graduate school usa - security training newsletter - vol. 1 iss. 3

8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

1/9

Security TrainingThe Newsletter for Security ProfessionalsSeptember 2013 Vol 1, Issue 3

Are you in compliance with NISPOMtraining requirements?

Change 1 to NISPOM requires your employees

to be trained every 2 years on the proper application

of derivative classification principles.

Stay Compliant withthe New NISPOM Requirements.

We can help you keep your team

up-to-date with two convenient courses:

Derivative Classification& Marking Requirements,a 2-hour briefing focusing on newly

required training, available on site by contract for groups of 10 or more; and Understanding

NISPOM Requirements, a 5-day open enrollment course available in your area.

21 Responsibilitiesas a Cleared Individual

A New Challenge for SecurityProfessionals - Cyber Citizens

Help Make Employees More ComfortaAbout Reporting Adverse Informatio
http://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335D


2/9

21 Responsibilities as aCleared Individual

Ann Martic

Within the first six months of obtaining theposition of Contractor Security Officer (CSO)/Facility Security Officer (FSO) I faced a dilemmaneeded to prove that two individuals who were filling out their Questionnaires for National Security Positio

SF 86), now the e-QIP(Electronic Questionnaire for Investigative

Processing; The electronic form of the SF 86), had received notice in

previous briefings that using illegal drugs while holding a clearance

was a security violation not to mention against the law.

Management asked me to provide signed attendee lists from meetings

ttended and/or email distribution confirmations where the prior FSO

had provided briefings stating this was a security violation or adverse

nformation requiring a report. Both management and I remembered

uch briefings, but neither of us had documentation that such briefings

had been attended or read by these two specific individuals. Separately,

each claimed not to have previously seen the relevant questions on the SF 86 Question #23.1,

In the last seven (7) years, have you illegally used any drugs or controlled substances?

The SecurityNewsletter Front Page


Help Make Employees MoreComfortable About Reporting Adve


3/9

nd Question #23.3, Have youEVERillegally used or otherwise been involved with a drug or controlled

ubstance while possessing a security clearance other than previously listed?This resulted in my developing

single-page handout titled Your Responsibilities as a Cleared Individual.

went through all my briefing materials and the National Industrial Security Program Operating Manual

NISPOM) reporting requirements and originally generated a list of 19 responsibilities. Not only did I distribu

he single-page handout during refresher briefings, I also began giving it out as part of my initial briefing

package. Five years later, in another FSO position at a different company, I found a new responsibility to

dd Speak & Write English.

The back story is that we hired a nice young man who had been working in China teaching English as a seco

anguage. At first, it didnt seem like a big deal that he spoke to the cleaning crew in their native language.

Then I happened to catch sight of his tech logs, where he was taking notes in Chinese. How did I or anyone

else he worked with know what he was writing or saying? He could easily be accused of passing classifiednformation to either the cleaning crew or his Chinese messaging contact he listed on his SF 86. I gently

uggested he should speak and write English to avoid the presumption of espionage.

With the recent change to the NISPOM, Conforming Change 1, posted March 28th, I have added the

esponsibility to notify security before marking or re-marking classified documents due to the new Derivative

Classification marking training requirement. This last addition brings the number of responsibilities listed to

Remember that this list includes many of the reporting responsibilities, but is not all-inclusive. There may be

other responsibilities that you need to highlight for your specific staff or consultants.

1. Speak English Dont give others reason to wonder what you are saying or writing.

2. Practice anonymity Dont draw attention to yourself or your association with classified material.

Dont confirm nor deny.

3. Apply Need-To-Know principles when dealing with everybody those here at work and those

outside.

4. Refrain from confirming or denyingany knowledge of information relating to any article

referencing or identifying any projects or information you know to be classified or sensitive.

5. Promptly report any persistent attempts to gain information from you to Securityabout an

article, your work, and/or any classified information. Include name, address, and phone number (and

other relevant details) of questioner.

6. Report any continuing contact with foreign nationals to Securityother than casual, inadverte

or irregular contacts.

7. Report when a member of your immediate family or your spouses immediate family

takes up residence in a foreign countryor if you acquire foreign relatives through marriage.

8. Never leave classified material unattended always lock it up or return it to Security.

21 Responsibilities as a

Cleared Individual


4/9

9. Never reproduce classified documents until you have obtained

Securitys approval practice document control.

10. Notify Security or Document Control prior to marking/re-marking classified information. Ther

a new requirement for Derivative Classification training once every two years.

11. Never disclose, discuss, or work on classified material in public places(carpools, hotel lobbies

airplanes, trains, buses, etc.)

12. Never discuss classified information over the telephone- except over a secure phone.

13. Never transport classified materialunless you have been briefed (and approved) as a courier prio

each courier trip.

