graduate school usa - security training newsletter - vol. 1 iss. 3
TRANSCRIPT
-
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
1/9
Security TrainingThe Newsletter for Security ProfessionalsSeptember 2013 Vol 1, Issue 3
Are you in compliance with NISPOMtraining requirements?
Change 1 to NISPOM requires your employees
to be trained every 2 years on the proper application
of derivative classification principles.
Stay Compliant withthe New NISPOM Requirements.
We can help you keep your team
up-to-date with two convenient courses:
Derivative Classification& Marking Requirements,a 2-hour briefing focusing on newly
required training, available on site by contract for groups of 10 or more; and Understanding
NISPOM Requirements, a 5-day open enrollment course available in your area.
21 Responsibilitiesas a Cleared Individual
A New Challenge for SecurityProfessionals - Cyber Citizens
Help Make Employees More ComfortaAbout Reporting Adverse Informatio
http://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335Dhttp://graduateschool.edu/search.php?searchtype=simple&action=search&searchterm=SRTY7335D -
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
2/9
21 Responsibilities as aCleared Individual
Ann Martic
Within the first six months of obtaining theposition of Contractor Security Officer (CSO)/Facility Security Officer (FSO) I faced a dilemmaneeded to prove that two individuals who were filling out their Questionnaires for National Security Positio
SF 86), now the e-QIP(Electronic Questionnaire for Investigative
Processing; The electronic form of the SF 86), had received notice in
previous briefings that using illegal drugs while holding a clearance
was a security violation not to mention against the law.
Management asked me to provide signed attendee lists from meetings
ttended and/or email distribution confirmations where the prior FSO
had provided briefings stating this was a security violation or adverse
nformation requiring a report. Both management and I remembered
uch briefings, but neither of us had documentation that such briefings
had been attended or read by these two specific individuals. Separately,
each claimed not to have previously seen the relevant questions on the SF 86 Question #23.1,
In the last seven (7) years, have you illegally used any drugs or controlled substances?
The SecurityNewsletter Front Page
A New Challenge for SecurityProfessionals - Cyber Citizens
Help Make Employees MoreComfortable About Reporting Adve
-
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
3/9
nd Question #23.3, Have youEVERillegally used or otherwise been involved with a drug or controlled
ubstance while possessing a security clearance other than previously listed?This resulted in my developing
single-page handout titled Your Responsibilities as a Cleared Individual.
went through all my briefing materials and the National Industrial Security Program Operating Manual
NISPOM) reporting requirements and originally generated a list of 19 responsibilities. Not only did I distribu
he single-page handout during refresher briefings, I also began giving it out as part of my initial briefing
package. Five years later, in another FSO position at a different company, I found a new responsibility to
dd Speak & Write English.
The back story is that we hired a nice young man who had been working in China teaching English as a seco
anguage. At first, it didnt seem like a big deal that he spoke to the cleaning crew in their native language.
Then I happened to catch sight of his tech logs, where he was taking notes in Chinese. How did I or anyone
else he worked with know what he was writing or saying? He could easily be accused of passing classifiednformation to either the cleaning crew or his Chinese messaging contact he listed on his SF 86. I gently
uggested he should speak and write English to avoid the presumption of espionage.
With the recent change to the NISPOM, Conforming Change 1, posted March 28th, I have added the
esponsibility to notify security before marking or re-marking classified documents due to the new Derivative
Classification marking training requirement. This last addition brings the number of responsibilities listed to
Remember that this list includes many of the reporting responsibilities, but is not all-inclusive. There may be
other responsibilities that you need to highlight for your specific staff or consultants.
1. Speak English Dont give others reason to wonder what you are saying or writing.
2. Practice anonymity Dont draw attention to yourself or your association with classified material.
Dont confirm nor deny.
3. Apply Need-To-Know principles when dealing with everybody those here at work and those
outside.
4. Refrain from confirming or denyingany knowledge of information relating to any article
referencing or identifying any projects or information you know to be classified or sensitive.
5. Promptly report any persistent attempts to gain information from you to Securityabout an
article, your work, and/or any classified information. Include name, address, and phone number (and
other relevant details) of questioner.
6. Report any continuing contact with foreign nationals to Securityother than casual, inadverte
or irregular contacts.
7. Report when a member of your immediate family or your spouses immediate family
takes up residence in a foreign countryor if you acquire foreign relatives through marriage.
8. Never leave classified material unattended always lock it up or return it to Security.
21 Responsibilities as a
Cleared Individual
-
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
4/9
9. Never reproduce classified documents until you have obtained
Securitys approval practice document control.
10. Notify Security or Document Control prior to marking/re-marking classified information. Ther
a new requirement for Derivative Classification training once every two years.
11. Never disclose, discuss, or work on classified material in public places(carpools, hotel lobbies
airplanes, trains, buses, etc.)
12. Never discuss classified information over the telephone- except over a secure phone.
13. Never transport classified materialunless you have been briefed (and approved) as a courier prio
each courier trip.
