Presentation is loading. Please wait.

Presentation is loading. Please wait.

Civil Air Patrol Advanced Communications User Training

Published byDorcas Scott Modified over 5 years ago

Similar presentations

Presentation on theme: "Civil Air Patrol Advanced Communications User Training"— Presentation transcript:

1 Civil Air Patrol Advanced Communications User Training
28 Oct 97 January 2019 Communications Webinar LtCol David Rudawitz Director of Communications Oregon Wing Communications - Voice of Command Capt Derrell Lipman

2 Civil Air Patrol Advanced Communications User Training
28 Oct 97 Topics Communications and Operations Security ORWG January 2019 Communications Webinar Capt Derrell Lipman

3 COMSEC & OPSEC LtCol Ed Wolff CAP/DOKS 22-23 August 2018 Anaheim, CA
Civil Air Patrol COMSEC & OPSEC LtCol Ed Wolff CAP/DOKS August 2018 Anaheim, CA UNCLASSIFIED One Civil Air Patrol, excelling in service to our nation and our members!

4 “Traditional” security programs
Personnel Security Personally Identifiable Information Names, telephone numbers, addresses, call signs Physical Security Security of repeater sites Security of radio equipment Communications Security Using encryption on VHF Using off line encryption Information Security Encrypting files posted to the internet Using password protected, member access web sites as compared to public facing sites

5 OPSEC Program 18 August 2017 CAP OPSEC Officer and Asst OPSEC Officer Appointed LtCol Ed Wolff, HQ OPSEC Officer LtCol Brian Falvey, HQ Asst OPSEC Officer Approved to establish joint CAP-USAF OPSEC Working Group with HQ CAP-USAF Initial Critical Information List (CIL) developed CAP-USAF staff assignment to OPSEC WG pending

6 Do we need a security program?
XX Wing- PDF file that provides calls signs X Region Communications Guidebook providing calls signs XX Wing- Communications Exercise Plan with names, phone numbers, call signs, etc. XX Region- CW15 Exercise Plan XX Wing- Call sign list document XX Wing- Call sign list XX Wing- Call signs on web page XX Region- Call sign list

7 When should OPSEC be used?
Communications Training Exercises Communications Plans and Standard Operating Procedures Communications Methods, Sources, and Technical Tradecraft (Code Plugs) Software and Source Code, P/W protect code plugs PIO/PAO releases Personal social media published information

8 Every Person Is An OPSEC Sensor!
Every person in your squadron, group, wing, region is a part of the security solution by: Knowing the threats Knowing what to protect Knowing how to protect it!

9 Identify Critical Information
You need to know what you need to protect if you expect to be able to protect it! Personally Identifiable Information (PII) Call signs Frequencies Net schedules Mission specific details Operations and Exercise Plans Repeater locations

10 Open Source Intelligence
AKA- One of the greatest threats to any organization Publically available information that any member of the public may lawfully obtain my request or observation. Unclassified information that has limited public information or access 80-85% of intelligence can be gathered using OSINT Source: re-configure.org

11 “It” never goes away! When you put information on the net, via your blog, Facebook, , etc., you have to assume that it’s going to stay there forever. Same thing with newspapers, magazines, and other media. The only safe bet is to make sure that it never gets there in the first place!

12 A note on public websites:
Certain things should not be found on public websites, blogs, etc., including: Sensitive Operations Plans Sensitive Communications Plans Alerting Lists, With Names By Name Personnel Lists Locations of Sensitive Assets (Vehicles, Airplanes, Radios, etc.) Locations of Sensitive Facilities (EOC's, COOP Sites, etc.)

13 COMSEC What is COMSEC? What is a Controlled Cryptographic Item (CCI)?
Examples of CCI Access Safeguarding Reporting Requirements Contacts

14 What is COMSEC? COMSEC (Communications Security) Broad term used to describe the measures and controls taken to deny unauthorized persons information derived from various communication sources and ensure the authenticity of such communications.

15 What is COMSEC? These items can be further categorized into:
Cryptographic key material (CRYPTO) Controlled Cryptographic Items (CCI) Classified devices For purposes of this briefing, we’re concerned with Unclassified CCI only

16 Communications Security
P25 digital mode adds a level of security to the network USAF funded the P25 transition almost 20 years ago and supplied radios per the NHQ TA Type 3 AES encryption provides a higher level of security for voice communications on missions, especially CD and discrete AF missions New TA includes KVLs for deployment to the field Currently using the NLECC KMF for key management NHQ/DOKS is the single POC with the NLECC

17 Communications Security
CAP has four keys assigned at the NLECC 2 static and 2 dynamic keys Interop keys are loaded on a case by case basis with approval of NHQ/DOKS All radios will have place holders in the code plug for all 20 interop keys Keys for other agencies will only be loaded with the approval of NHQ/DOKS, this is a liability issue If a radio is lost, stolen, or a member refuses to return a radio that is key loaded it may cause the entire country (all radios across all federal-state-local agencies to require re-keying!

18 Communications Security
KVL security A KVL is considered a controlled item and will be issued based upon a hand receipt A KVL must be secured in a locked cabinet when not in use and is the responsibility of the assigned custodian A KVL is not to be packed in checked luggage, left in an unattended vehicle, left in an unattended office, etc.

19 Enforcement CAP does NOT have a COMSEC account.
CAP is only a user of unclassified but controlled equipment supplied by another agency. This is not your typical CAP equipment accountability. CAP and its members are legally liable for the improper access, storage, or use of CCI equipment. Title 18, United States Code, sections 641, 793, 798, and 952.

20 Physical Security of CCI
COMSEC Material Control System is used to distribute accountable COMSEC items to include unclassified CCI equipment, maintenance manuals, and keying equipment. Some military departments have been authorized to distribute CCI equipment through their standard logistics system. The recipient (CAP) must get a hand receipt for acceptance of the equipment and complete any supplying agency required training and briefings.

