FIRST MEETING OF JOINT IC/DOD ELECTRONIC INFORMATION SECURITY (ELINFOSEC) STEERING GROUP

Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0 Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0  Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0 Director Intelligence Community Staff Washington, D.C. 20505 DCI/ICS 83-4392 1 June 1983 MEMORANDUM FOR: Executive Steering Group for the Electronic Information Security Project SUBJECT: First Meeting of Joint IC/DoD Electronic Information Security (ELINFOSEC) Steering Group 25X1 1. The Executive Steering Group for Strategic Planning endorsed and supported the need for an aggressive thrust on Electronic Information Security (ELINFOSEC) at the 12 May 1983 meetin and agreed to assist in the effort. The project is led by and is described in the brief strategic planning issue paper attached. It was proposed that the first meeting of the ELINFOSEC Steering Group be held in early June to review the progress of effort and to provide further guidance, direction, and priorities. 2. As the project director I~ has met or will soon meet with Intelligence Community and DoD principals to discuss the effort and to solicit their support and guidance. Based on discussions at her initial meetings, the definition of the effort was broadened from the original "computer security" to one that covers all forms of electronic information processing and is reflected in the name change to Electronic Information Security. 3. It was noted at the ESG(P) meeting that project would address the DDCI's 10 May 1983 memorandum tasking the Community to develop "Community-coordinated minimum computer standards" which would be applied "to any Community computer networks that might be developed." It was also noted that the IC Staff did not have sufficient manpower with the requisite skills to support project alone, and that all agencies would be called upon to nominate people to staff appropriate parts of the project within their interest and expertise. Walt Raymond provided a strong endorsement of the effort and supported the need for cooperative staffing efforts. expressed concern that, given the sheer size and breadth of the o intelligence subset, it was an absolute necessity that links within DoD be in order so that the link between DoD and CIA might be expedited. 25X1 25X1 25X1 25X1 25X1 OCR 25X1 EXEC RFr SECRET I ?) -Q 3 3 Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0  Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0 JLNI\L I 4. In accordance with recommendations of the Executive Steering Group for Plann I -Y ing, I suggest that we try to meet at in earl June so that can brief us on her efforts. secretary to the Director, Planning and Policy Staff, will coordinate this meeting. Your staffs can reach her on 25X1 25X1 25X1 25X1 Attachment: Strategic Planning Issue Paper Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0  Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0 Next 1 Page(s) In Document Denied Iq Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0  Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0 JLIiRG 1 DCI/ICS 83-4267 STRATEGIC PLANNING ISSUE COMPUTER SECURITY Concerns: o Explosive increase in computer utilization and data sharing through Intelligence Community and in agencies using intelligence information. o Theory and practice of computer security has not advanced as quickly; therefore, vulnerability of computer systems to penetration has increased. o Means of measuring the security of computer systems is not well developed. o Intelligence Community's computer security program not fully established and will require long-term program. o US computer manufacturers are not uniformly serious about computer security. Background: o Computer security long recognized as important subject but excitement to use computers and share data have far outpaced determination and wherewithal to protect them. o "Pockets of Competence" in computer security exist in private industry, academia and government. o Need for computer systems with multilevel security features very intense, but no system has yet been accredited for use in a multilevel security environment. o Intelligence Community currently not structured to deal readily with computer security; responsibilities come together only at the DCI/DDCI level. Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0  Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0 SECRET o Implementation of an adequate computer security program for the Intelligence Community has numerous long-term operational and resource implications. o The DDCI and the Executive Steering Group for Strategic Planning have 25X1 endorsed computer security as an important long-range planning issue assigned to the Director, Intelligence Community Staff. Approach: Approved For Release 2008/04/14: CIA-RDP85M00364R000400510041-0