graduate school usa - security training newsletter - vol. 1 iss. 3

Upload: peter-j-moran

Post on 03-Jun-2018

220 views

Category:

Documents


0 download

TRANSCRIPT

  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    1/9

    Security TrainingThe Newsletter for Security ProfessionalsSeptember 2013 Vol 1, Issue 3

    Are you in compliance with NISPOMtraining requirements?

    Change 1 to NISPOM requires your employees

    to be trained every 2 years on the proper application

    of derivative classification principles.

    Stay Compliant withthe New NISPOM Requirements.

    We can help you keep your team

    up-to-date with two convenient courses:

    Derivative Classification& Marking Requirements,a 2-hour briefing focusing on newly

    required training, available on site by contract for groups of 10 or more; and Understanding

    NISPOM Requirements, a 5-day open enrollment course available in your area.

    21 Responsibilitiesas a Cleared Individual

    A New Challenge for SecurityProfessionals - Cyber Citizens

    Help Make Employees More ComfortaAbout Reporting Adverse Informatio

    http://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335D
  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    2/9

    21 Responsibilities as aCleared Individual

    Ann Martic

    Within the first six months of obtaining theposition of Contractor Security Officer (CSO)/Facility Security Officer (FSO) I faced a dilemmaneeded to prove that two individuals who were filling out their Questionnaires for National Security Positio

    SF 86), now the e-QIP(Electronic Questionnaire for Investigative

    Processing; The electronic form of the SF 86), had received notice in

    previous briefings that using illegal drugs while holding a clearance

    was a security violation not to mention against the law.

    Management asked me to provide signed attendee lists from meetings

    ttended and/or email distribution confirmations where the prior FSO

    had provided briefings stating this was a security violation or adverse

    nformation requiring a report. Both management and I remembered

    uch briefings, but neither of us had documentation that such briefings

    had been attended or read by these two specific individuals. Separately,

    each claimed not to have previously seen the relevant questions on the SF 86 Question #23.1,

    In the last seven (7) years, have you illegally used any drugs or controlled substances?

    The SecurityNewsletter Front Page

    A New Challenge for SecurityProfessionals - Cyber Citizens

    Help Make Employees MoreComfortable About Reporting Adve

  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    3/9

    nd Question #23.3, Have youEVERillegally used or otherwise been involved with a drug or controlled

    ubstance while possessing a security clearance other than previously listed?This resulted in my developing

    single-page handout titled Your Responsibilities as a Cleared Individual.

    went through all my briefing materials and the National Industrial Security Program Operating Manual

    NISPOM) reporting requirements and originally generated a list of 19 responsibilities. Not only did I distribu

    he single-page handout during refresher briefings, I also began giving it out as part of my initial briefing

    package. Five years later, in another FSO position at a different company, I found a new responsibility to

    dd Speak & Write English.

    The back story is that we hired a nice young man who had been working in China teaching English as a seco

    anguage. At first, it didnt seem like a big deal that he spoke to the cleaning crew in their native language.

    Then I happened to catch sight of his tech logs, where he was taking notes in Chinese. How did I or anyone

    else he worked with know what he was writing or saying? He could easily be accused of passing classifiednformation to either the cleaning crew or his Chinese messaging contact he listed on his SF 86. I gently

    uggested he should speak and write English to avoid the presumption of espionage.

    With the recent change to the NISPOM, Conforming Change 1, posted March 28th, I have added the

    esponsibility to notify security before marking or re-marking classified documents due to the new Derivative

    Classification marking training requirement. This last addition brings the number of responsibilities listed to

    Remember that this list includes many of the reporting responsibilities, but is not all-inclusive. There may be

    other responsibilities that you need to highlight for your specific staff or consultants.

    1. Speak English Dont give others reason to wonder what you are saying or writing.

    2. Practice anonymity Dont draw attention to yourself or your association with classified material.

    Dont confirm nor deny.

    3. Apply Need-To-Know principles when dealing with everybody those here at work and those

    outside.

    4. Refrain from confirming or denyingany knowledge of information relating to any article

    referencing or identifying any projects or information you know to be classified or sensitive.

    5. Promptly report any persistent attempts to gain information from you to Securityabout an

    article, your work, and/or any classified information. Include name, address, and phone number (and

    other relevant details) of questioner.

    6. Report any continuing contact with foreign nationals to Securityother than casual, inadverte

    or irregular contacts.

    7. Report when a member of your immediate family or your spouses immediate family

    takes up residence in a foreign countryor if you acquire foreign relatives through marriage.

    8. Never leave classified material unattended always lock it up or return it to Security.

    21 Responsibilities as a

    Cleared Individual

  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    4/9

    9. Never reproduce classified documents until you have obtained

    Securitys approval practice document control.

    10. Notify Security or Document Control prior to marking/re-marking classified information. Ther

    a new requirement for Derivative Classification training once every two years.

    11. Never disclose, discuss, or work on classified material in public places(carpools, hotel lobbies

    airplanes, trains, buses, etc.)

    12. Never discuss classified information over the telephone- except over a secure phone.

    13. Never transport classified materialunless you have been briefed (and approved) as a courier prio

    each courier trip.