21 CONTROLLED CRYPTOGRAPHIC ITEM
Devices CONTROLLED CRYPTOGRAPHIC ITEM Unclassified cryptographic device Protected as high value property Accountable to the National Security Agency Identified by nomenclature: NSA issued short title Examples of short titles: PRC117G AN ARC 231 V C KSV 21 CCI can always be identified by the “Controlled Cryptographic Item CCI” marking on the item’s faceplate

22 KSV 21 card for STE Secure Telephone Equipment (STE)
Secure point-to point voice/data communications up to Top Secret Unclassified with out the KSV 21 card Only the KSV 21 card is accountable KSV 21 card is CCI

23 PRC 117G Controlled Cryptographic Item (CCI)
Unclassified without classified key material loaded

24 Access Requirements Pursuant to Title 18 USC the following minimum conditions must be met prior to granting access to Unclassified CCI: Need-to-Know determination United States Citizenship Receive Unclassified CCI Access Briefing from the agency providing the CCI equipment and have completed this generic CAP CCI over-view briefing.

25 Safeguarding Unclassified CCI
If not being used or attended by a briefed individual, must be secured behind a locked door, storage room, etc. and sighted regularly If installed in an aircraft, authorization to leave unattended depends on the physical security controls in place to prevent removal of the installed equipment from the aircraft. As a rule it will not be left unattended but if it must be then security must be in place. Only persons with direct access need to be briefed.

26 Safeguarding Do NOT: Provide supplied CCI equipment to anyone without verifying completion of a CCI access briefing Move CCI to another location (permanent location) without coordinating hand receipt movement with the Communications Security Division or designee. Cadet members may not be left in sole possession or control of any CCI equipment.

27 Safeguarding Hand Receipt Items
Items Hand Receipted to you by the entity providing the CCI equipment becomes your personal responsibility and may never be transferred by you to another person or organization without authorization. To formally transfer CCI, you must contact the originally issuing entity that “owns” the CCI equipment. Another properly briefed person (not a cadet) may use your items but this does not relieve you of its responsibility

28 Reporting Requirements
Report any suspected tampering or misuse of CCI to the COMSEC Custodian immediately Why is it so important to protect CCI? The War Fighter will eventually communicate classified information with these devices Attempts to reverse engineer the CCI Ultimately accountable to the National Security Agency

29 Conclusion OPSEC is what you make of it The way ahead
Annual OPSEC training requirements in compliance with AFI OPSEC Survey OPSEC evaluations of CAP web sites (already started from the DOK side) OPSEC awareness emphasis at the Squadron, Group, Wing, Region and National levels New emerging missions will drive this requirements for enhanced OPSEC awareness

30 What does this mean to us?
Insure all personnel receive training Follow COMSEC/OPSEC guidance Build and maintain a culture of security ORWG January 2019 Communications Webinar

31 ORWG January 2019 Communications Webinar
Discussion ORWG January 2019 Communications Webinar

Download ppt "Civil Air Patrol Advanced Communications User Training"

Similar presentations

CRYPTO Users Briefing.

CRYPTO Users Briefing.
Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.

Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.
UNCLASSIFIED1 COMSEC BRIEFING Having been selected to perform duties which will require access to classified COMSEC information, it is essential you be.

UNCLASSIFIED1 COMSEC BRIEFING Having been selected to perform duties which will require access to classified COMSEC information, it is essential you be.
Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.

Section Four: Employee and Visitor Access Controls Note: All classified markings contained within this presentation are for training purposes only.
AFAMs and Civil Air Patrol PIOs August 2012. CAP Mission Summary CAP Mission Summary Training and Qualification Changes Training and Qualification Changes.

AFAMs and Civil Air Patrol PIOs August CAP Mission Summary CAP Mission Summary Training and Qualification Changes Training and Qualification Changes.
Incident Command System Basic Course

Incident Command System Basic Course
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
Information Systems Security Officer

Information Systems Security Officer
CASCOM -TRAINING DIRECTORATE QUARTERMASTER TRAINING DIVISION

CASCOM -TRAINING DIRECTORATE QUARTERMASTER TRAINING DIVISION
Unclassified Controlled Cryptographic Item Access Briefing

Unclassified Controlled Cryptographic Item Access Briefing
Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.

Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.
Security Policies University of Sunderland CSEM02 Harry R. Erwin, PhD.

Security Policies University of Sunderland CSEM02 Harry R. Erwin, PhD.
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.

Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
An Educational Computer Based Training Program CBTCBT.

An Educational Computer Based Training Program CBTCBT.
ESCCO Data Security Training David Dixon September 2014.

ESCCO Data Security Training David Dixon September 2014.
HQ Expectations of DOE Site IRBs Reporting Unanticipated Problems and Review/Approval of Projects that Use Personally Identifiable Information Libby White.

HQ Expectations of DOE Site IRBs Reporting Unanticipated Problems and Review/Approval of Projects that Use Personally Identifiable Information Libby White.
Web Mission Information Reporting System Quick Start Training Texas Wing Civil Air Patrol Operations Directorate.

Web Mission Information Reporting System Quick Start Training Texas Wing Civil Air Patrol Operations Directorate.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.

Health Insurance Portability and Accountability Act of 1996 (HIPAA) Proposed Rule: Security and Electronic Signature Standards.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
APAN Group Owner Training. APAN Groups Overview FOUO PII Other types Information Categories Aggregate data impacts OPSEC Group Owner Responsibilities.

APAN Group Owner Training. APAN Groups Overview FOUO PII Other types Information Categories Aggregate data impacts OPSEC Group Owner Responsibilities.

Similar presentations

Ads by Google