Presentation is loading. Please wait.

Presentation is loading. Please wait.

Compliance with CF Security Policies

Published byHortense Kelley Modified over 9 years ago

Similar presentations

Presentation on theme: "Compliance with CF Security Policies"— Presentation transcript:

1 Compliance with CF Security Policies
Course: P Res BMQ EO: Rank/Name: Compliance with CF Security Policies Definition of Security Procedures Implementation of General and Operational Security Procedures and Reporting of Violations Allotted time: References DND Security Policy (PSDN), Chapters 1 to 12 and 30 National Defence Security Instructions (NDSI) ) CANFORGEN

2 Compliance with CF Security Policies
Definition of Security Procedures Implementation of General and Operational Security Procedures and Reporting of Violations TP

3 Definition of Security Procedures
General Such freedom of action will be obtained in part by Protecting vital interests against theft, diversion and sabotage; Denying unauthorized persons access to vital information about our own capabilities and intentions; and Ensuring the loyalty and reliability of those persons who are authorized access to classified or otherwise sensitive assets.

4 Definition of Security Procedures
General Security is defined as the condition achieved when the intentions of the enemy or otherwise hostile persons are determined and when information, material, personnel, activities and installations are protected against espionage, sabotage, subversion and terrorism, as well as against loss, manipulation and unauthorized disclosure.

5 Definition of Security Procedures GOVERNMENT OF CANADA SECURITY POLICY
The Government of Canada Security Policy (GSP) prescribes a security system for the Government of Canada that will effectively protect classified information and other assets sensitive in other than the national interest from unauthorized disclosure, destruction, removal, modification or interruption.

6 Definition of Security Procedures
DND SECURITY POLICY The Deputy Minister of National Defence and the Chief of the Defence Staff shall take those measures deemed necessary and appropriate to provide for the following: Fully guarantee all aspects of security relevant to defence works, establishments, facilities, assets, resources, personnel and military operations in Canada or abroad, to include countering the threats to security within the Department of National Defence or to deployed elements of the Canadian Forces (CF);

7 Security Classification Level
Definition of Security Procedures TABLE OF SECURITY CLASSIFICATION AND DESIGNATION LEVELS Security Classification Level UNCLASSIFIED CONFIDENTIAL SECRET Security Designation Level PROTECTED A PROTECTED B PROTECTED C

8 Table of Security Classification and Designation Levels
Definition of Security Procedures Table of Security Classification and Designation Levels Level of Injury to the National Interest Definition Classification Level No Injury When no compromise is expected to occur that would caused injury to the national interest UNCLASSIFIED Injury Compromise of the information could reasonably be expected to cause injury to the national interest. CONFIDENTIAL Serious Injury Compromise of the information could reasonably be expected to cause serious injury to the national interest. SECRET Exceptionally Grave Injury Compromise of the information could reasonably be expected to cause exceptionally grave injury to the national interest. TOP SECRET Level of Injury to the National Interest Definition Classification Level No Injury When no compromise is expected to occur that would caused injury to the national interest UNCLASSIFIED Injury Compromise of the information could reasonably be expected to cause injury to the national interest. CONFIDENTIAL Serious Injury Compromise of the information could reasonably be expected to cause serious injury to the national interest. SECRET Exceptionally Grave Injury Compromise of the information could reasonably be expected to cause exceptionally grave injury to the national interest. TOP SECRET

9 Table of Security Classification and Designation Levels
Definition of Security Procedures Table of Security Classification and Designation Levels Level of Injury to Other Than the National Interest Definition Security Designation Level Low Sensitive Compromise of the information could reasonably be expected to cause injury outside the national interest. PROTECTED A Particularly Sensitive Compromise of the information could reasonably be expected to cause serious injury outside the national interest PROTECTED B Extremely Sensitive Compromise of the information could reasonably be expected to cause exceptionally grave injury outside the national interest PROTECTED C Level of Injury to Other Than the National Interest Definition Security Designation Level Low Sensitive Compromise of the information could reasonably be expected to cause injury outside the national interest. PROTECTED A Particularly Sensitive Compromise of the information could reasonably be expected to cause serious injury outside the national interest. PROTECTED B Extremely Sensitive Compromise of the information could reasonably be expected to cause exceptionally grave injury outside the national interest. PROTECTED C

10 Threats come in many forms, including the following:
Definition of Security Procedures VULNERABILITY AND THREATS TO SECURITY Threats come in many forms, including the following: espionage, sabotage, subversion, terrorism, criminal acts.