    14. Do not store classified material in your desk drawer or your residence this is a serious

    security violation.

    15. Avoid subversive organizations.Make sure that the policies, stated aims, names of officers, sponso

    and past history of organizations you are a member of or apply to for membership do not call for the

    overthrow of the United States government.

    16. Avoid participation in public activities of a conspicuously controversial nature,especially wh

    such activities could focus undesirable attention upon you or your association with classified informat

    17. Advise Security of any change in your personal status,including: marriage, cohabitation, divorc

    or a legal name change.

    18. Report any intent to marry a non-U.S. citizen.

    19. Report any significant event,such as: Arrest; Convictions; Civil lawsuits involving allegations of

    fraud; Deceit or misrepresentation against an individual; Change of address; Change of employment;

    Garnishment of money or property; Charged with DUI, DWI, or use of illegal drugs; or Voluntary

    admission to counseling for alcohol or drug use.

    20. Notify Security at least forty-five days before travel outside of the United States(except for

    Canada and Mexico report it within twenty-four hours of your return) so as to receive any defensive

    security briefings before traveling.

    21. Avoid illegal use and/or possession of drugsand other controlled substances.

    About the Author

    Ann Martickhas more than 20 years experience as a Facility Security Officer and eight years as a trainerspecializing in the areas of Personnel Security and JPAS and e-QIP. She is also currently an instructor atGraduate School USA.

    21 Responsibilities as a

    Cleared Individual

  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    5/9

    A New Challenge For Security Professionals

    Cyber CitizensJohn Wall

    According to DNIs Annual Intelligence Authorization

    Report on Security Clearance Determinations for Fisca

    Year 2010,there are 1,419,051 federal employees and

    contractors holding Top Secret clearances.

    Many, if not most, of these have access to Sensitive Compartmented

    nformation or SCI. That means one is specifically read in on

    particular intelligence projects or programs with an unusual level of

    ensitivity.

    All of these personnel must sign a Standard Form 312 Non-Disclosure

    Agreement in which they agree to the following verbiage: Intending

    o be legally bound, I hereby accept the obligations contained in this

    Agreement in consideration of my being granted access to classified

    nformation. I hereby agree that I will never divulge classified

    nformation to anyone unless I have officially verified that the recipient

    has been properly authorized by the United States Government to receive it. Access to SCI involves an

    dditional oath and affirmation to properly protect and share the information to which an individual is give

    21 Responsibilitiesas a Cleared Individual

    The SecurityNewsletter Front Page

    Help Make Employees More ComfortaAbout Reporting Adverse Informatio

  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    6/9

    ccess. Note that the words in our nondisclosure agreements do not grant authority to cleared personnel to

    unilaterally decide what foreign intelligence collection the United States or its allies should or should not be

    onducting and then disclose the parts he or she doesnt find palatable.

    Current intelligence operations are totally dependent on Information Age networks, operating systems,

    databases, and applications. Many of our older senior personnel do not have a clear understanding of the

    ntricacies of these systems or how to access or manipulate data within them. However, our young informatio

    echnology (IT) professionals do understand the cyber world and although many are junior personnel they

    necessarily must have access to almost everything, and thus present a huge counterintelligence (CI) risk to se

    management and security professionals.

    Recent events show that we must prepare for a significantly more complicated CI challenge than we have

    een in the past. Some of our young cleared employees who have grown up in the Internet age consider

    hemselves to be less citizens of the United States and more citizens of the cyber world. Their ideals transcenhose of nation states. In the cyber domain, they are reachable and can be influenced by others who may no

    have the interest of the United States as a priority. An excellent example of the ability of foreign interests to

    each out and influence our people is the late American-born Imam Anwar al-Awlaki, whose teachings from

    Yemen had a profound impact on the thinking of Major Nidal Hasan who was recently convicted of murderin

    3 persons at Ft. Hood.

    The recent (Spring 2013) incident involving the classified disclosures of Edward Snowden is not the first of

    ts kind. Initially, there was Christopher Boyce, a young TRW contractor who in the mid-1970s had access to

    echnical details of overhead surveillance satellites and passed this information to the Russians. Then Bradley

    Manning, a young Army private with access to classified NATO war plans for Iraq and Afghanistan, passed th

    nformation to the website WikiLeaks. Now we have Mr. Snowden, a 29-year-old contractor Infrastructure

    Analyst with access to information relevant to NSA surveillance programs. What do they all have in commo

    1) Top Secret SCI access. (2) Roles within the communications or IT departments (3) Stealing classified

    nformation from their operations spaces because the activities offended their idealistic sense of justice. (4)

    Need-to-Know principle fail?

    Mr. Snowden has very publicly expressed his dismay with the extent of electronic surveillance carried out by t

    U.S. government and is willingly violating his SF 312 and SCI oaths to right what he sees as ethically and mor

    wrong. He and others who may think like him do not see themselves as traitors or involved in wrongdoings evidenced by his statement, I have no intention of hiding who I am because I know I have done nothing

    wrong. His public remarks reveal a set of ideals that transcends allegiance to the United States. He says he d

    what he did to protect the Internet freedom and basic liberties of people around the world. Snowden is n

    raditional spy. If he was, it would be easy to understand his thinking and put him in a traditional category. H

    s not a conventional threat and represents an emerging, more complicated challenge for our government a

    orporations.

