Presentation is loading. Please wait.

Presentation is loading. Please wait.

OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security.

Published byGrant Abner Lawson Modified over 8 years ago

Similar presentations

Presentation on theme: "OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security."— Presentation transcript:

1 OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security Policy Update

2 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) NISPOM changes Insider threat-related Chp 1 Chp 3 Chp 8 Other changes Chp 1 New appendix D: NISPOM Supplement DoD process change: national interest determinations Continuous evaluation initiatives Questions AGENDA 2 UNCLASSIFIED

3 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) New NISPOM 1-202 Insider Threat Program Establish and Maintain Insider Threat program Designate Insider Threat Senior Official Must be cleared in connection with facility clearance Establish and execute an insider threat program May be FSO, but also has to be a Senior Official FSO must be integral member of contractor’s program Gather, Integrate and Report As required by Cognizant Security Agency (CSA) Relevant and available information indicative of a potential or actual insider threat Clarification will be by Industrial Security Letter NISPOM Conforming Change #2 3 UNCLASSIFIED

4 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) New NISPOM 3-103: Insider Threat Training Considered appropriate by the CSA Personnel with insider threat program responsibilities Counterintelligence and security fundamentals Procedures for conducting insider threat response actions Applicable laws related to use (or misuse of records and data) All other cleared personnel Insider threat awareness training Required training before being granted access to classified information Establish and maintain a record of all cleared employees who have completed the initial and annual training NISPOM Conforming Change #2 4 UNCLASSIFIED

5 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Chapter 8: Revisions ISSM role includes insider threat awareness User activities on systems are subject to monitoring Banners on all classified information systems (ISs) Signed acknowledgement by each user Acceptance of responsibility for security of classified ISs Activity on classified network is subject to monitoring Could be used in criminal, security or administrative actions Security awareness training for all users (chp 3) CSA guidance will be based on guidance for Federal ISs Terminology updates to synchronize to NIST 800-37 e.g., Assessment and Authorization instead of Certification and Accreditation NISPOM Conforming Change #2 5 UNCLASSIFIED

6 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) New 1-401: Report cyber intrusions into cleared defense contractors (CDCs) classified information systems to DoD (section 941, FY13, NDAA) New Appendix D: NISPOM Supplement: will cancel 1995 NISPOM Supplement 1 NISPOM Conforming Change #2 Other Major Changes 6 UNCLASSIFIED Goal: Promulgate NISPOM Change #2 by end of July 2015. Implementation: No later than 6 months from publication (NISPOM paragraph 1-102c)

7 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Contractors cleared through a Special Security Agreement must have an approved national interest determination (NID) for access to proscribed information Proscribed information: Top Secret, COMSEC, SCI, SAP or Restricted Data (RD) DoD centralized its NID process through a Directive-type memorandum 15-002 on February 11, 2015: DSS proposes NID to the DoD Government Contracting Activity Concurrence still required from NSA for COMSEC, ODNI for SCI and DOE for RD http://www.dtic.mil/whs/directives/corres/pdf/DTM15002.pdf DoD process change: national interest determinations 7 UNCLASSIFIED

8 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Continuous Evaluation (CE) CE--Several Initiatives: Itinerant IT Contractor Pilot – In Oct 2014, DoD commenced single-point-in-time checks on 3,000 cleared contractor personnel. Continuous Evaluation Concept Demo (CECD) – In Jan 2015, DoD re-launched the CECD by conducting continual, automated records checks on 85,000 military, civilian and contractor personnel across DoD. This number will be increased to 100,000 during March 2015. UNCLASSIFIED

9 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Questions Unclassified

10 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Unclassified BACKUP

11 Back to front exit COUNTERINTELLIGENCE FIELD ACTIVITY PUT TEXT HERE COUNTERINTELLIGENCE FIELD ACTIVITY OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Executive Order 13467 defines continuous evaluation (CE) CE means: reviewing the background of an individual who has been determined to be eligible for access to classified information (including additional or new checks of commercial databases, Government databases, and other information lawfully available to security officials) at any time during the period of eligibility to determine whether that individual continues to meet the requirements for eligibility for access to classified information. Continuous Evaluation 11 UNCLASSIFIED

12 Continuous Evaluation: Authorities and Responsibilities Executive Order 12968, 2 Aug 1995 (as amended). Access to Classified Information. Executive Order 13467, 30 Jun 2008. Reforming Processes Related to Suitability for Government Employment, Fitness for Contractor Employees, and Eligibility for Access to Classified National Security Information. Presidential Memo - National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs, 21 Nov 2012 OMB Suitability and Security Processes Review Report to the President, Feb 2104. Recommendation A.3: Accelerate the implementation of a standardized program of Continuous Evaluation (CE), ensure full integration with agency Insider Threat Programs. White House Memo - Near-term Measures to Reduce the Risk of High-Impact Unauthorized Disclosures, 11 Feb 2014. A-3. DNI shall develop and launch a personnel Continuous Evaluation Program (CEP) that includes automated checks…The CEP shall reach initial operating capability by September 30, 2014. Standard Form 86, Questionnaire for National Security Positions, Revised Dec 2010. Form Approved: OMB No. 3206 0005.

Download ppt "OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security."

Similar presentations

Subchapter M-Indian Self- Determination and Education Assistance Act Program Part 273-Education Contracts under Johnson-OMalley Act.

Subchapter M-Indian Self- Determination and Education Assistance Act Program Part 273-Education Contracts under Johnson-OMalley Act.
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
IT Security Law for Federal Agencies As of: 30 December 2002.

IT Security Law for Federal Agencies As of: 30 December 2002.
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.

What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
Industrial Security 2010 Worldwide Security Conference.

Industrial Security 2010 Worldwide Security Conference.
Defense Security Service Facility Clearance Branch (FCB)

Defense Security Service Facility Clearance Branch (FCB)
Defense Security Service. DSS Update DSS Changing With A Changing Security Environment.

Defense Security Service. DSS Update DSS Changing With A Changing Security Environment.
Briefing on Presidential Records Act and Federal Records Act Amendments of 2014 (HR 1233, PL 113-187) Gary Stern and Paul Wester Wednesday, December 10,

Briefing on Presidential Records Act and Federal Records Act Amendments of 2014 (HR 1233, PL ) Gary Stern and Paul Wester Wednesday, December 10,
NISPOM Update for JSAC Workshop

NISPOM Update for JSAC Workshop
Chapter 43 An Act Relative to Improving Accountability and Oversight of Education Collaboratives Presentation to Board of Elementary and Secondary Education.

Chapter 43 An Act Relative to Improving Accountability and Oversight of Education Collaboratives Presentation to Board of Elementary and Secondary Education.
In-sourcing Guidelines and Procedures By Dr. John Anderson. PDASA, FMMR, OASA(M&RA)

In-sourcing Guidelines and Procedures By Dr. John Anderson. PDASA, FMMR, OASA(M&RA)
Information Governance and the Presidential Memo on Managing Government Records: Converging Issues and the Search for New Ideas Presidential Memorandum:

Information Governance and the Presidential Memo on Managing Government Records: Converging Issues and the Search for New Ideas Presidential Memorandum:
SPēD Certification Program Executive Overview. 2April 2012Executive Overview Purpose Outline the SPēD Program Provide SPēD Program update Provide SPēD.

SPēD Certification Program Executive Overview. 2April 2012Executive Overview Purpose Outline the SPēD Program Provide SPēD Program update Provide SPēD.
UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.

UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.
Information Security Policies and Standards

Information Security Policies and Standards
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Supplier Ethics: Program Checklist

Supplier Ethics: Program Checklist

Similar presentations

Ads by Google