1. Technology and Intellectual Property Protection in a Global Economy AUVSI Symposium
Thank you very much for the opportunity to speak today. It is truly an honor to address so many who do so much to protect our technology and by extension our war fighters who pay for our nation's freedom every single day. It is said that our first decade of life determines our personality, that the second decade determines our character, and that the third defines our identity. I do not know if that is true for everyone but I do know that for me I still think of myself as an Army Flight Surgeon and later ophthalmologist who has undergone a branch transfer to a related service. The motto of the Army Medical Corp is “To conserve the fighting strength” I consider myself truly fortunate to have the opportunity to continue that mission in an entirely different operating theatre.
I have been asked to speak today about a proactive initiative intentionally designed to the fact that the basic and applied DOD research (6.0 – 6.2) which has the potential to give our troops overwhelming strategic and tactical advantages often occurs in university cultures with minimal security and no counterintelligence perspective. Moreover, given the unclassified nature of the research there are few if any legal or regulatory tools to force a change in this culture. Consequently, we are attempting a coordinated national and local initiative to change the culture from within. We are addressing the insider threat by becoming insiders ourselves.
Gregory S. Witkop, M.D.
Special Agent, FBI
Basic and Applied Research Consultant, Critical National Asset Unit
Strategic Partnership Coordinator, Seattle Division
Affiliate Scientist, UW Applied Physics Laboratory
UNCLASSIFIED

2. The Great Game
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
From time to time, God causes men to be born who have a lust to go abroad at the risk of their lives and discover news – today it may be of far off things, tomorrow of some hidden mountain, and the next day of some near by men who have done a foolishness against the State. We of the Game are beyond protection. If we die, we die. Our names are blotted from the book. When everyone is dead the Great Game is finished. Not before.
Rudyard Kipling’s Kim

3. Traditional Threat
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
“Many people assume the end of the Cold War made the world of cloak-and-dagger obsolete. Unfortunately, espionage is still very much with us. Nations will always try to learn one another’s secrets to gain political, military, or economic advantage. Indeed, the foreign intelligence presence operating in the United States is roughly the same as it was during the Cold War.”
Robert S. Mueller, III – Director, FBI 11/17/2011

4. Asymmetric Threat
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
“ Apart from the more traditional types of espionage, today’s spies are just as often students, researchers, businesspeople, or operators of “front companies”. And they seek not only state secrets, but trade secrets from corporations and universities-such as research and development, intellectual property, and insider information.”
Robert S. Mueller, III – Director, FBI 11/17/2011

5. Cyber Threat
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
“ I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.”
Robert S. Mueller, III – Director, FBI /01/2012

6. Commercial / ITAR Threat
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
“At least 108 countries have full fledged procurement networks that work through front companies, joint ventures, trade delegations and other mechanisms to methodically target our government, our private industries, and our universities. Assistant Attorney General Kenneth Weinstein October 2007

7. Risks when we sell… COUNTRY 1 COUNTRY 2 COUNTRY 3 COUNTRY 4
OPERATIONAL THREAT: COUNTRY 1 CHANGES FROM A FRIENDLY COUNTRY TO A THREAT COUNTRY.
COUNTRY 2
COMPETITIVE THREAT: COUNTRY 2 USES TECHNOLOGY GAINED TO FURTHER ITS INDUSTRIAL BASE & GAIN MARKET SHARE.
TRANSFER CAPABILITY OR TECHNOLOGY OR BOTH
COUNTRY 3
PROLIFERATION THREAT : COUNTRY 3 INTENTIONALLY OR UNINTENTIONALLY RELEASES TECHNOLOGY, PROLIFERATION RESULTS IN THREAT COUNTRIES GAINING TECHNOLOGY.
COUNTRY 4
PRECEDENCE THREAT :
RELEASE TO COUNTRY 4 NECESSITATES RELEASE TO OTHER COUNTRIES RESULTING IN PROLIFERATION AND THREAT COUNTRIES GAINING TECHNOLOGY.
UNCLASSIFIED

8. PRC J F-16
Why we do what we do – proving a picture is worth a thousand words
UNCLASSIFIED

9. Commercial Tactical Response
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
Continue export vigilance- report not only “unusual” but rejected Domestic Sales – Every sale is an export i.e. know end users, all invoices have export controlled warning Accounting – alert to shipping destination payment origination discrepancies Active Measures – Prosecutions are nice. Disruption is Better!