    A New Challenge For Security Professionals

    Cyber Citizens

  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    7/9

    We, as Security Personnel, must do more to educate our cleared personnel about the established avenues

    such as the chain of command, hotlines, communication with intelligence committees and inspectors genera

    hrough which one can discuss concerns about fraud, waste, abuse, and improper protection or use of classifi

    nformation. Additionally, we must be alert for indicators that someone is involved in inappropriate behavioArmy Regulation 381-12 includes a list of incidents in which authorized users of government information

    ystems may attempt to gain unauthorized access or attempt to circumvent security procedures or elevate th

    ccess privileges without approval.

    ome of these unusual work behavior indicators include:

    Attempts to expand access to classified information by repeatedly volunteering for assignments or du

    beyond the normal scope of responsibilities

    Attempts to obtain information for which the person has no authorized access or need to know

    Using copy, facsimile machines, document scanners, or other automated or digital equipment to

    reproduce or transmit classified material which appears to exceed job requirements

    Repeatedly performing non-required work outside of normal duty hours, especially if unaccompanied

    Homesteading (requesting tour of duty extensions in one assignment or location), when the

    assignment offers significant access to classified information

    Manipulating, exploiting, or hacking government computer systems or local networks to gain

    unauthorized access

    o, security professionals are presented with a new challenge brought about by connectivity with the world

    nd less workforce allegiance to one set of ideals and values. We have IT operators and analysts who must ha

    extensive access to accomplish their duties and the mission. It is a new threat to our trade secrets, classified

    nformation, and the security of our work environment. Of course, that is the challenge of doing security wo

    dealing with emerging threats and finding innovative ways to protect our people, assets, and information.

    About the Author

    John Wallerhas 45+ years of experience in national security and intelligence matters bothin government and contractor service. He is currently an instructor at Graduate School USA.

    A New Challenge For Security Professionals

    Cyber Citizens

  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    8/9

    Help Make Employees More Comfortable About Reporting

    Adverse InformationPaulette Hambl

    Most of us would agree that the biggest threat to the

    security of the classified information we hold in ourfacility is not our physical security. We have guards,gates, fences, cameras, locks, electronic access controls,passwords, etc. to keep out unauthorized persons.

    Cases where an outside breach of physical security causes a compromise of classified information are rare.

    Our biggest threat is the insider; those of us who have approved

    ccess to classified information. With over 4.8 million persons holding

    security clearance, security professionals have a clear challenge.Having employees who feel comfortable coming forth with adverse

    nformation is a way they can contribute to protecting our warfighters.

    We need a plan.

    Review personnel security clearance holdings.Make sure the

    level of personnel access matches the level of the contract

    assignment. If there is one TOP SECRET contract requiring 10

    TOP SECRET cleared personnel, then having 250 TOP SECRET cleared personnel should be reviewed

    and administratively downgraded as needed. Explain to managers that eligibility remains available fo

    21 Responsibilitiesas a Cleared Individual

    A New Challenge for SecurityProfessionals - Cyber Citizens

    The SecurityNewsletter Front Page

  • 8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3

    9/9

    two years and can be reinstated immediately when there is a contractual/access requirement and the

    employee has had no adverse information.

    Educate.Employees need to know what they are looking for regarding adverse information. The

    following are guidelines to help educate employees:

    Definition of Adverse Information Any information that negatively reflects on the integrity or charact

    of a cleared employee, that suggests that his or her ability to safeguard classified information may be

    impaired or that his or her access to classified information clearly may not be in the interest of national

    security.

    Examples of Adverse Information Use of illegal drugs, excessive use of alcohol, wage garnishments

    or other indications of financial instability, repeated instances of failing to follow established security

    procedures, the unauthorized release of classified information and/or unauthorized access to classified

    information systems, or other violations of information systems security requirements.

    Remind.Remind employees of their responsibility to report adverse information more than just at the

    once per year annual refresher briefing. Simple, short reminders within a security newsletter or em

    are very effective. The use of recent espionage cases is always interesting to the reader. If reasons for

    disclosure are revealed in the case, let the reader know.

    Listen.Employees must feel comfortable coming to you with information. Dont judge the informatio

    provided to you in front of the employee, even if it concerns another employee. Let them know

    what they tell you will be held in confidence and that they wont hear their co-workers talking about

    your conversation with them later on. Be a good listener and youll have more employees reporting

    information after each briefing or newsletter article. If the information does not require reporting,thank the employee anyway. He or she will feel more comfortable reporting the next time.

    mployees need to know they are an important part of the security team. Enlisting their help in reporting

    s a good start.

    About the Author

    Paulette Hamblinhas more than 20 years of experience as a Facility Security Officer at defensecontractors in the Huntsville, Alabama area. She is also an instructor at Graduate School USA.

    Help Make Employees More Comfortable About Reporting

    Adverse Information