordination. -- A variety of ad hoc groups have sprung up, some from within the Intelligence Community, others at the instigation of the NSC Staff or others, to try and work around these problems. Mary Lawton's group on personnel security is an excellent example. -- The relationship between organizations in the Intelligence Community or the SIG and nonintelligence organizations (such as NTISSC) is ambiguous, and as a result there is little contact, consultation or coordination. -- There is no Intelligence Community organization to identify and act upon leaks. (S) 3. In sum, the bureaucratic underbrush has grown so high it is strangling efforts in the security/countermeasures area to address some of the problems we face. There is a lack of coordination and sharing of information, a prevalence of bureaucratic turf fighting, and a general passivity in the entire structure. (S) 4. By contrast, all are in agreement that there has been significant progress in the counterintelligence arena, particularly in the IG/CI chaired by Judge Webster. He has provided effective leadership and as Director of FBI and a member of the SIG has the clout to make things move. In addition, there is now a group of people leading the counterintelligence effort in the various agencies -- especially in CIA andl lin NSA -- who are much more willing to collaborate with their colleagues. In short, this is an area that I think is working reasonably well. (S) 5. I suggest the following changes in structure and procedure to address some of the problems above: -- First, abolish the Security Committee and restructure its activities under the auspices of the SIG. -- Second, split the IG for Countermeasures into one that deals with physical and personnel security and another that deals with technical surveillance countermeasures, COMSEC, etc. -- Third, consolidate the various committees and subcommittees under SECOM into five or six broader committees operating under the auspices of the appropriate IG for Countermeasures. These committees should be chaired by a senior line manager from the agency that has the largest equity involved in the subject (or the best expertise) and the membership of each committee should be comprised of, again, senior line managers from agencies that have a useful role to play. The key is to involve senior line managers who can make commitments for and deliver their agencies so that the committee structure is not just a staff undertaking. -2- SECRET Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 SECRET Fourth, restructure the Intelligence Community Staff elements involved in these issues to create a Counterintelligence and Security Countermeasures Staff that would provide staff support to the three IG's, house the Unauthorized Disclosure Analysis Center, and the analytical capability to continue to perform such ad hoc responsibilities as you assign as well as the Annual Hostile Threat Assessment. This Staff will have the additional responsibility of ensuring not only support for each of the committees under the two Countermeasure IG's but also that the results of each committee's work are shared with the other committees and that there is a continuing consultation and coordination among the various disciplines. This will require a far more aggressive staff chief and staff than has been the case in the past. -- Fifth, the Chairman of NTISSC should be a member of the SIG to ensure that issues on telecommunications and computer security going beyond the Intelligence Community are coordinated with efforts being taken within the Community. (S) Recommendations 1. That you approve the above measures. 2. That you sign the attached memorandum forwarding these proposals and associated organization chart to SIG principals for their consideration. 3. That we schedule a SIG for the end of this week to get these recommendations blessed. 4. That within a day or two of the SIG the new structure be implemented. (S) Robe M. Gates Attachment: As Stated Dire'ttor of en r nt Dist: ig - ER File DDC I 1 - ES -3- SECRET 2 8 APR 1986 Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89G00720R000100070003-0 EXECUTIVE SEt..ETARIAT ROUTING SLIP ACTION INFO DATE INITIAL 1 DCI x 2 DCI X 3 EXDIR X 4 D/ICS X 5 DDI b DDA X 7 DDO 8 DDS&T 9 Chm/NIC 10 GC 11 IG 12 Compt 13 D/OLL 14 D/PAO 15 VC/NIC 16 17 C/SECOM 18 19 r / 20 F I 21 22 E i e r ory 2 April 86 Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89G00720R000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 The Director of Central Intelligence Executive Reg" 86- 1870 28 April 1986 MEMORANDUM FOR: Senior Intelligence Group (Intelligence) SUBJECT: Changes in SIG(I) Structure (S) 1. As a result of work done in the preparation of the President's Report that Dick Stilwell has underway and various studies undertaken under the auspices of the National Security Council Staff, the Intelligence Community Staff and the Oversight Committees, I have concluded that improved coordination is needed in the Intelligence Community on issues under the purview of the SIG(I). Uncertainty about the respective responsibilities and authority of the DCI's Security Committee and the IG/CM has proved an obstacle to effective action and collaboration in a number of areas. The proliferation of committees and working groups has inhibited cross disciplinary cooperation and contributed to a growth of bureaucratic underbrush. Finally, as we have become more aware of problems and shortcomings in the area of security countermeasures in the Intelligence Community, it is apparent that the range of problems and activities assigned to the IG/Countermeasures has been far too broad. Finally, the SIG(I) itself has not been aggressive enough in the countermeasures area and too many problems have remained unresolved or untended at lower levels and unknown or poorly understood at senior levels. (S) 2. To be more specific: -- The division of labor between the DCI Security Committee and the IG/Countermeasures is ambiguous. Essentially there are two groups charged with responsibility for the same problems. There is too little action and often paralysis as a result of bureaucratic tugs of war and parochial viewpoints. -- The Security Committee has 10 subcommittees and half a dozen or so working groups. -- There is little contact or coordination among the SECOM Subcommittees, that is, across security disciplines. SECRET Cl By Signer nrrI nnnn Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 JtlKt I -- A variety of ad noc groups have sprung up, some from within the Intelligence Community, others at the instigation of other organizations, to try and work around these problems. -- The relationship between organizations in the Intelligence Community or the SIG and nonintelligence organizations (such as NTISSC) is ambiguous, fragile or non-existent. As a result there is too little contact, coordination and consultation. -- There is no standing Intelligence Community organization with