10. Cyber Tactical Response
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
“Assume Breach” – Kirk Bailey, CISO UW
Buy In – “easy” things are hard i.e. update patches, change passwords, unknown = unopened
Clean machines whenever travel outside of US
Reverse firewalls
Compartmentalize – need to know = need to access; no need to know = no access

11. Insider Threat Tactical Response
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
“Mind the Gap” – emotional, social, financial changes
Anonymous reporting
Banners
Linear relationship between responsibility / access and transparency i.e. CEO, CEO Admin, Program Directors and Systems Administrators should be most transparent not only because could do most harm but more importantly avoids adversarial culture

12. Proactive Risk Mitigation
Sir Winston’s words serve not only as encouragement for this Herculean if not sissisphyian task but also hopefully reflect how we go about that task. I will briefly review the threat and then discuss the strategic and tactical methods we are implementing to address the threat, I would like to emphasize three key points. First and foremost this is truly a partnership at all levels both within the IC and academe. At the national level our Academic and Business Alliance Unit, led by Mr Mark Levett, works closely with university President’s and academic associations.. Similarly, our Critical National Asset Intelligence Community Coordination Unit, led by Mr Ric VanAntwerp, partners with Mr. Bryant’s NCIX CI directorate, DSS, OSI, NCIS, and the 902nd as well as CI groups within funding organizations such as IARPA and DARPA. The Counterintelligence Division’s commitment to doing its part to help protect DOD technology is reflected in the fact that these two units not only share a chain of command ( they are both part of the CI Domain Section led by Mr. Chris Woiwode) but actually occupy the same SCIF. It is no accident that the unit responsible for outreach to DOD’s CI community is co-located with our unit responsible for outreach to the scientist’s and engineers actually conducting DOD research. Similarly, at our Applied Physics Laboratory, we have a CI Working group consisting of service CI agencies, DSS CI, UW FSO, and the Deputy Director for Research and Development.
The second point I would like to emphasize is that this strategy of changing culture from the inside originated at both the national and local level within Academe. Dr Graham Spanier, President of Penn State, reached out to the Director of the FBI following 9/11 to see how our two cultures could learn to work better together. His initiative resulted in the formation of our National Security Higher Education Advisory Board and Academic Alliance program. Locally, the chairman of our faculty senate suggested that although our Academic Alliance program had made tremendous inroads on campus that if we truly wanted to understand the culture enough to change it that we would need to do what both the CIA and State Department did decades ago which was establish a Scholar-in-Residence program.
The third point I would like to emphasize at the outset is that although our SIR program shares the CIA and State Department program goals of increasing understanding and providing an IC resource to the academic community that we have designed it specifically to build relationships with the scientist’s conducting DOD research so that we can engage them as counterintelligence force multipliers.
Bottom line: our Scholar in Residence pilot project is a true partnership with the IC and Academe, the idea originated in Academe itself, and it’s purpose is to help protect DOD technology by creating a culture of proactive prevention. We recognize that a successful prosecution is a necessary but a priori failure because the technology is already gone.
Taxonomy of Risk
Reporting
Security Responsibility
Counterintelligence Responsibility
Corporate Responsibility
Individual Responsibility

13. Taxonomy of Risk Threat Vectors
Human (witting) + Technical – Inside (collection technology / hardware / software) = air gaps, specificity, targeting, justified access
Human – Inside (unwitting) + Technical
Technical - Outside
Human - Outside
Having reviewed the threat (I promised it would be brief) the question is how do we mitigate that threat. During the last two days, we have learned a tremendous amount about various means of technical collection. Moreover, we all know of tremendously successful nation state technical collections against us and that the days of the physical dead drop are long gone. Unquestionably, we as a nation must do everything in our power to mitigate this risk. With that said, I do not believe that it is a binary choice between human and technical collection. I would suggest this taxonomy in order to emphasize that while an efficient technical collection can gather far more information than any traditional operative making photocopies or photographs that the greatest threat is from a witting inside human orchestrating the technical collection. A human can use a myriad of devices to cross air gaps, can focus on key data to avoid tripwires of massive infiltration, and perhaps most importantly be viewed by network security as an insider who needs data.

