National Counterintelligence and Security Center
The National Counterintelligence and Security Center (NCSC) is a U.S. government organization under the Office of the Director of National Intelligence (ODNI) that leads national counterintelligence efforts to protect against foreign intelligence threats to national security.[1][2] Established on December 1, 2014, by the Director of National Intelligence, the NCSC integrated and aligned counterintelligence functions previously dispersed across agencies, succeeding earlier entities focused on similar missions.[3] Its statutory mandate, outlined in 50 U.S. Code § 3383, directs it to organize strategic planning, integrate counterintelligence activities across the executive branch, and produce assessments of threats from foreign intelligence entities.[4] The NCSC's core activities include coordinating intelligence community resources against espionage, sabotage, and subversion; conducting outreach to private sector entities vulnerable to economic espionage; and issuing public warnings on security risks.[5] It emphasizes vulnerability assessments, budget prioritization for counterintelligence programs, and collaboration with law enforcement to mitigate insider threats and cyber intrusions by state actors.[6] Through these efforts, the NCSC has advanced unified strategies to counter persistent foreign intelligence operations targeting U.S. technology, research, and critical infrastructure.[3]History
Pre-Establishment Counterintelligence Framework
Prior to the establishment of a dedicated national counterintelligence entity, U.S. counterintelligence efforts were decentralized and primarily conducted by individual agencies, with the Federal Bureau of Investigation (FBI) serving as the lead for domestic counterintelligence under Executive Order 12333, while the Central Intelligence Agency (CIA) and Department of Defense components handled foreign and military-related activities, respectively. This fragmented approach stemmed from the post-World War II era, where coordination was ad hoc and often reactive to specific threats like Soviet espionage during the Cold War, lacking a unified national strategy until the 1990s. In response to post-Cold War vulnerabilities, including economic espionage and technology theft, President Bill Clinton issued Presidential Decision Directive (PDD)-24 on May 3, 1994, which mandated enhanced interagency cooperation and established the National Counterintelligence Policy Board (NCIPB) to oversee policy and the National Counterintelligence Center (NACIC) to implement joint activities.[7] NACIC, initially housed within the CIA but directed by a senior FBI official to ensure domestic focus, served as a central hub for threat assessments, information sharing, and coordination among the 17-plus agencies involved in counterintelligence, marking the first formal national framework for integrating CI efforts beyond agency silos.[7] However, NACIC's resources were limited, and its effectiveness was constrained by interagency rivalries and insufficient authority over operational elements.[8] On January 5, 2001, President Clinton's directive reorganized NACIC into the Office of the National Counterintelligence Executive (ONCIX), elevating the National Counterintelligence Executive (NCIX) to lead community-wide strategy and creating the National Counterintelligence Board for senior-level oversight.[9] This shift aimed to address gaps exposed by events like the 1990s espionage cases involving losses of classified data, with ONCIX tasked with producing annual threat assessments, developing national CI strategies, and fostering integration across the intelligence community. The Intelligence Authorization Act for Fiscal Year 2003, including the Counterintelligence Enhancement Act of 2002, codified the NCIX position, granting statutory authority independent of any single agency and emphasizing protection against foreign intelligence entities targeting U.S. information and assets.[8] From 2001 to 2014, ONCIX operated under the Director of Central Intelligence until its integration into the Office of the Director of National Intelligence (ODNI) in 2005 following the Intelligence Reform and Terrorism Prevention Act of 2004, which sought to unify CI leadership post-9/11.[3] During this period, ONCIX issued strategies like the 2005 National Counterintelligence Strategy, prioritizing threats from nation-states such as China and Russia, and coordinated responses to cyber-enabled espionage, though critics noted persistent challenges in resource allocation and enforcement across departments. The framework relied on voluntary agency compliance, with the NCIX lacking direct command authority, which limited its ability to enforce unified operations amid growing non-traditional threats like insider risks and supply chain vulnerabilities.[10] This structure laid the groundwork for the NCSC by demonstrating the need for a more robust, integrated center within ODNI to consolidate CI and security missions.[6]Establishment in 2014
The National Counterintelligence and Security Center (NCSC) was established on December 1, 2014, by Director of National Intelligence James R. Clapper as a component of the Office of the Director of National Intelligence (ODNI).[3] This creation integrated counterintelligence and security functions previously handled separately, merging the Office of the National Counterintelligence Executive (ONCIX)—established in 2001—and the Center for Security and Insider Threat into a unified organization to streamline national efforts against foreign intelligence threats.[11][3] The establishment responded to the need for enhanced coordination amid growing threats from foreign intelligence services, including cyber espionage and insider risks, building on the Counterintelligence Enhancement Act of 2002 that had formalized the NCIX role.[3] Clapper appointed William R. Evanina, who had served as National Counterintelligence Executive since June 2, 2014, to lead the NCSC as its first director, tasking it with producing the National Counterintelligence Strategy and overseeing interagency counterintelligence activities.[12][13] Under ODNI authority derived from Executive Order 12333, the NCSC assumed responsibility for identifying intelligence gaps, prioritizing counterintelligence requirements, and fostering collaboration across the U.S. Intelligence Community without creating new statutory mandates.[14] This structural reform aimed to address fragmented efforts exposed in prior assessments of espionage cases, such as those involving Chinese and Russian actors, by centralizing analysis and policy development.[3] Initial priorities included insider threat mitigation and supply chain risk management, reflecting the evolving nature of national security challenges at the time.[14]Post-2014 Developments and Reforms
