Enterprise Security System (ESS)

Abstract

Defense Counterintelligence Security Agency (DCSA) manages the Enterprise Security System (ESS) to provide an effective, real-time, security support capabilities for Military Departments, DoD Agencies, the NISP, and other Federal Agencies. In compliance with the Expanded Electronic Government, President’s Management Agenda, and the DoD Enterprise Architecture Framework, Enterprise Security System (ESS) is the unified offering of security mission systems to facilitate and automate improved national investigative standards, streamline security processes, and increase DoD community collaboration. DCSA Mission Information Technology (IT) systems provide critical service to the major DCSA mission areas for Industrial Security Oversight and Security Education. DCSA performs this critical function through operation of its mission production systems to include the National Industrial Security System (NISS) and the DCSA Gateway. RDT&E for DCSA mission systems primarily includes pre-planned product enhancements and improvements to the applications, research and improve assured information sharing to better posture systems and networks against vulnerabilities, ensure self-defense of systems and networks, and safeguard data at all stages to increase efficiencies through web-based systems to manage certification and accreditation activities. These IT systems are as follows: National Industrial Security System (NISS, formerly known as Field Operations System (FOS). NISS is the next generation functional replacement for the Industrial Security Facility Database system (ISFD) and supports end to end facility identification and registration processing, Foreign Ownership Control or Influence (FOCI) mitigation, and supports Personnel Vetting business processes. NISS provides a centralized web-based platform for National Industrial Security Program (NISP) personnel to manage the industrial security facility clearance process; from request initiation to approval (or rejection) storage of all associated data, and provides a centralized process for users to submit, update, search, and view facility verification requests. National Contract Classification System (NCCS). NCCS is a web-based system that automates the DD Form 254 for contract security classification specification submission; provides submitter with intuitive form of instructions, drop-down selections, and linkage to relevant contract information for completing the form; and provides user access control, query/search, notification, tracking, and reporting capabilities for accountability of all contract security classification specifications. The Federal Acquisition Regulation (FAR) requires a DD Form 254 for each classified contract, and the National Industrial Security Operating Manual (NISPOM)(4-103a) requires a DD 254 be issued by the government with each Invitation for Bid, Request for Proposal, or Request for Quote. The DD Form 254 provides contractor (or a subcontractor) the security requirements and classification guidance necessary to perform on a classified contract. Contract Security Classification Specification required by DoD 5220.22-4, Industrial Security Regulation and the National Industrial Security Program Operating Manual (NISPOM) is to develop a federated system for the oversight and management of classified information access and guidance to perform on classified contracts. The DD 254, an underlying business process, is critical to ensure access to our Nation’s classified information is safeguarded. National Industrial Security Program (NISP) DCSA NISP Central Access and Information Security System (NCAISS) a web-based Identity Management (IdM) enterprise portal, PKI compliant point-of-entry to the suite of services offered by DCSA, which controls user service accessibility through single sign-on authentication. User service-level permissions are verified, and authorized services are offered accordingly. Control Access and Information Security System (NCAISS) formerly known as Identity Management (IdM). NCAISS is mandatory for compliance with Department of Defense (DoD) Public Key Infrastructure (PKI) Program Management Office and Office of the Assistant Secretary of Defense for Networks and Information Integration (ASD-NII), Joint Task Force for Global Networks Operations (JTF-GNO) Communications Tasking Order (CTO) 06-02, CTO 07-015, and Office of Management and Budget (OMB) Memo 11-11 (M-11-11), which directed accelerated use of PKI access across the enterprise. This initiative is designed to enable multiple DCSA business systems to have service-accessibility that is controlled through PKI-compliant single sign-on authentication. Potential expanded use of the NCAISS across the DCSA enterprise to provide CAC-based authentication for business support applications to support the SIPRNet and JWICS domains, provide enhanced identity and access control analytics. It incorporates any remaining DCSA operated application into the DcSA NCAISS solution. DCSA is establishing a Controlled Unclassified Information (CUI) program for industry that requires development and implementation of tools that support integration with cybersecurity monitoring, threat indications and warning, and supply chain illumination to protect critical technology. The development of a Security Rating Score (SRS) and its integration with the Contract Performance Assessment System will inform defense acquisition decisions and prioritize DCSA Industrial Security with active monitoring of companies in a single system of record. Funding will purchase data licenses for supply chain illumination tools that can be integrated into CUI cybersecurity assessments and will include business process tools to integrate data and manage DCSA business unit inputs from industrial and personnel security inputs. Funds will also support use of Artificial Intelligence / Machine Learning to accelerate and enhance cyber I&W via predictive analytics. The Defense Information System for Security (DISS) is to consolidate the DoD personnel security mission into an enterprise adjudicative case management system that will automate the implementation of improved national investigative and adjudicative standards to eliminate costly and inefficient work processes and increase information collaboration across the community to provide comprehensive capabilities to perform processing and verification of security clearances for all DoD military personnel, civilians, and contractors including the technology and processes that need to be addressed in order to implement Continuous Evaluation.

Document Details

Document Type

Project

Publication Date

Oct 01, 2021

Source ID

000_0604130V_7_0400_PB_2021

Tags

Related Documents

• Root: Enterprise Security System (ESS)
• Child Accomplishment: Systems Enhancement
• Child Cost Item: 6954867bbf478911b9ebb1a6bc7e9ec4
• Child Cost Item: f6143f4b9629126275396a9cc5270466
• Child Cost Item: ecef11345223b9031cd73da56220aba8
• Child Cost Item: cece3430c64aa99123518e080ee92601
• Child Cost Item: 644db3a4c60cfcc1c121fb61509e2509
• Child Cost Item: af2c471a24ed63ba90a6a3185fc4da03
• Child Cost Item: 1f666b2faed5fa9da8280701ad653d05