14. Do not store classified material in your desk drawer or your residence this is a serious

security violation.

15. Avoid subversive organizations.Make sure that the policies, stated aims, names of officers, sponso

and past history of organizations you are a member of or apply to for membership do not call for the

overthrow of the United States government.

16. Avoid participation in public activities of a conspicuously controversial nature,especially wh

such activities could focus undesirable attention upon you or your association with classified informat

17. Advise Security of any change in your personal status,including: marriage, cohabitation, divorc

or a legal name change.

18. Report any intent to marry a non-U.S. citizen.

19. Report any significant event,such as: Arrest; Convictions; Civil lawsuits involving allegations of

fraud; Deceit or misrepresentation against an individual; Change of address; Change of employment;

Garnishment of money or property; Charged with DUI, DWI, or use of illegal drugs; or Voluntary

admission to counseling for alcohol or drug use.

20. Notify Security at least forty-five days before travel outside of the United States(except for

Canada and Mexico report it within twenty-four hours of your return) so as to receive any defensive

security briefings before traveling.

21. Avoid illegal use and/or possession of drugsand other controlled substances.

About the Author

Ann Martickhas more than 20 years experience as a Facility Security Officer and eight years as a trainerspecializing in the areas of Personnel Security and JPAS and e-QIP. She is also currently an instructor atGraduate School USA.

21 Responsibilities as a

Cleared Individual


5/9

A New Challenge For Security Professionals

Cyber CitizensJohn Wall

According to DNIs Annual Intelligence Authorization

Report on Security Clearance Determinations for Fisca

Year 2010,there are 1,419,051 federal employees and

contractors holding Top Secret clearances.

Many, if not most, of these have access to Sensitive Compartmented

nformation or SCI. That means one is specifically read in on

particular intelligence projects or programs with an unusual level of

ensitivity.

All of these personnel must sign a Standard Form 312 Non-Disclosure

Agreement in which they agree to the following verbiage: Intending

o be legally bound, I hereby accept the obligations contained in this

Agreement in consideration of my being granted access to classified

nformation. I hereby agree that I will never divulge classified

nformation to anyone unless I have officially verified that the recipient

has been properly authorized by the United States Government to receive it. Access to SCI involves an

dditional oath and affirmation to properly protect and share the information to which an individual is give



Help Make Employees More ComfortaAbout Reporting Adverse Informatio


6/9

ccess. Note that the words in our nondisclosure agreements do not grant authority to cleared personnel to

unilaterally decide what foreign intelligence collection the United States or its allies should or should not be

onducting and then disclose the parts he or she doesnt find palatable.

Current intelligence operations are totally dependent on Information Age networks, operating systems,

databases, and applications. Many of our older senior personnel do not have a clear understanding of the

ntricacies of these systems or how to access or manipulate data within them. However, our young informatio

echnology (IT) professionals do understand the cyber world and although many are junior personnel they

necessarily must have access to almost everything, and thus present a huge counterintelligence (CI) risk to se

management and security professionals.

Recent events show that we must prepare for a significantly more complicated CI challenge than we have

een in the past. Some of our young cleared employees who have grown up in the Internet age consider

hemselves to be less citizens of the United States and more citizens of the cyber world. Their ideals transcenhose of nation states. In the cyber domain, they are reachable and can be influenced by others who may no

have the interest of the United States as a priority. An excellent example of the ability of foreign interests to

each out and influence our people is the late American-born Imam Anwar al-Awlaki, whose teachings from

Yemen had a profound impact on the thinking of Major Nidal Hasan who was recently convicted of murderin

3 persons at Ft. Hood.

The recent (Spring 2013) incident involving the classified disclosures of Edward Snowden is not the first of

ts kind. Initially, there was Christopher Boyce, a young TRW contractor who in the mid-1970s had access to

echnical details of overhead surveillance satellites and passed this information to the Russians. Then Bradley

Manning, a young Army private with access to classified NATO war plans for Iraq and Afghanistan, passed th

nformation to the website WikiLeaks. Now we have Mr. Snowden, a 29-year-old contractor Infrastructure

Analyst with access to information relevant to NSA surveillance programs. What do they all have in commo

1) Top Secret SCI access. (2) Roles within the communications or IT departments (3) Stealing classified

nformation from their operations spaces because the activities offended their idealistic sense of justice. (4)

Need-to-Know principle fail?

Mr. Snowden has very publicly expressed his dismay with the extent of electronic surveillance carried out by t

U.S. government and is willingly violating his SF 312 and SCI oaths to right what he sees as ethically and mor

wrong. He and others who may think like him do not see themselves as traitors or involved in wrongdoings evidenced by his statement, I have no intention of hiding who I am because I know I have done nothing

wrong. His public remarks reveal a set of ideals that transcends allegiance to the United States. He says he d

what he did to protect the Internet freedom and basic liberties of people around the world. Snowden is n

raditional spy. If he was, it would be easy to understand his thinking and put him in a traditional category. H

s not a conventional threat and represents an emerging, more complicated challenge for our government a

orporations.


