The National Industrial Security Program (NISP) ensures that contractors safeguard the government¿s classified info. (CI). NISP protects technologies critical to maintaining military technological superiority and other U.S. nat. security interests. The Defense Security Service (DSS) grants clearances to contractor facilities so they can access and store CI. In 2005, DSS monitored over 11,000 facilities¿ security programs to ensure that they meet NISP requirements for protecting CI. In 2004 and 2005, reports were issued that examined DSS responsibilities related to facilities accessing or storing CI. This testimony summarizes the findings of these reports and their relevance to the effective protection of technologies critical to U.S. national security interests.

Creates a new government & industry partnership which empowers industry to more directly manage its own administrative security controls. Covers: security clearances; security training & briefings; classification & marking; safeguarding classified information; visits & meetings; subcontracting; automated information system security; international security requirements; & much more. Also contact list, glossary, & foreign equivalent markings. Produced jointly by: the Energy Dept., DoD, the Nuclear Regulatory Commission, & the CIA.

It is not yet 60 years since the first artificial satellite was placed into Earth orbit. In just over a half century, mankind has gone from no presence in outer space to a condition of high dependence on orbiting satellites. These sensors, receivers, transmitters, and other such devices, as well as the satellites that carry them, are components of complex space systems that include terrestrial elements, electronic links between and among components, organizations to provide the management, care and feeding, and launch systems that put satellites into orbit. In many instances, these space systems connect with and otherwise interact with terrestrial systems; for example, a very long list of Earth-based systems cannot function properly without information from the Global Positioning System (GPS). Space systems are fundamental to the information business, and the modern world is an information-driven one. In addition to navigation (and associated timing), space systems provide communications and imagery and other Earth-sensing functions. Among these systems are many that support military, intelligence, and other national security functions of the United States and many other nations. Some of these are unique government, national security systems; however, functions to support national security are also provided by commercial and civil-government space systems. 
The importance of space systems to the United States and its allies and potential adversaries raises major policy issues. National Security Space Defense and Protection reviews the range of options available to address threats to space systems, in terms of deterring hostile actions, defeating hostile actions, and surviving hostile actions, and assesses potential strategies and plans to counter such threats. This report recommends architectures, capabilities, and courses of action to address such threats and actions to address affordability, technology risk, and other potential barriers or limiting factors in implementing such courses of action.

Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) introduces a new methodology to help critical infrastructure owners, operators and their security practitioners make demonstrable improvements in securing their most important functions and processes. Current best practice approaches to cyber defense struggle to stop targeted attackers from creating potentially catastrophic results. From a national security perspective, it is not just the damage to the military, the economy, or essential critical infrastructure companies that is a concern. It is the cumulative, downstream effects from potential regional blackouts, military mission kills, transportation stoppages, water delivery or treatment issues, and so on. CCE is a validation that engineering first principles can be applied to the most important cybersecurity challenges and in so doing, protect organizations in ways current approaches do not. The most pressing threat is cyber-enabled sabotage, and CCE begins with the assumption that well-resourced, adaptive adversaries are already in and have been for some time, undetected and perhaps undetectable. Chapter 1 recaps the current and near-future states of digital technologies in critical infrastructure and the implications of our near-total dependence on them. Chapters 2 and 3 describe the origins of the methodology and set the stage for the more in-depth examination that follows. Chapter 4 describes how to prepare for an engagement, and chapters 5-8 address each of the four phases. The CCE phase chapters take the reader on a more granular walkthrough of the methodology with examples from the field, phase objectives, and the steps to take in each phase. Concluding chapter 9 covers training options and looks towards a future where these concepts are scaled more broadly.