14. Insider Threat – Greatest Challenge
Modern era – 2 greatest traitors, Ames and Hanson, worked for the CIA and FBI. Their success proves how difficult it is to deal with this threat.
Myriad of psychological, ethical, and sociological reasons prevent reporting of suspicious behavior
Given that taxonomy of risk and our adversaries ability to obtain classified information from secure facilities – why should we spend any time trying to change the culture of academia? Because today’s basic research is tomorrow’s compartmented technology.

15. National Industrial Security Program Operating Manual
Although it may not seem like it at times this culture truly is desirable not only from an advancement of science and humanity standpoint but also because of the fact that we often gain far more than we lose. To illustrate this point, I would like to take a moment and share one of my favorite examples– how we developed Stealth technology. Time precludes telling the whole story but the essentials are this: In 1975, the Soviet’s had 15 different types of surface to air missile systems some of which could reach an altitude of 125,000 feet and be tipped with small nuclear warheads and the we had two. Consequently, Lockheed’s skunk work engineers had reduced the radar aperture of the 108 ft 140,000 pound SR-71 to the size of a single engine propeller plane through composite materials. The problem was that it was believed that the laws of physics themselves precluded any further reduction and we had just witnessed two years earlier in the 1973 Yom Kippur War largely under trained and undisciplined Egyptian and Syrian troops used the Soviet SAMS to shoot down 108 of America’s most sophisticated aircraft flown by superbly trained and disciplined Israeli pilots. The fact was that if a plane could be seen by enough SAMs – it would be shot down even if it appeared to only be a single engine aircraft. Fortunately, Lockheed employed a young mathematician Denys Overholser, who was fascinated by geometry of electromagnetic radiation and who spent much of his time reading academic journals from around the world, including Russian mathematical journals. In 1975, Overholser found an article entitled “Methods of Edge Waves in the Theory of Physical Diffraction” by Pyotor Ufiimastev from the Russian Academy of Sciences. By revisiting Maxwell’s original equations Ufimistev developed a way to determine the radar cross sectional area of any two dimensional surface. Overholser told senior engineering manager Ben Rich that he could develop a computer program which could use Ufimistev’s work to calculate the smallest possible radar aperture for a plane. 3 Months later Overholser’s ECHO-1 did just that. Within a couple of years the Lockheed engineers used Ufimistev’s academic geometry paper to build a full scale prototype, test it with the most advanced radar, and allow Rich to go back to the Pentagon with a pocket full of 1/8th inch ball bearings, roll them across the table to the Air Force Generals and tell them “there’s your airplane” . In 1991 Lockheed's F117A Nighthawk flew 1270 missions in the first gulf war without a single plane being shot down. The irony is that Ufiimastev tried to convince his own military of the potential of his work and was ignored. The lesson is that the nation with the greatest capacity to take risk, disregard orthodoxy, and try crazy ideas will benefit most from open academic culture.
“The contractor shall promptly submit a written report to the nearest field office of the FBI, regarding information coming to the contractor’s attention concerning actual, probable, or possible espionage, or subversive activities at any of its locations. An initial report may be made by phone, but if must be followed in writing, regardless of the disposition made of the report by the FBI. A copy of the written report shall be provided to the CSA”
Chapter 1, Section 3, Paragraph 301