11 The following raise the level of vulnerability to a threat:
Definition of Security Procedures VULNERABILITY AND THREATS TO SECURITY The following raise the level of vulnerability to a threat: negligence and indifference, lack of security awareness, concentration of assets, operational and budgetary constraints, and evolving technology.

12 Definition of Security Procedures
ESPIONAGE Espionage is an act or an activity directed towards the acquisition of classified or otherwise sensitive information using covert collection means, for the benefit of a foreign power or to do injury to Canadian interests. Espionage takes place in peacetime or wartime, and the methods used include the following:

13 Definition of Security Procedures
ESPIONAGE Gathering of information with the help of human sources; Unauthorized interception or interruption of communications and electronic emissions, including telemetric emissions; Hacking or sabotaging of a computer or computer‑based information system with the intention of obtaining intelligence; Clandestine gathering of intelligence using photographic methods.

14 Definition of Security Procedures
SABOTAGE DND has adopted the NATO definition of sabotage, whereby sabotage is an act with intent to damage, interfere with, or obstruct, by wilfully damaging or destroying, or attempting to damage or destroy, material, premises or utilities in the interests of a foreign power or subversive political organization. There is reason to believe that enemy-directed acts of sabotage would be initiated to coincide with an overt attack.

15 Definition of Security Procedures
SABOTAGE Sabotage methods and acts include the following: Arson; Use of explosives; Contamination of water, fuel or food supplies; Other uses of chemical, biological or bacterial agents against personnel and equipment; Assassination, incapacitation or removal of key personnel; Mechanical acts of interference with equipment, for example, the cutting of pipelines or cables, or the removal of essential components; Manipulation, diversion or distortion of information and material, in particular, that contained in mechanical or automated information systems.

16 Definition of Security Procedures
SUBVERSION Subversion is an action designed to weaken the military, economic or political strength of Canada by undermining the morale, loyalty or reliability of its citizens. Subversion is both a peacetime and wartime threat. The objectives of subversion may include the following:

17 Definition of Security Procedures
SUBVERSION Overthrow of the Government of Canada, using violence; Destruction of Canadians’ confidence in themselves, Canadian leadership and Canadian allies; Fostering of a myth that an enemy is invincible or should not be resisted because of the assumed costs that a possible war will exact; Sowing of doubt with respect to the morality of national goals, objectives and programs; Fostering and exploitation of religious, racial, economic and cultural differences within the population as either an end or a means to an end; and Incitement of members of the Canadian Forces to mutiny, desertion or other acts of disobedience.

18 Definition of Security Procedures
TERRORISM The term terrorism describes those activities, which are directed toward or are in support of the threatened or actual use of violence against persons or property for the purpose of achieving a political objective in Canada or in respect of a foreign state.

19 Definition of Security Procedures
TERRORISM Terrorism on a massive scale became a major phenomenon of the late 20th century. The methods employed by terrorists include the following: Arson and bombing; Assassination, assault and kidnapping; Airplane hi‑jacking; Violent demonstrations and other violent interruptions of normal activities and regular events; Direct attacks on facilities and utilities; Hoaxes and harassment.

20 Definition of Security Procedures
CRIMINAL ACTS Crime can have a severe and debilitating effect on personnel and programs, and can seriously constrain the successful conduct of military operations.

21 Definition of Security Procedures
NEGLIGENCE Negligence and carelessness in the way that members of DND control and manage classified, sensitive or valuable assets can have very significant and negative consequences for security. Negligence may occur inadvertently through inattention, or deliberately to avoid security or other constraints. In either instance, DND programs and resources can consequently be put at risk.

22 Definition of Security Procedures LACK OF SECURITY AWARENESS
The effects of negligence and carelessness will be compounded by ignorance and misunderstanding whenever the rationale for specific security measures is not fully understood. Awareness programs must emphasize the nature of the threat and ways to counter it.

23 Do you have any questions?

24 Q1: Threats may arise in a variety of forms. What are they?

25 A1: (a) espionage (b) sabotage (c) subversion (d) terrorism
(e) criminal acts

26 Q2: What increases the level of vulnerability?

27 A2: negligence and indifference lack of security awareness

28 Compliance with CF Security Policies
Definition of Security Procedures Implementation of General and Operational Security Procedures and Reporting of Violations TP

29 Implementation of General and Operational Security Procedures and Reporting of Violations
DOCTRINE Operations security is a relatively new concept in Canadian Forces doctrine.

30 Implementation of General and Operational Security Procedures and Reporting of Violations
CONCEPT Operations security is all of the measures taken to give a military operation or exercise appropriate security, using passive or active means, in order to deny the enemy knowledge of the dispositions, capabilities and intentions of friendly forces.

