OUTLINE OF BRIEFING FOR DDA ON SECURITY COMMITTEE AND COMMUNITY SECURITY GROUP

Approved For Release 2005/04/22: CIA-RDP85-00821 R000100040015-6 DIRECTOR OF CENTRAL INTELLIGENCE Security Committee - 3 1 MAY 1979 STATINTL SUBJECT: Outline of Briefing for DDA on Security Committee and Community Security Group TIME: 1330 Hours Thursday, 31 May 1979 PLACE: DDA Conference Room BY: Robert W. Gambino, Chairman, Security Committee Chief, Community Security Group DURATION: 30 Minute Presentation. Open ended question period. Introduction - Background - History of Security' Committee 1956 to 1979 Mission and DCID 1/11-Security Committee Functions - Establish security policies and procedures for protection of intelligence from unauthorized disclosures. Formulate policies governing release to foreign governments and release to public. Ensure that investigations are conducted of unauthorized disclosures. Prevention of technical surveillance. Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6  STATINTL Approved For Release 2005/04/22 :"CIA-RDP85-00821R0O0100040015-6 Develop proposals for protection of compartmented intelligence. Ensure procedures for computer security. Establish and direct security research program. Composition - Members and Observers Subcommittees and Working Groups; Staff Relationships - NFIB, Information Handling Committee, SIGINT Committee, COMIREX, DCI SA/CI, SCOCE .Location - Administration DCI - D/DCI/Community Support Current Issues and Problems: Leaks APEX Personnel Security Security Education Foreign Intelligence Surveillance Court Physical Security Services of common concern Strengths and Weakness Strengths - Single security focal point for DCI Rapid communications Capability for uniform action Capacity for locating and coordinating security resource commitments. Weaknesses - Diverse goals of member agencies Diverse levels of influence in member agencies Lack'of dollar and personnel resources Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6  Approved For Release 2005/04/22 :'CIA-RDP85-00821 R000100040015-6 Projections and Priorities Short Range - Leak investigations APEX Implementation Foreign Disclosure Policy development Moscow Security Long Range - Community Unification of Security policies'and procedures Greater uniformity in Community security practices More services of common concern Impact on Community Security elements of E.O. 12036, legislation Communication/Computer security Technical Surveillance Countermeasures Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6  D/DCI/RM Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6 DCI D/DCI/Support Security Committee Subcommittees: Computer Security .Technical Surveillance Counter- measures Research and Development Compartmentation (Unauthorized Disclosure Investigative) Working Groups: Security Awareness SCI Denials Investigative Standards Security Advisory (USSR) Physical Security Standards Services of Common Concern* Staff - Community Security Group ORGANIZATION D/DCI/CT  Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6 STATINTL Members Air Force - Col. H. Kamm Army - MerrillT. Kelly uv1; - ueui-ge PVelsz FBI - David Ryan Navy - Richard i ch I I a e - Karl Ackerman STATINTL Treasury - Dennis Southern Executive Secretary - SECURITY COMP{IITTEE Chairman - Robert W. Gambino COMPOSITION Observers State INR - Donald Stigers DEA - Cyril Frank Commerce - William Randolph Sec Def - Maynard Anderson Community Security Group STATINTL  Approved For Release 2005/04/22: CIA-RDP85-00821 R000 NATIONAL FOREIGN ' INTELLIGENCE BOARD h1Er?1ORANDUM FOR THE NATIONAL FOREIGN INTELLIGENCE BOARD SUBJECT: DCI Security Committee 1.' At the 14 March 1978 meeting of the Board, I announced the reassignment and subordination of the DCI Security Committee under the Deputy to the DC1 for Support. 2. -The Community Security Group (CSG) is hereby established in the office of the D/DCT for Support to serve as the focal point for. Community Security affairs and to nrovirlp staff support to the DCI TAT Security Committee. "s appointed Chief, Community Security Group. He wi concurrently function as Executive Secretary of the DCI Security Committee. 3. The Security Committee supported by the CSG will be responsible for advising me on all matters of Community concern with respect to security policy and management: The Security Comm ttee will continue to function under the charter provisions of DCID 'No. 1/11 (effective l8 May 1976)_ The Community Security Group will subsume the compartmenta ti on security policy responsibilities heretofore exercised. by the Special Security Center, CIA. 4. The nucleus of the Community Security Group is being formed by the transfer of the positions until now associated with the Security Committee staff from the Intelligence Community Staff. The positions associated with compartmentation security policy functions in the Special Security Center, CIA are also being transferred to the Community Security Group. In addition, I am raking other positions available from the CIA to complete the organization.