Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Education and Awareness Security 101 February 28, 2007 JSAC.

Published byTrevor Jacobs Modified over 8 years ago

Similar presentations

Presentation on theme: "Security Education and Awareness Security 101 February 28, 2007 JSAC."— Presentation transcript:

1 Security Education and Awareness Security 101 February 28, 2007 JSAC

2 Why Education and Training? NISPOM 3-100 “ Contractors shall provide all cleared employees with security training and briefings commensurate with their involvement with classified information.” NISPOM 3-100 “ Contractors shall provide all cleared employees with security training and briefings commensurate with their involvement with classified information.”

3 “A Security Awareness Program Sets the Stage for Training by Changing Organizational Attitudes to Realize the Importance of Security and the Adverse Consequences of Failure.” National Institute of Standards and Technology

4 Goals of An Effective Education & Training Program Understanding of and compliance with security rules and regulations. Understanding of and compliance with security rules and regulations. Understanding the magnitude and complexity of the foreign and domestic threats that make these rules and regulations necessary. Understanding the magnitude and complexity of the foreign and domestic threats that make these rules and regulations necessary. Motivation!!! Motivation!!!

5 Education Versus Training We often use the two terms interchangeably……but: We often use the two terms interchangeably……but:  “Training” teaches people the skills that will enable them to perform their job.  “Education” enables someone to develop the ability and vision to understand complex, multidisciplinary activities.

6 Education and Training What Should Be Included? What Should Be Included? What Is Your Method of Delivery? What Is Your Method of Delivery?

7 Required Prior to Initial Access to Classified Information Threat Awareness Briefing Threat Awareness Briefing Defensive Security Briefing Defensive Security Briefing Overview of the Security Classification System Overview of the Security Classification System Employee Reporting Requirements Employee Reporting Requirements Security Procedures and Duties applicable to the employee’s job Security Procedures and Duties applicable to the employee’s job

8 Threat Awareness What is the Threat What is the Threat Methods of Collection Methods of Collection Recent Cases Recent Cases CLASSIFIED or UNCLASSIFIED Threat Analysis from USG Sources CLASSIFIED or UNCLASSIFIED Threat Analysis from USG Sources Critical Technologies Critical Technologies

9 Defensive Briefing Overseas Travel Foreign Contacts Technology Controls Public Release Requirements CI Awareness Disclosure Restriction

10 Overview of the Security Classification System Levels of Classification and Criteria Levels of Classification and Criteria Original and Derivative Classification Original and Derivative Classification Classification Guides Classification Guides SAP/SAR and Special Briefing Requirements SAP/SAR and Special Briefing Requirements  NATO, FGI, COMSEC, CNWDI Safeguarding Safeguarding AIS AIS Background Investigations Background Investigations Marking Marking

11 Employee Reporting Requirements Definition of Adverse Information Definition of Adverse Information Suspicious Contact Reports Suspicious Contact Reports Foreign Travel Reporting Requirements (if any) Foreign Travel Reporting Requirements (if any) Violations Violations

12 Security Procedures and Duties Applicable to the Employee’s Job Lots of foreign contact or travel ? Lots of foreign contact or travel ? Working with classified hardware ? Working with classified hardware ? Working in a closed area ? Working in a closed area ? Marketing ? Marketing ? AIS ? AIS ? Special Briefings ? Special Briefings ?

13 Workplace Violence Prevention Liaison With: Liaison With:  Legal  Human Resources  Local Law Enforcement  Medical  Outside Consultants

14 Know Your Audience Executive Level Executive Level Foreign Travel Foreign Travel General Security Training General Security Training Technical Training Technical Training Export Controls Export Controls Counter-Intelligence Counter-Intelligence

15 Subject Matter Experts Subject Matter Experts Can Lend Extra Credibility Subject Matter Experts Can Lend Extra Credibility  DSS CI  902 nd MI Group  OSI  NCIS  Legal Departments  Import/Export Empowered Officials

16 Resources & Methods Company Newsletters Company Newsletters  Great for Special Events or Current Topics  “Security Slot” Website Information Website Information  Space on the Company Website or Build a Security Website Security Bulletins Security Bulletins  Topic of the Month Videos Videos  Homemade are Expensive but Effective if Resources Available Computer Based Education Computer Based Education

17 Resources & Methods Posters Posters  Some Commercially Available  Idea Contest Desktop Reminders Desktop Reminders  Great For End of Day Checks “Gimmes” “Gimmes” Pamphlets Pamphlets  Must be easy to use or recyclable