the responsibility to identify and act upon individual leaks. (S) 3. Accordingly, I believe some organizational restructuring is needed to clarify lines of responsibility and coordination, as well as to give each organization an area of responsibility that is realistic in scope. -- First, I intend to abolish the DCI Security Committee and restructure its activities under the auspices of the SIG(I). -- Second, I propose to split the IG for Countermeasures into two IGs, one that deals with physical, personnel, information and industrial security and another that deals with computer security, technical surveillance countermeasures, COMSEC, and so forth. -- Third, I propose to consolidate the various subcommittees of the present SECOM into six broader committees operating under the auspices of the appropriate IG for Countermeasures. The committees should be chaired by a senior line manager from the agency that has the largest equity involved in the subject (or the best expertise) and the membership of each committee should be comprised of, again, senior line managers from agencies that have a useful role to play. The key is to involve senior line managers who can make commitments for and deliver their agencies so that the committees can act. -- Fourth, I would restructure the Intelligence Community Staff elements involved in these issues to create a Counterintelligence and Security Countermeasures Staff that would provide support to the three IGs, house the Unauthorized Disclosure Analysis Center, and have the analytical capability to continue to perform tasks such as the Annual Hostile Threat Assessment. This staff would have the additional responsibility of supporting the IG committees and seeing that the results of each committee's work are shared with other committees and that there is a continuing consultation and coordination among various security disciplines. (S) 4. It is also apparent to me that more aggressive SIG(I) action and involvement is needed, particularly in the countermeasures arena. Too many issues that are the source of considerable controversy or conflict among the agencies are being buried or not dealt with expeditiously. -2- SECRET Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 SECRET These differences and issues need to be surfaced more readily and brought to the attention of senior line managers for resolution. (S) 5. The structure I have outlined is a tentative one and may require further adjustment as it is implemented. I believe that these organizational measures can be taken through my issuance of a DCID eliminating the Security Committee and through the issuance of an SIG Directive altering the structure of the IG for Countermeasures. (S) 6. For additional detail, I refer you to the attached notes and organizational structure. The numbers in the notes correspond to numbers on the organizational chart and provide additional explanation. 7. I am scheduling a SIG(I) meeting at 1400 on Friday, May 2nd to address these changes and seek your views. I would welcome your observations and suggestions at that time. Attachments: As Stated -3- SECRET Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 SECRET SIG(I) STRUCTURE Counterintelligence and Security SIG(I) t C NFIB Secretariat ermeasures oun Staff IG/CI IG/C M(P) IG/CM(T) Personnel Technical Security Committee -- Physical Countermeasures (1) Committee (4) Technical Security Committee Informatio Security L-- NISAC (Nat Industrial Security A Committee) Surveillance (2) Countermeasures Committee (5) n Research and (3) Development Committee (6) ional NOAC (National Opsec Advisory dvisory Committee) SECRET Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 Notes: IGs/CM IG/CM(P) Chairman: DUSD(P) 1. The Personnel Security Committee supplants SECOM's Personnel Security Subcommittee and the Security Awareness and Education Subcommittee 2. The Physical Security Committee supplants SECOM's Facility Protection Subcommittee and the Security Advisory Group (USSR). 3. The Information Security Committee supplants SECOM's Compartmentation Subcommittee. The Director of ISOO will be a member. IG/CM(T) Chairman: ASD/C31 4. The Technical Security Committee supplants SECOM's Computer Security Subcommittee and will have purview over COMSEC, COMPUSEC and TEMPEST. 5. The Technical Surveillance Countermeasures Committee supplants SECOM's Subcommittee of the same name. 6. The Research and Development Committee supplants SECOM's subcommittee of the same name and the Subcommittee on the Future. -- Each committee will organize itself as appropriate, although each should have an R&D Subcommittee. -- Wherever possible, Committee Chairmen should be selected who have parallel line or committee responsibilities outside of intelligence in order to ensure that Intelligence Community and non-IC efforts are congruent or complementary. Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0  Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0 Notes: Counterintelligence and Security ntermeasures Staff 1. The Chief of the Counterintelligence and Security Countermeasures Staff (CISCMS) will report to the DCI through Director, Intelligence Community Staff. 2. The CISCMS will support the SIG Chairman, IG Chairmen and the heads of the subordinate committees. The staff specifically will: -- ensure that information, policy issues and problems developed or identified by one Committee are shared with others as appropriate. A major responsibility of the staff is to promote and facilitate cross-disciplinary coordination, consultation and cooperation. -- assist in preparing agendas, organizing meetings and keeping records. -- be organized to ensure that at least one professional is assigned to each IG Committee. -- assess the foreign intelligence threat to the United States and assist the IGs in evaluating US counterintelligence and countermeasure policies, priorities and activities. -- assemble information concerning counterintelligence and countermeasure budget and resources. -- perform services of common concern as may be directed by the DCI as, for example, the national registry of counterintelligence publications and processing FISA requests. 3. The UDAC will identify on an urgent basis (daily) unauthorized disclosures resulting in significant damage to intelligence sources and methods and where there is some prospect of a successful investigation. These will be reported immediately to the DCI/DDCI with proposed letters requesting a prompt investigation to the FBI and, where appropriate, the head of the agency or department cited as the source of the unauthorized disclosure. The UDAC also will maintain records of unauthorized disclosures and, in cooperation with the National Intelligence Officer for Foreign Deception and Intelligence Activities will carry out damage assessments on behalf of the Intelligence Community as directed by the DCI. Sanitized Copy Approved for Release 2011/06/04: CIA-RDP89GO072OR000100070003-0