Cyber Citizens


7/9

We, as Security Personnel, must do more to educate our cleared personnel about the established avenues

such as the chain of command, hotlines, communication with intelligence committees and inspectors genera

hrough which one can discuss concerns about fraud, waste, abuse, and improper protection or use of classifi

nformation. Additionally, we must be alert for indicators that someone is involved in inappropriate behavioArmy Regulation 381-12 includes a list of incidents in which authorized users of government information

ystems may attempt to gain unauthorized access or attempt to circumvent security procedures or elevate th

ccess privileges without approval.

ome of these unusual work behavior indicators include:

Attempts to expand access to classified information by repeatedly volunteering for assignments or du

beyond the normal scope of responsibilities

Attempts to obtain information for which the person has no authorized access or need to know

Using copy, facsimile machines, document scanners, or other automated or digital equipment to

reproduce or transmit classified material which appears to exceed job requirements

Repeatedly performing non-required work outside of normal duty hours, especially if unaccompanied

Homesteading (requesting tour of duty extensions in one assignment or location), when the

assignment offers significant access to classified information

Manipulating, exploiting, or hacking government computer systems or local networks to gain

unauthorized access

o, security professionals are presented with a new challenge brought about by connectivity with the world

nd less workforce allegiance to one set of ideals and values. We have IT operators and analysts who must ha

extensive access to accomplish their duties and the mission. It is a new threat to our trade secrets, classified

nformation, and the security of our work environment. Of course, that is the challenge of doing security wo

dealing with emerging threats and finding innovative ways to protect our people, assets, and information.

About the Author

John Wallerhas 45+ years of experience in national security and intelligence matters bothin government and contractor service. He is currently an instructor at Graduate School USA.


Cyber Citizens


8/9

Help Make Employees More Comfortable About Reporting

Adverse InformationPaulette Hambl

Most of us would agree that the biggest threat to the

security of the classified information we hold in ourfacility is not our physical security. We have guards,gates, fences, cameras, locks, electronic access controls,passwords, etc. to keep out unauthorized persons.

Cases where an outside breach of physical security causes a compromise of classified information are rare.

Our biggest threat is the insider; those of us who have approved

ccess to classified information. With over 4.8 million persons holding

security clearance, security professionals have a clear challenge.Having employees who feel comfortable coming forth with adverse

nformation is a way they can contribute to protecting our warfighters.

We need a plan.

Review personnel security clearance holdings.Make sure the

level of personnel access matches the level of the contract

assignment. If there is one TOP SECRET contract requiring 10

TOP SECRET cleared personnel, then having 250 TOP SECRET cleared personnel should be reviewed

and administratively downgraded as needed. Explain to managers that eligibility remains available fo





9/9

two years and can be reinstated immediately when there is a contractual/access requirement and the

employee has had no adverse information.

Educate.Employees need to know what they are looking for regarding adverse information. The

following are guidelines to help educate employees:

Definition of Adverse Information Any information that negatively reflects on the integrity or charact

of a cleared employee, that suggests that his or her ability to safeguard classified information may be

impaired or that his or her access to classified information clearly may not be in the interest of national

security.

Examples of Adverse Information Use of illegal drugs, excessive use of alcohol, wage garnishments

or other indications of financial instability, repeated instances of failing to follow established security

procedures, the unauthorized release of classified information and/or unauthorized access to classified

information systems, or other violations of information systems security requirements.

Remind.Remind employees of their responsibility to report adverse information more than just at the

once per year annual refresher briefing. Simple, short reminders within a security newsletter or em

are very effective. The use of recent espionage cases is always interesting to the reader. If reasons for

disclosure are revealed in the case, let the reader know.

Listen.Employees must feel comfortable coming to you with information. Dont judge the informatio

provided to you in front of the employee, even if it concerns another employee. Let them know

what they tell you will be held in confidence and that they wont hear their co-workers talking about

your conversation with them later on. Be a good listener and youll have more employees reporting

information after each briefing or newsletter article. If the information does not require reporting,thank the employee anyway. He or she will feel more comfortable reporting the next time.

mployees need to know they are an important part of the security team. Enlisting their help in reporting

s a good start.

About the Author

Paulette Hamblinhas more than 20 years of experience as a Facility Security Officer at defensecontractors in the Huntsville, Alabama area. She is also an instructor at Graduate School USA.

Help Make Employees More Comfortable About Reporting

Adverse Information

graduate school usa - security training newsletter - vol. 1 iss. 3

Documents