In the years following its December 1, 2014, establishment, the NCSC issued its 2018-2022 Strategic Plan, which outlined priorities including structural reforms to bolster the security of classified networks, mitigate insider threats, and improve interagency information sharing on foreign intelligence risks.[6] This plan emphasized producing the National Threat Identification and Prioritization Assessments in coordination with U.S. government departments to address espionage, cyber intrusions, and supply chain vulnerabilities, particularly from adversarial states like China and Russia.[6] The NCSC expanded its role in countering insider threats through oversight of the National Insider Threat Task Force, established under Executive Order 13587, by developing minimum standards for detection programs across federal agencies and promoting cross-sector collaboration. By 2021, these efforts had facilitated increased training and operational coordination among Intelligence Community (IC) elements, enabling more unified responses to foreign intelligence activities, though persistent challenges in integrating disparate agency CI functions remained.[10] Legislative developments reinforced NCSC's mandate; the Intelligence Authorization Act for Fiscal Year 2023 codified prior DNI-led reforms by establishing the Director of NCSC as a Senate-confirmed position reporting directly to the DNI, aiming to elevate counterintelligence leadership amid rising geopolitical threats.[11] In parallel, the NCSC advanced CI enhancements under Executive Order 12333, focusing on protecting critical infrastructure and advancing the IC's overall security posture against foreign and non-state actors.[14] By 2025, ongoing reforms addressed perceived fragmentation in U.S. counterintelligence; a House-proposed SECURE Act sought to unify efforts by granting NCSC expanded authority over IC-wide CI operations and resources.[15] NCSC leadership nominees advocated for a dedicated counterintelligence career field to professionalize personnel and position the center as a central "nerve center" for threat mitigation.[16] However, ODNI reorganization plans announced in September 2025 proposed curtailing NCSC's scope by redistributing functions, potentially reducing its staff and influence amid budget constraints and shifting priorities toward counterterrorism.[17] Concurrently, the incoming Director floated replacing NCSC with a more empowered National Counterintelligence Center to streamline oversight across the IC.[18] These initiatives reflect persistent debates over NCSC's efficacy in countering evolving threats, with official assessments highlighting improved threat awareness but criticizing siloed agency practices.[11]Mission and Organizational Structure
Core Mission and Mandates
The National Counterintelligence and Security Center (NCSC) leads and supports U.S. Government counterintelligence (CI) and security activities critical to protecting the nation from foreign and adversarial threats. Its core mission involves organizing and directing strategic planning for CI efforts across the federal government, including the integration of national power instruments to counter foreign intelligence activities targeting U.S. interests. This encompasses producing the National Threat Identification and Prioritization Assessment (NTIPA) in consultation with federal agencies and private sector entities, as well as developing and revising a National Counterintelligence Strategy at least every three years to align with broader intelligence community priorities.[4][5] Key mandates include evaluating and reporting to the President on the strategy's implementation, identifying shortfalls and recommending remedies; overseeing strategic CI analyses such as damage assessments and lessons learned; coordinating budgets and resources for CI programs to ensure alignment with national objectives; and establishing priorities for CI investigations, operations, and collection without directly conducting such activities. The NCSC also conducts CI vulnerability assessments, outreach programs to at-risk entities, research and development initiatives, training for CI personnel, and countermeasures against foreign commercial spyware on government devices. These responsibilities position the center as the lead for CI analysis and integration within the intelligence community.[4] In addition to CI leadership, the NCSC extends outreach to private sector organizations vulnerable to foreign intelligence penetration and issues public warnings on emerging threats to national security. Its security mandates involve advancing the protection of critical infrastructure, networks, personnel, and information, including oversight of the Security Executive Agent functions to modernize vetting processes like continuous evaluation for security clearances and insider threat programs. Strategic goals emphasize countering threats through enhanced knowledge and capabilities, forging partnerships across government and industry, and improving organizational effectiveness to mitigate risks from nation-state actors and other adversaries.[5][6]Internal Organization and Reporting Lines