18 Desk Guides and Handbooks

19 Resources & Methods Seminars and Workshops Seminars and Workshops  NCMS  JSAC  ASIS  National Security Institute – IMPACT  DSS Usually for Specific Audiences Usually for Specific Audiences  Security Professionals  Small Facility FSO’s  Specialists – Import/Export, Legal

20 Visual Advertising A Great Poster IS: RRRReadable UUUUnreadable = Misspellings, complex, passive sentences, ungrammatical LLLLegible IIIIllegible = Fancy font, fancy font, too much text WWWWell Organized DDDDisorganized = Too much time to find main idea, next idea or data SSSSuccinct NNNNot succinct = Doesn’t direct attention to main message in 11 seconds

21 Great Posters Are Compact and Visual: Compact: Compact:  Focus on one, clearly stated message with a single “take-home” message Visual: Visual:  Relies on graphics, photos, pictures to convey message rather than lots of text

22 Poster Art from the Web http://www.wasc.noaa.gov/wrso/poste rs/Security_Awareness_Posters4.ht m http://www.wasc.noaa.gov/wrso/poste rs/Security_Awareness_Posters4.ht m http://www.wasc.noaa.gov/wrso/poste rs/Security_Awareness_Posters4.ht m http://www.wasc.noaa.gov/wrso/poste rs/Security_Awareness_Posters4.ht m http://members.impulse.net/~sate/po sters.html http://members.impulse.net/~sate/po sters.html http://members.impulse.net/~sate/po sters.html http://members.impulse.net/~sate/po sters.html

23

24

25

26

27 Associated with a Public Event

28 Poster Art – Not So Good

29 Poster Art - Cool

30 Key to Effective Training ReinforceReinforceReinforce

31 “The single greatest obstacle to espionage is education.” Stanislav Levchenko, former KGB Officer

32 Questions ??

Download ppt "Security Education and Awareness Security 101 February 28, 2007 JSAC."

Similar presentations

How to write an effective job description

How to write an effective job description
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.

What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
Chapter 3 Project Initiation

Chapter 3 Project Initiation
NISPOM CHAPTER 3 SECURITY TRAINING AND BRIEFINGS

NISPOM CHAPTER 3 SECURITY TRAINING AND BRIEFINGS
CST 481/598 x.2.  Broad overview of policy material  What is a “process”  Tiers (not tears) Many thanks to Jeni Li.

CST 481/598 x.2.  Broad overview of policy material  What is a “process”  Tiers (not tears) Many thanks to Jeni Li.
Developing the Security Program

Developing the Security Program
U.S. Commercial Service U.S. Department of Commerce The Basics of Exporting.

U.S. Commercial Service U.S. Department of Commerce The Basics of Exporting.
The Evaluation of the role of Human Resource Department Alex.

The Evaluation of the role of Human Resource Department Alex.
Chapter 3 Project Initiation. The stages of a project  Project concept  Project proposal request  Project proposal  Project green light  Project.

Chapter 3 Project Initiation. The stages of a project  Project concept  Project proposal request  Project proposal  Project green light  Project.
Confined Spaces in Construction: Applicable Standards Stan Liang, CIH, CSP, CET KTA-Tator, Inc.

Confined Spaces in Construction: Applicable Standards Stan Liang, CIH, CSP, CET KTA-Tator, Inc.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Providing Orientation and Training

Providing Orientation and Training
DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.

DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.
Career number 1. E- Discovery Professional  Electronic Discovery- Technology based Identifies, preserves and manages electronically stored information.

Career number 1. E- Discovery Professional  Electronic Discovery- Technology based Identifies, preserves and manages electronically stored information.
 Value Proposition  Key Features  A Closer Look  Operational Support  Essential Payback Employee Access TM Your Window to Employee and Manager Self-Service.

 Value Proposition  Key Features  A Closer Look  Operational Support  Essential Payback Employee Access TM Your Window to Employee and Manager Self-Service.
Approaches for forest certification System versus performance ? Presentation prepared by Pierre Hauselmann for the WWF / WB Alliance Capacity building.

Approaches for forest certification System versus performance ? Presentation prepared by Pierre Hauselmann for the WWF / WB Alliance Capacity building.
Chapter 7 The Recruiting Process

Chapter 7 The Recruiting Process
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.

Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.

Similar presentations

Ads by Google