14. Do not store classified material in your desk drawer or your residence this is a serious
security violation.
15. Avoid subversive organizations.Make sure that the policies, stated aims, names of officers, sponso
and past history of organizations you are a member of or apply to for membership do not call for the
overthrow of the United States government.
16. Avoid participation in public activities of a conspicuously controversial nature,especially wh
such activities could focus undesirable attention upon you or your association with classified informat
17. Advise Security of any change in your personal status,including: marriage, cohabitation, divorc
or a legal name change.
18. Report any intent to marry a non-U.S. citizen.
19. Report any significant event,such as: Arrest; Convictions; Civil lawsuits involving allegations of
fraud; Deceit or misrepresentation against an individual; Change of address; Change of employment;
Garnishment of money or property; Charged with DUI, DWI, or use of illegal drugs; or Voluntary
admission to counseling for alcohol or drug use.
20. Notify Security at least forty-five days before travel outside of the United States(except for
Canada and Mexico report it within twenty-four hours of your return) so as to receive any defensive
security briefings before traveling.
21. Avoid illegal use and/or possession of drugsand other controlled substances.
About the Author
Ann Martickhas more than 20 years experience as a Facility Security Officer and eight years as a trainerspecializing in the areas of Personnel Security and JPAS and e-QIP. She is also currently an instructor atGraduate School USA.
21 Responsibilities as a
Cleared Individual
-
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
5/9
A New Challenge For Security Professionals
Cyber CitizensJohn Wall
According to DNIs Annual Intelligence Authorization
Report on Security Clearance Determinations for Fisca
Year 2010,there are 1,419,051 federal employees and
contractors holding Top Secret clearances.
Many, if not most, of these have access to Sensitive Compartmented
nformation or SCI. That means one is specifically read in on
particular intelligence projects or programs with an unusual level of
ensitivity.
All of these personnel must sign a Standard Form 312 Non-Disclosure
Agreement in which they agree to the following verbiage: Intending
o be legally bound, I hereby accept the obligations contained in this
Agreement in consideration of my being granted access to classified
nformation. I hereby agree that I will never divulge classified
nformation to anyone unless I have officially verified that the recipient
has been properly authorized by the United States Government to receive it. Access to SCI involves an
dditional oath and affirmation to properly protect and share the information to which an individual is give
21 Responsibilitiesas a Cleared Individual
The SecurityNewsletter Front Page
Help Make Employees More ComfortaAbout Reporting Adverse Informatio
-
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
6/9
ccess. Note that the words in our nondisclosure agreements do not grant authority to cleared personnel to
unilaterally decide what foreign intelligence collection the United States or its allies should or should not be
onducting and then disclose the parts he or she doesnt find palatable.
Current intelligence operations are totally dependent on Information Age networks, operating systems,
databases, and applications. Many of our older senior personnel do not have a clear understanding of the
ntricacies of these systems or how to access or manipulate data within them. However, our young informatio
echnology (IT) professionals do understand the cyber world and although many are junior personnel they
necessarily must have access to almost everything, and thus present a huge counterintelligence (CI) risk to se
management and security professionals.
Recent events show that we must prepare for a significantly more complicated CI challenge than we have
een in the past. Some of our young cleared employees who have grown up in the Internet age consider
hemselves to be less citizens of the United States and more citizens of the cyber world. Their ideals transcenhose of nation states. In the cyber domain, they are reachable and can be influenced by others who may no
have the interest of the United States as a priority. An excellent example of the ability of foreign interests to
each out and influence our people is the late American-born Imam Anwar al-Awlaki, whose teachings from
Yemen had a profound impact on the thinking of Major Nidal Hasan who was recently convicted of murderin
3 persons at Ft. Hood.
The recent (Spring 2013) incident involving the classified disclosures of Edward Snowden is not the first of
ts kind. Initially, there was Christopher Boyce, a young TRW contractor who in the mid-1970s had access to
echnical details of overhead surveillance satellites and passed this information to the Russians. Then Bradley
Manning, a young Army private with access to classified NATO war plans for Iraq and Afghanistan, passed th
nformation to the website WikiLeaks. Now we have Mr. Snowden, a 29-year-old contractor Infrastructure
Analyst with access to information relevant to NSA surveillance programs. What do they all have in commo
1) Top Secret SCI access. (2) Roles within the communications or IT departments (3) Stealing classified
nformation from their operations spaces because the activities offended their idealistic sense of justice. (4)
Need-to-Know principle fail?
Mr. Snowden has very publicly expressed his dismay with the extent of electronic surveillance carried out by t
U.S. government and is willingly violating his SF 312 and SCI oaths to right what he sees as ethically and mor
wrong. He and others who may think like him do not see themselves as traitors or involved in wrongdoings evidenced by his statement, I have no intention of hiding who I am because I know I have done nothing
wrong. His public remarks reveal a set of ideals that transcends allegiance to the United States. He says he d
what he did to protect the Internet freedom and basic liberties of people around the world. Snowden is n
raditional spy. If he was, it would be easy to understand his thinking and put him in a traditional category. H
s not a conventional threat and represents an emerging, more complicated challenge for our government a
orporations.
