By James Lint
Senior Editor for InCyberDefense and Contributor, In Homeland Security

During the Global Security Exchange (GSX) conference hosted by ASIS International this week in Las Vegas, InfraGard’s National Congress took place. The Congress meeting featured an thought-provoking keynote panel discussion in regard to software.

Keynote Panel Discussion

A panel, “Securing the DoD Supply Chain & Security as the 4th Pillar of the DoD Acquisition Process” was moderated by Mr. Matthew Miller, Vice President of Special Programs at InfraGard National. The three panelists, each with over 30 years of experience, were:

• Daniel Payne, Director of Defense Security Service (DSS)
• Cindy Morgan, principal of Pikes Peak, LLC
• Harvey Rishikof, Chair of the American Bar Association Standing Committee on Law and National Security

Director Payne Describes Need to Protect Technology

Director Payne started his career at CIA counterintelligence. With over 36 years of counterintelligence experience, he has a strong understanding of national security requirements.

“DSS is out there to protect our critical technologies,” he said. “DSS supports 32 [federal] agencies in the protection of critical technologies.”

Payne announced that security clearance background investigations are reverting to DSS. The mission was previously carried out by the Office of Personnel Management (OPM) and before that by DSS under its old name, the Defense Investigative Service. Some elements in the Intelligence Community will not be included in this DSS move.

IHS Exclusive: An In-Depth Chat With A Diplomatic Security Service (DSS) Agent

“DSS will take over the Sensitive Compartmented Information Facility (SCIF) accreditation,” Payne added. He explained that this move will mean greater standardization of SCIF accreditation rules and interpretation of the regulations.

“DSS will become the Functional Manager for DoD Counterintelligence, and they are working on a Presidential Executive Order,” Payne said. But elements of the EO may change after some future discussions.

There will be substantial growth at DSS’ 46 offices, Payne predicted. “They currently have about 900 personnel, and will move to 5000 or 6,000 personnel.” So this is a god time for job hunters to get prepared for various new positions opening.

 Morgan Seeks Translators to Put US Security Products into Other Languages

Sometimes, government agencies have overseas offices or have large numbers of non-English speaking employees, Morgan noted. She has worked to make security education software match the language of the workforce. We find translators to put our security products into other languages, she explained. Ideas like Morgan’s can increase the security of organizations.

Rishikof Discusses Compliance Motivation and Ways to Have Clean Code on Software

Rishikof’s ideas focused on motivating compliance and having clean code on U.S. government purchase of software. Often, software code is released early and modified in updates, he said. That gives bad actors and nation-states the opportunity to insert code that transmits organizational data to an unfriendly location.

“We are in the era similar of the pre-building codes eras; our software code and software assurance has no UL codes or standardization,” Rishikof noted. “For building software for cyber products, there are no requirements for software assurance.”

Rishikof would also like to see tax breaks for companies that offer assurances that their software is malware-free. Additionally, he suggested that insurance companies could give premium discounts to companies that create software that has not been infected by malware or other additions by foreign governments.

GSX Conference Offers Attendees the Opportunity to Learn More about InfraGard

The InfraGard booth at the GSX conference gave potential members the opportunity to learn more about what InfraGard is. There is no cost to join and benefits include the chance to network with fellow professionals employed by the Federal Bureau of Investigation (FBI) and other security and law enforcement organizations. Local chapter meetings help members stay current on industry threats.

About the Author

James R. Lint retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service. Recently, he has been designated as the National Sector Chief for the Defense Industry Base by the InfraGard National Council.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 54th scholarship for national security students and professionals. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. James has authored a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 “Secrets to Getting a Federal Government Job.”