- Nominations \:ill be invited in the near future from the NFIB agencies to fill some of the positions in the Group on a rotational, reimbursable basis. 5. Effective immediately Plr_ Robert W. Gambino, Director of Security, CIA is appointed Chairman of the DCI Security Committee- 6. Effective 10 April 1973 the Community Security Group will be temL}orarily located in Room 3E 05 CIA Head t ' , quar ers Building, telephone i ?, i /sf fin y~ sTANSFIELD TURNER Chairman Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6  OS REOIS1ii * UIL of MEMORANDUM FOR: Director Central Intellienc FROM: John F. Blake Deputy Director for Administration SUBJECT: Sociirity-Committee..-Organization and _-Staffing-. (C) Sir: 1. (C) In anticipation of your 14 March 1978 appearance before NFIB, let me present an outline of tentative planning -regarding the..DCI Security Committee which you have already determined will operate in the future under the cognizance of the "Deputy to the DCI for Support." The preliminary think- ing has been heavily influenced by two underlying convictions: (1) with the dedication of adequate resources together with proper commitment and application, much more can be accom- plished in security on a Community level than-in the past; and (2) while the Agency's Office of Security will contribute heavily, in manpower and expertise, to the effort, the staff support to the Security Committee should be concentrated. in a.discretely separate entity reporting to the D/DCI/Support -side of my:Office. 2. (C) It is -propo-se& that such- a unit-be organized as the-!'Co - Securit Grou f CQSG) and be headed-by an Office -of -Security supergrade- who- will also-- act as the - Executive, Secretary of .the Security Committee. It is further proposed that-CSG feature (as shown in attached chart) a-three-branch breakdown with functions as indicated. A total -staffing complement- of- nine-.. professional. officers is anticipated, seven to be drawn from the,, Office;of Security and two coming from, elsewhere-in the--Community to serve as Branch Chiefs, i.e., C/Facilities Security anch and C/Personnel and Industrial Security Branch. (The two Branch Chiefs from the Community should be at least GS-15 level officers or 0-6.) It is assumed these two posts would be filled by calling for nominations from the other Community agencies. EZ 11NIPDET Approved For Rele 2Q 9 A-RDP85-0 Approved For Release 2 O6/b ff-: cl F oP85-00821R000100  Approved For Release M O4T1: CIA-RDP85-00821 R0001 00040015-6 3. (C) The role of the Director of?Security, CIA, is recognized as vital in the overall plan. He would-act as Chairman of the Security Committee. In his absence, the SECOM meetings would be run by a Vice Chairman - the senior ranking officer on the Committee. The Director of Security will draw his staff support from the CSG to which he in turn will provide technical guidance and professional advice. Under this concept of a revitalized Security Committee, the participating agencies will be expected to name their most senior security officers their members. These officers will -be expected to actively participate in SECOMI meetings and activities. 4. (C) The Planning projects., perhaps. for the- first -time, . a ..-truly concerted-, attack on?- policy -and implementation .discrepancies- .between. the- agencies . irr all the major. security -:dimensions. At the same time, the plan allows for the con- tinuance, at least for a time, of the current subcommittee structure of SECOM. This is predicated on the belief that the Community Security Group can prod these subcommittees to significantly greater accomplishments. 5. (C) Finally, establishment of the CSG frill, not Giti It will involve transfer o the four positions (GS-17, GS-16, GS-14, GS-09) currently con- stituting the Security Committee Staff under the IC Staff .from John Koehler's T/0 to mine. To these'I will add eight positions- from--the current.DDA ceiling. John F. Blake Distribution: Orig - Addressee 1 - DDCI 1 - ER - Approved For Relea 5,/$412 ;,~ 1 -RDP85-00821 R00010U040015-6  Approved For Release 2005/04/2? : CIA-RDP85-00821 R000100040015-6 Deputy Director for Deputy-t- DCI'.for C/Comparti:}en.ted Security Branch ?Compartmentation Policy and Standards ?CIB - Oversight ?Unauthorized Disclosures ?Compartmer}tation Subcommittee/SECOM - Liaison Director. of Security' CIA Chairman, Security Committee ChiefCommunity ;'Security,Gp'' (Executive:Secry,,SECOM} ' C/Facilities Security Branch ;C/Personnel .E Industrial Security: Branch ?Physical Security Policy and ?Personnel Security Policy and Standards Standards ?Technical Security Policy and ?Industrial Security Policy and Standards Standards ?Security RFD - Oversight ?Technical Surveillance Countermeasures Subcommittee/SECOM - Liaison ?Computer Security Subcommittee/SECOM - Liaison E2 IMMPDET L  Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6 CONFIDENTIAL 5X1 DIRECTOR OF CENTRAL INTELLIGENCE DIRECTIVE NO. 1/1 SECURITY COMMITTEE R 50~~+t' ;~' (Effective 18 May 1976) Pursuant to Section 102 of the National Security Act of 1947, Executive Order 11905 and National Security Council Intelligence Directives, a Security Committee is hereby established as a standing Director of Central Intelligence Committee with the following mission and functions. The mission of the committee is to provide the means by which the Director of Central Intelligence, with the advice of National Foreign Intelligence Board principals, can: a. Ensure establishment of security policies and procedures including recommendations for legislation for the protection of intelligence and intelligence sources and methods2 from unauthorized disclosure. b. Review and formulate personnel, physical and document security policies, standards and practices and dissemination procedures applicable to all organizations of the Executive Branch as such policies, standards, practices and procedures relate to the protection of intelligence sources and methods in consideration of the effectiveness, risks and cost factors involved. c. Review and formulate policies and procedures governing the release of intelligence to foreign governments and international organizations and the review of classified intelligence proposed for release to the public through declassification or other action. With respect to foreign disclosure, ensure that releases are in consonance with US security policy, should result in net advantage to the United States, and that the intelligence itself is accorded a degree of protection equal to that afforded by the United States. With respect to public release, ensure that disclosure or declassification actions are taken pursuant to proper authority and that they are accomplished so as to minimize the risk to intelligence sources and methods. d. Ensure that appropriate lawful investigations are made of any unauthorized disclosure or compromise of intelligence or of intelligence sources and methods and that the results of such investigations, along with appropriate recommendations, are provided to the Director of Central Intelligence. 'This directive supersedes DCID No. 1/11 effective 23 August 1974. 'The term intelligence as used in this document applies only to information covered by statute, Executive Order, or other authority consonant with the statutory responsibilities of the Director of Central Intelligence for foreign intelligence and for the protection of intelligence and intelligence sources and methods from unauthorized disclosure. I CONFI T AL Approved For Release 2005/04/22. CIA-RDP85C0~fl?1 Rnn 0Q04T15-6 3 6  Approved For Release 2005/AADEC4fDP85-00821 R0001 00040015-6 0 4. Composition, organization and rules of procedure a. The composition, organization and rules of procedure of the Security Committee are those stated in DCID 1/3, b. The committee will be supported by permanent subcommittees for technical surveillance countermeasures, computer security, special security compartmentation and security research and development. The chairmen of these subcommittees will be designated by the committee chairman with the concurrence of the Director of Central Intelligence. Attachments (4) George Bush Director of Central Intelligence 3 CONFIDENTIAL Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6  5X1 Approved For Release 200C5%UEN f)A-RDP85-00821 R000100040015-6 DIRECTOR S REGISTRy OF CENTRAL INTELLIGENCE DIRECTIVE NO. 1 / TECHNICAL SURVEILLANCE COUNTERMEASURES The functions of the Security Committee include: 1. With respect to general technical surveillance countermeasures: a. To facilitate the formulation, development and application of effective countermeasures equipment and techniques based on assessments by the Central Intelligence Agency and other knowledgeable organizations of the intelligence Community of (1) the state of the art of audio surveillance equipment, and (2) the known and estimated technical surveillance capabilities of foreign governments. b. To formulate and recommend to the Director of Central Intelligence resource programming objectives for Intelligence Community organizations in the field of technical surveillance countermeasures in consideration