A New Challenge For Security Professionals
Cyber Citizens
-
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
7/9
We, as Security Personnel, must do more to educate our cleared personnel about the established avenues
such as the chain of command, hotlines, communication with intelligence committees and inspectors genera
hrough which one can discuss concerns about fraud, waste, abuse, and improper protection or use of classifi
nformation. Additionally, we must be alert for indicators that someone is involved in inappropriate behavioArmy Regulation 381-12 includes a list of incidents in which authorized users of government information
ystems may attempt to gain unauthorized access or attempt to circumvent security procedures or elevate th
ccess privileges without approval.
ome of these unusual work behavior indicators include:
Attempts to expand access to classified information by repeatedly volunteering for assignments or du
beyond the normal scope of responsibilities
Attempts to obtain information for which the person has no authorized access or need to know
Using copy, facsimile machines, document scanners, or other automated or digital equipment to
reproduce or transmit classified material which appears to exceed job requirements
Repeatedly performing non-required work outside of normal duty hours, especially if unaccompanied
Homesteading (requesting tour of duty extensions in one assignment or location), when the
assignment offers significant access to classified information
Manipulating, exploiting, or hacking government computer systems or local networks to gain
unauthorized access
o, security professionals are presented with a new challenge brought about by connectivity with the world
nd less workforce allegiance to one set of ideals and values. We have IT operators and analysts who must ha
extensive access to accomplish their duties and the mission. It is a new threat to our trade secrets, classified
nformation, and the security of our work environment. Of course, that is the challenge of doing security wo
dealing with emerging threats and finding innovative ways to protect our people, assets, and information.
About the Author
John Wallerhas 45+ years of experience in national security and intelligence matters bothin government and contractor service. He is currently an instructor at Graduate School USA.
A New Challenge For Security Professionals
Cyber Citizens
-
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
8/9
Help Make Employees More Comfortable About Reporting
Adverse InformationPaulette Hambl
Most of us would agree that the biggest threat to the
security of the classified information we hold in ourfacility is not our physical security. We have guards,gates, fences, cameras, locks, electronic access controls,passwords, etc. to keep out unauthorized persons.
Cases where an outside breach of physical security causes a compromise of classified information are rare.
Our biggest threat is the insider; those of us who have approved
ccess to classified information. With over 4.8 million persons holding
security clearance, security professionals have a clear challenge.Having employees who feel comfortable coming forth with adverse
nformation is a way they can contribute to protecting our warfighters.
We need a plan.
Review personnel security clearance holdings.Make sure the
level of personnel access matches the level of the contract
assignment. If there is one TOP SECRET contract requiring 10
TOP SECRET cleared personnel, then having 250 TOP SECRET cleared personnel should be reviewed
and administratively downgraded as needed. Explain to managers that eligibility remains available fo
21 Responsibilitiesas a Cleared Individual
A New Challenge for SecurityProfessionals - Cyber Citizens
The SecurityNewsletter Front Page
-
8/13/2019 Graduate School USA - Security Training newsletter - Vol. 1 Iss. 3
9/9
two years and can be reinstated immediately when there is a contractual/access requirement and the
employee has had no adverse information.
Educate.Employees need to know what they are looking for regarding adverse information. The
following are guidelines to help educate employees:
Definition of Adverse Information Any information that negatively reflects on the integrity or charact
of a cleared employee, that suggests that his or her ability to safeguard classified information may be
impaired or that his or her access to classified information clearly may not be in the interest of national
security.
Examples of Adverse Information Use of illegal drugs, excessive use of alcohol, wage garnishments
or other indications of financial instability, repeated instances of failing to follow established security
procedures, the unauthorized release of classified information and/or unauthorized access to classified
information systems, or other violations of information systems security requirements.
Remind.Remind employees of their responsibility to report adverse information more than just at the
once per year annual refresher briefing. Simple, short reminders within a security newsletter or em
are very effective. The use of recent espionage cases is always interesting to the reader. If reasons for
disclosure are revealed in the case, let the reader know.
Listen.Employees must feel comfortable coming to you with information. Dont judge the informatio
provided to you in front of the employee, even if it concerns another employee. Let them know
what they tell you will be held in confidence and that they wont hear their co-workers talking about
your conversation with them later on. Be a good listener and youll have more employees reporting
information after each briefing or newsletter article. If the information does not require reporting,thank the employee anyway. He or she will feel more comfortable reporting the next time.
mployees need to know they are an important part of the security team. Enlisting their help in reporting
s a good start.
About the Author
Paulette Hamblinhas more than 20 years of experience as a Facility Security Officer at defensecontractors in the Huntsville, Alabama area. She is also an instructor at Graduate School USA.
Help Make Employees More Comfortable About Reporting
Adverse Information