The National Counterintelligence and Security Center (NCSC) operates as one of the mission centers within the Office of the Director of National Intelligence (ODNI), functioning primarily as a staff organization that coordinates counterintelligence and security efforts across the U.S. Intelligence Community (IC).[19][2] The NCSC Director reports directly to the Director of National Intelligence (DNI), who oversees all IC activities, ensuring alignment with national intelligence priorities.[20][21] Internally, the NCSC is led by a Director, currently George W. Street, appointed in September 2025, supported by a Deputy Director, James Cangialosi, and an Executive Director, Mirriam-Grace MacIntyre, who manages day-to-day operations.[21][22][23] This leadership structure facilitates strategic oversight, with the Director chairing the National Counterintelligence Policy Board to integrate efforts among IC agencies.[21] The organization draws personnel from various IC elements, emphasizing subject-matter expertise in counterintelligence, security risk management, and insider threat mitigation rather than maintaining large operational divisions.[2] Reporting lines extend from IC agency heads to the NCSC Director for counterintelligence coordination, while the NCSC itself reports strategic assessments and policy recommendations upward to the DNI for dissemination to the President and National Security Council.[24] The NCSC also integrates the National Insider Threat Task Force (NITTF), which operates under its auspices to standardize insider threat programs across federal departments.[11] This hierarchical yet collaborative framework prioritizes interagency synchronization over siloed operations, reflecting the ODNI's role in fostering unity of effort.[19]Relationship to Broader Intelligence Community
The National Counterintelligence and Security Center (NCSC) operates as a key component of the Office of the Director of National Intelligence (ODNI), serving as one of its four mission centers dedicated to counterintelligence (CI) and security functions. Established in 2014 by the Director of National Intelligence (DNI) to consolidate and align CI and security missions previously fragmented across agencies, the NCSC reports directly to the DNI and integrates expertise from the broader Intelligence Community (IC), which comprises 18 elements including the CIA, NSA, and FBI.[25][6] Its director concurrently holds the position of National Intelligence Manager for Counterintelligence (NIM-CI), a Senate-confirmed role since 2015 that positions the NCSC to advise the DNI on CI priorities and oversee national-level CI policy without direct operational authority. In relation to the IC, the NCSC provides centralized leadership by developing and coordinating the National Counterintelligence Strategy of the United States, the National Threat Identification and Prioritization Assessment (NTIPA), and annual CI collection, investigation, and operations priorities shared across IC elements.[25][6] It unifies CI efforts through mechanisms such as the National CI Board and Policy Board, identifying gaps in IC capabilities, recommending resource allocations via the National Intelligence Program (NIP) budgeting process, and conducting espionage damage assessments to inform IC-wide responses.[6] While the NCSC does not execute investigations, foreign contacts, or operational activities—deferring those to IC agencies like the FBI and CIA—it facilitates information sharing, training standards, and evaluations to enhance coordination among the 18 IC members, ensuring a cohesive approach to countering foreign intelligence threats.[25] Additionally, as the DNI's Security Executive Agent, the NCSC supports IC security infrastructure by overseeing clearance processes, continuous evaluation programs, and protection of classified networks and facilities, thereby enabling secure collaboration across IC elements and interagency partners.[6] This role extends to blending CI and security analyses in threat assessments, such as those on insider threats and supply chain risks, which are disseminated to guide IC resource decisions and operational planning.[6] Through these functions, the NCSC acts as a strategic enabler rather than a line operator, promoting agility and resilience in the IC's collective defense against espionage and other adversarial activities.Leadership
Directors and Key Appointments
William R. Evanina served as the inaugural Director of the National Counterintelligence and Security Center from June 2, 2014, to January 2021, having previously led the Office of the National Counterintelligence Executive before its merger into NCSC.[26][27] During his tenure, Evanina coordinated U.S. counterintelligence efforts across government agencies and was Senate-confirmed in May 2020 to formalize the role under statutory requirements.[28] Following Evanina's departure, the position saw interim leadership before Michael C. Casey was confirmed by the Senate as Director on September 14, 2023.[29] Casey, a career intelligence professional with prior service in counterintelligence roles, focused on enhancing insider threat mitigation and supply chain security risks during his approximately two-year term, which ended in early 2025 amid administrative transitions.[30] George "Wes" Street, nominated by President Donald Trump on March 12, 2025, was confirmed by the Senate as Director on September 19, 2025, succeeding Casey and assuming the role as principal counterintelligence advisor to Director of National Intelligence Tulsi Gabbard.[23][31] Street, with over 30 years in counterintelligence including active-duty Army service, oversees NCSC's strategic coordination of national counterintelligence activities.[21] Key supporting appointments include James Cangialosi as Deputy Director, responsible for operational oversight, and Mirriam-Grace MacIntyre as Executive Director, managing daily NCSC functions and staff of approximately 100 personnel. These roles report directly to the Director and facilitate interagency collaboration within the U.S. Intelligence Community.[22]| Director | Tenure | Key Notes |
|---|---|---|
| William R. Evanina | June 2014 – January 2021 | First NCSC Director; Senate-confirmed 2020; led merger of prior counterintelligence entities.[26][28] |
| Michael C. Casey | September 2023 – Early 2025 | Confirmed September 14, 2023; emphasized insider threats and supply chain risks.[29] |
| George "Wes" Street | September 2025 – Present | Confirmed September 19, 2025; 30+ years in counterintelligence.[23][21] |