Cleared Employee Security Training For Possessing Facilities Published by Red Bike Publishing, LLC For use by individual purchasing and for conducting corporate training presentations. Not for resale or commercial purposes. All rights reserved except for those produced by the NISPOM Images are either the author’s or purchased from dreamstime.com 2016
SECURITY BRIEFING This presentation includes the following as required by NISPOM. Each will be addressed sequentially, but can be accessed by hyperlink: Threat Awareness Security Briefing Including Insider Threat Counterintelligence Awareness Briefing Overview Of The Security Classification System Employee Reporting Obligations And Requirements, Including Insider Threat Cybersecurity awareness training for all authorized IS users Security Procedures And Duties Applicable To The Employee's Job Bonus material This presentation fulfills the requirements for the initial security briefing and refresher training for all cleared employees as addressed in the National Industrial Security Program Operating Manual (NISPOM).
SECURITY BRIEFING Threat Awareness Security Briefing Including Insider Threat Counterintelligence Awareness Briefing Overview Of The Security Classification System Employee Reporting Obligations And Requirements, Including Insider Threat Cybersecurity awareness training for all authorized IS users Security Procedures And Duties Applicable To The Employee's Job Bonus material This presentation fulfills the requirements for the initial security briefing and refresher training for all cleared employees as addressed in the National Industrial Security Program Operating Manual (NISPOM).
Threat Awareness Security Briefing Contents Insider threat definition Threat Awareness training Methods of contact and recruitment Recommended countermeasures Cleared employees should be aware of their responsibilities to protect all employees, products, customers and those we do business with.
Insider Threat Training Definitions Insider - Cleared contractor personnel with authorized access to any Government or contractor resource, including personnel, facilities, information, equipment, networks, and systems. They may have some or all of the following characteristics: Authorized access Appropriate security clearance Need to Know But first some definitions. For NISPOM mandated Insider Threat Program (ITP) purposes this training covers those trusted employees and with authorization to access classified information. These trusted employees have access, need to know, and authorization to work within our facilities and on our contracts.
Insider Threat Training Definitions Insider Threat - The likelihood, risk, or potential that an insider will use his or her authorized access, wittingly or unwittingly, to do harm to the national security of the United States. Insider threats may bring: Harm to contractor Harm to program information Insider threats impact the contractor or agency’s obligations to protect classified national security information Because of the authorized access to classified information an insider can cause accidental and malicious damage to national security that may not otherwise be easily detected. For the purposes of this briefing the Insider threat focuses on threat to national security
Insider Threat Training All Cleared Employees Requirements PRIOR to the recent changes to NISPOM: The FSO provided initial security training and annual refresher training The holder of classified information validated an employee’s access (clearance level) and need to know ADDITIONAL Requirements AFTER the NISPOM updates: The FSO demonstrates that cleared employees have completed insider threat awareness training before being granted access to classified information, and annually thereafter While the insider threat training for all cleared employees is a new requirement, the training topics are similar to topics that have already been addressed in past NISPOM and security awareness training. Insider threat training can be conducted in concert with existing training or stand alone Once training is conducted, the FSO or designated trainer should document the training, take the attendee names and make information available for the next DSS security review. The section addresses some of the “all cleared employee” training requirement
Insider Threat Training Why Our Technology Research and development is an expensive endeavor. It is much cheaper to acquire technology through reverse engineering, requests for information or theft While it is illegal to provide any export to some countries; adversaries may try to circumvent laws with implementing creative methods of obtaining what they need. Some products seem to have commercial application, but they may appeal to a dual use possibilities Here are some more obvious reasons and adversary may find espionage a more lucrative endeavor to breaching a technology gap.
Insider Threat Training Protecting All Information Classified GSA approved container Vault SCIF UNCLASSIFIED Restrict emailing or faxing Develop a destruction policy Everyone has a right to privacy, respect that right Protect your business to the fullest Enforce Need to Know Remember the old saying, “none of your business?” A program of enforcing need know provides robust security and addresses threats to both classified and unclassified information. Need to know is a discipline that provides a significant level of protection. Not everyone with a SECRET clearance is authorized access to all SECRET information-Need to know. Not every employee needs access to financial records-Need to know. Obtaining authorization to receive classified information requires access, need to know, security awareness training and insider threat training. Access to sensitive and unclassified information requires need to know.
Before you release it….Review it. Protecting All Information Identify and Review All Information Before Releasing Accident Ignorance Malicious Intent Provides a frame of reference for: OPSEC Reviews Press Releases Patents Brochures and Presentations Email Filters Identify any controlled information in produced raw data (reports, brochures, test result, etc.) Be sure to identify all information that is sensitive. Sometimes to answer isn’t always obvious and requires analhysis. SELDOM (if ever!!) does a security classification guide (SCG), OPSEC plan, etc. provide guidance on how to review publications, speeches, presentations, and other forms of communications for words or phrases that can lead to an ITAR violation or security compromise. If you aren’t handed the guidance, work to develop it!! Before you release it….Review it.
Data Rights, IP, PI, Patents, Trade Secrets Review Information Know What’s Important Foundational Guidelines Info Protection Guide DD 254, SCG, Markings OPSEC Plan Data Rights, IP, PI, Patents, Trade Secrets MCTL, E.O. 13556, DODM 5200.01, ITAR Who Reviews What To Review Techie IP, classified, OPSEC, ITAR PM OPSEC OPSEC indicators FSO Classified, ITAR, Legal ITAR, PI, Trade Secret While your security team understands NISPOM briefings, phishing scams, defensive briefings, CI and etc, there is so much more we can assist with. FSOs have skills that can be directed toward protecting company intellectual property, proprietary information, ITAR information and other raw data. Work together to identify what is sensitive, who to allow access, and how to protect it. Develop Public release process to address insider accidental, ignorance based, or malicious release of sensitive information FSOs train on derivative classifier responsibilities that can be applied to develop similar process for unclassified ITAR, IP, PI, and trade secrets Develop process for identifying, marking, storing, and transmitting such information What about yours? Review everything before releasing it Staff for signatures, have enterprise own the process Develop communications strategy for discussing information for presentation, press release, contract bids, and statements of work without releasing intimate details