of current and foreseen threats and with regard for the effective and efficient use of resources. c. To coordinate all aspects of the US Government effort in defense against technical surveillance penetration and to resolve conflicts that may arise in connection therewith. d. To facilitate the interchange of information in the field of technical surveillance countermeasures among Intelligence Community organizations and others as appropriate, particularly by the preparation, publication and dissemination of appropriate reports, notices and guides, e. To recommend policies governing disclosures concerning technical surveillance devices (except as otherwise provided for under NSCID No. 5), or countermeasures thereto, to be made to foreign governments or international organizations in which the US Government participates. f. To advise Intelligence Community organizations of technical surveillance countermeasures objectives and standards to be considered in connection with existing or new facilities abroad. g. To prepare damage assessments by furnishing reports of known or suspected hostile audio surveillance penetrations of US facilities and recommending remedial or other actions as appropriate. h. To evaluate the curriculum de policy guidance to, Ionducted by CIA as a service o common concern for training Intelligence Community and other US Government personnel in technical surveillance countermeasures. 1 CONFIDENTIAL Approved For Release 2005/04/22: CIA-RDP85GQ0 $, 1 R 0004T15-6 36 (Attachment 1)  Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6 DCID No. 1/11 Attachment 2 DIRECTOR OF CENTRAL INTELLIGENCE DIRECTIVE NO. 1/11 (Attachment 2) 1. Review, formulate and recommend to the Director of Central Intelligence policies, standards and procedures to protect intelligence data stored or processed by computer. 2. Advise and assist the Director of Central Intelligence, Intelligence Community organizations, DCI committees and other intelligence users with respect to all computer security issues; and to resolve conflicts that may arise in connection therewith. S MTh The Security Committee with respect to computer security shall: r? ~ e C. ,A f 3. Formulate and recommend to the Director of Central Intelligence resource programming objectives for Intelligence Community organizations in the field of computer security in consideration of current and foreseen vulnerabilities and threats and with regard for the effective and efficient use of resources; to foster and to monitor an aggressive program of computer security research and development in the Intelligence Community in order to avoid unwarranted duplication and to assure the pursuit of an effective effort at resolving technical problems associated with the protection of computer operations. 4. Coordinate all aspects of Intelligence Community efforts in defense against hostile penetration of Community computer systems and as feasible to support other governmental efforts aimed.at improving computer security technology; to foster a coordinated program of Intelligence Community computer security training and indoctrination. 5. Facilitate within the Intelligence Community the exchange of information relating to computer security threats, vulnerabilities and countermeasures by providing a focal point for: a. The evaluation of foreign intentions and capabilities to exploit Community computer operations; b. Central notification of hostile exploitation attempts; c. The preparation of damage assessments of incidents of foreign exploitation of intelligence computer operations; and d. The development of policy recommendations to the Director of Central Intelligence on the release of computer security information to foreign governments and international organizations. 6. Review, formulate and recommend minimum computer security standards, procedures and criteria as guidance for system design, evaluation and certification of acceptable levels of security for computer systems. 0015-6 Approved For Release 2005/04/22 : CIA-RDP85-00821 R0ADJ1000b9 COPY ry ~'  Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6 3. To furnish technical guidance and assistance to the Committee on Imagery Requirements and Exploitation, to the SIGINT Committee, and to the Executive Agents of other compartmented information in connection with their sanitization, downgrading, declassification and decontrol responsibilities. 4. To review and survey, when appropriate, with the cooperation and assistance of the National Foreign Intelligence Board principal concerned, the security standards, practices and procedures employed by Intelligence Community organizations and their contractors in relation to approved compartmentation policies, procedures and controls; and to make recommendations for practical improvements to the National Foreign Intelligence Board principals concerned through the Director of Central Intelligence. 