16. Risk Mitigation = Security Keeping the Adversary Out
Security is necessary but not sufficient – all the guns, gates, guards, badges, passwords, firewalls, and classification systems in the world will not defeat our adversaries
This is the Strategic Goal of our Scholar in Residence program. The benefit of this strategy is best seen in a recent event at our APL. At the secret level, one of our professors, who has become a friend, was recently contacted by the editors of Chinese Physics Letters to review an article by some HARI scientists doing research on littoral water range finding. This professor is one of the father’s of using the waveguide invariant for this application. The professor called the FSO, who notified our CI working groups comprised of DSS CI, NCIS, and us. In this particular case DSS put out the IIR, NCIS evaluated the threat from a navy perspective and because the professor considered me a friend, I was asked to speak to him. In talking to him I learned several interesting facts. First, we first became aware of this technique in the early 90’s when another academic attended a conference in Russia and learned from a Russian mathematician how to simplify the algorithm. Second the Navy quickly classified the application and asked the professor to not write anything about the simplification process which would have been helpful for marine life scientific experiments. Third in the last few years, the Russian who developed the simplification process published in open source oceanographic journals and now the technique is used by scientists performing oceanographic research. Consequently, he was not surprised that the HARI scientists were utilizing the technique. His question to me was how he should respond to the request for a pre-publication article review. The complexity in this situation was that, without going to a higher classification level, I will just say that it is important to us and our colleagues in the IC, for him to maintain as many positive relationships with foreign scientists as possible. Together we decided that he should review the article, give some constructive criticism and suggest ways to improve the English translation, but not point out a fairly significant gap in their understanding so that they remain behind in their development. Although it is difficult to construct metrics for proactive preventive measures like this, I hope this anecdote illustrates the benefits of a two-pronged approach between traditional CI partnerships and embedded friendships. What I love about this story is that not only did each member of the CI team bring their strengths to bear to prevent a loss of technology but also that we were able to do so while facilitating foreign collection as well

17. Risk Mitigation Counterintelligence Keeping the Adversary Close
Counterintelligence is necessary but not sufficient – all the threat and vulnerability assessments, understanding of motivations, and even active measure programs are not enough to defeat our adversaries
Tactical tenants:
You don’t have to be a physicist to become friends with a physicist. As a physician, I never went beyond calculus which to a physicist is equivalent to knowing your alphabet but being unable to spell let alone write HOWEVER by simply reading open source journals and showing interest I engage their desire to share their life’s work with someone who is interested
Cultures are changed by leaders and operators not support.
Reporting does not require proof rather simply provides a data point – do not allow them to feel responsible because if they do they will automatically go to beyond a reasonable doubt standard which for them is far higher than average juror.

18. Risk Mitigation = Corporate Responsibility
Ownership
Trust / Respect
Creativity
Meaning
Letting them know that even in organizations filled with reasonably bright, dedicated, and CI aware people, traitors can flourish for decades and value of outside perspective / information was key to identification

19. Risk Mitigation = Individual Responsibility
Security System + Counterintelligence Strategy + Corporate Responsibility + Individual Responsibility is necessary and sufficient
Ultimately no one can defend your house other than you

20. Special Agent, Seattle Division
Thank you
Greg Witkop, M.D.
Special Agent, Seattle Division
(206)
UNCLASSIFIED

21. Espionage Statutes 18 USC 794 – Espionage Statute
1 Transmittal National Defense Information To an Agent of a Foreign Power With Intent to Injure U.S. or Aid Foreign Power
50 USC Unauthorized Disclosure
A "Filler" Statute
1 U.S. Government Employee
2 Who Knowingly Transmits
3 Classified Information
4 To a Foreign National
Although they are certainly not 10 feet tall, armor plated chess masters – they are equally certainly neither foolish nor incompetent

22. Economic Espionage Act of 1996
Economic Espionage – 18 USC 1831
- “Economic espionage is (1) whoever knowingly performs targeting or acquisition of trade secrets to (2) knowingly benefit any foreign government, foreign instrumentality or foreign agent.”
Theft of Trade Secrets – 18 USC 1832
- Commonly called Industrial Espionage
- “Theft of trade secrets is (1) whoever knowingly performs targeting or acquisition of trade secrets or intends to convert a trade secret to (2) knowingly benefit anyone other than the owner.”
As I mentioned earlier, this is truly a partnership at all levels and between all responsible entities. Again it is no accident that our counterintelligence units responsible for partnering with DOD CI programs is co-located with the unit responsible for developing relationships with scientist conducting the research

23. Bayes Theorem
Given some phenomenon (A) that we want to know about, and an observation (X) that is evidence relating to A, Bayes’ theorem tells us how much we should update our knowledge of A, given the new evidence X
Gives a mathematical basis for belief i.e. probability