5. To provide advice and guidance to foreign governments participating in US compartmented intelligence activities. 6. To recommend security policies, in coordination with appropriate Director of Central Intelligence committees, governing the release or disclosure of compartmented intelligence to the public, foreign governments or international organizations in which the US Government participates. Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6 CONFIDENTIAL  Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6 CONFIDENTIAL DIRECTOR OF CENTRAL INTELLIGENCE DIRECTIVE NO. 1/11 (Attachment 3) COMPARTMENTATION I The functions of the Security Committee as they relate to compartmen,tation controls are: 2 1,-! 5n 1. To develop and recommend to the Director of Central Intelligence, with the advice of the National Foreign Intelligence Board, technical guidance for the establishment, maintenance and improvement of coordinated compartmentation systems which will: a. Provide special protection to sensitive intelligence, intelligence information and intelligence sources and methods under the authority of Section 9 of Executive Order 11652. b. Ensure the establishment and disestablishment of compartmentation of intelligence and intelligence information on the instructions of the Director of Central Intelligence. c. Ensure coherent control by the Director of Central Intelligence of the processes for access approvals to compartmented intelligence and intelligence information and of the processes for dissemination, sanitization or release of such intelligence information. d. Ensure the establishment and promulgation of appropriate criteria for security and need-to-know access approvals. 2. To formulate, coordinate, maintain and promulgate technical guidance for use in the administration of compartmentation controls at all echelons of Intelligence Community organizations, both domestic and overseas, including consultants and contractor support activity concerning: a. Access approval criteria and employment in hazardous duty areas b. Physical security c. Document identification, handling, accountability and destruction d. Automatic data processing and associated materials. 'The term "compartmentation" as used in this directive refers to the system whereby special Intelligence Community controls indicating restricted handling within collection programs and their end products are applied to certain types of intelligence information and material. The term does not include Restricted Data as defined in Section II, Atomic Energy Act of 1954, as amended. 21n the conduct of these functions, the committee will recognize the special requirements of individual compartmented collection programs operated on an Executive Agent basis, particularly those which involve hazardous activities- 1 CONFIDENTIAL Approved For Release 2005/04/22: CIA-RDP85C0 1 RCNQ10Qp4Q,015-6 36  # Approved For Release 2005/04/22 : CIA-RDP85-00821 R000100040015-6 DCID 1/11 Attachment 4 DIRECTOR OF CENTRAL INTELLIGENCE DIRECTIVE NO 1 T. (Attachment 4) f. T ", -tt i RESEARCH AND DEVELOPMENT The functions of the Security Committee as they relate to security researc aid , development include: A s 1. With respect to general technical surveillance countermeasures research and development: a, To establish and direct an aggressive and imaginative program of research and development leading to improved technical surveillance countermeasures equipment and techniques. b. To coordinate research and development programs in the technical countermeasures field, particularly to ensure an effective exchange of information and to avoid unwanted duplication. c. To promote joint development and procurement of appropriate specialized items of technical surveillance countermeasures equipment where cost savings or increased security can be achieved through interagency exchange of prototype equipment for evaluation purposes and through joint procurement activities. d. To establish and coordinate research and development programs in such related areas as physical security devices and computer security systems. 2. With respect to physical security, computer security and other technical aspects of security: To initiate and coordinate appropriate research and development programs required to support the other missions of the Security Committee. 3. With respect to foreign technical threats: To identify and consider any new foreign technical threats in the field of security resulting from advances in US or foreign technology. Approved For Release 2005/04/22: CIA-RDP85- 0088 R0NF0 915-6