31 Implementation of General and Operational Security Procedures and Reporting of Violations
PRINCIPLES The following principles govern the implementation of measures to ensure operations security: Comprehensiveness Critical information Enemy perspective Timeliness Systems analysis

32 OPERATIONS SECURITY PROCEDURES
Implementation of General and Operational Security Procedures and Reporting of Violations OPERATIONS SECURITY PROCEDURES The implementation of operations security (OPSEC) measures is a proven systematic process consisting of the following five steps: Identification of key information; Threat analysis; Vulnerability analysis; Risk analysis; Implementation of appropriate countermeasures.

33 Implementation of General and Operational Security Procedures and Reporting of Violations
EVALUATION In order to assess the effectiveness of the Operations Security Program, the National Defence Headquarters Director of Security Intelligence (NDHQ D Secur Int) may, at commanders’ request, ask the Special Investigations Unit (SIU) to carry out, for operations security purposes, an analysis of operations, of a mission, of an exercise or of an establishment.

34 Implementation of General and Operational Security Procedures and Reporting of Violations
EVALUATION An operations security investigation may help J3/G3 Plans and Operations personnel determine whether or not information is sufficiently protected during the planning, implementation and reporting of an operation or exercise.

35 Do you have any questions?

36 Q1: The implementation of operations security procedures is a proven systematic process. What steps does it consist of?

37 A1: Identification of key information Threat analysis
Vulnerability analysis Risk analysis Implementation of appropriate countermeasures

38 Compliance with CF Security Policies
Definition of Security Procedures Implementation of General and Operational Security Procedures and Reporting of Violations TP

39 Do you have any questions?

40 Compliance with CF Security Policies
Question 1 Threats may arise in a variety of forms. What are they? Question 2 What increases the level of vulnerability? Question 3 The implementation of operations security procedures is a proven systematic process. What steps does the process consist of?

41 Compliance with CF Security Policies
Answer 1 espionage sabotage subversion terrorism criminal acts Answer 2 negligence and indifference lack of security awareness concentration of assets operational and budgetary constraints evolving technology

42 Compliance with CF Security Policies
Answer 3 identification of key information threat analysis vulnerability analysis risk analysis implementation of appropriate countermeasures

43 Compliance with CF Security Policies
Course: P Res BMQ EO: Rank/Name: Compliance with CF Security Policies Definition of Security Procedures Implementation of General and Operational Security Procedures and Reporting of Violations Allotted time: References DND Security Policy (NDSP), Chapters 1 to 12 and 30

Download ppt "Compliance with CF Security Policies"

Similar presentations

Museum Presentation Intermuseum Conservation Association.

Museum Presentation Intermuseum Conservation Association.
S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,

S3-1 © 2001 Carnegie Mellon University OCTAVE SM Process 3 Identify Staff Knowledge Software Engineering Institute Carnegie Mellon University Pittsburgh,
Www.dataprotection.gov.je The Data Protection (Jersey) Law 2005.

The Data Protection (Jersey) Law 2005.
Chapter 13 Crimes Against the State Joel Samaha, 9th Ed.

Chapter 13 Crimes Against the State Joel Samaha, 9th Ed.
Introduction to Information Operations Attaché Corps- SEP 09

Introduction to Information Operations Attaché Corps- SEP 09
GSA Office of Emergency Response and Recovery Risk Based Continuity Planning Darren J. Blue, Director, Policy and Plans, Office of Emergency Response.

GSA Office of Emergency Response and Recovery Risk Based Continuity Planning Darren J. Blue, Director, Policy and Plans, Office of Emergency Response.
Session 8: Modeling the Vulnerability of Targets to Threats of Terrorism 1 Session 8 Modeling the Vulnerability of Targets to Threats of Terrorism John.

Session 8: Modeling the Vulnerability of Targets to Threats of Terrorism 1 Session 8 Modeling the Vulnerability of Targets to Threats of Terrorism John.
Auditing Computer-Based Information Systems

Auditing Computer-Based Information Systems
JUNIOR SAILOR ADVANCEMENT WORKSHOP (JSAW) CTO1(SW) Germean Porter NAVY DOCTRINE FOR ANTITERRORISM AND FORCE PROTECTION.

JUNIOR SAILOR ADVANCEMENT WORKSHOP (JSAW) CTO1(SW) Germean Porter NAVY DOCTRINE FOR ANTITERRORISM AND FORCE PROTECTION.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
The Islamic University of Gaza

The Islamic University of Gaza
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Information Systems Security Officer

Information Systems Security Officer
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Randy Marchany VA Tech Computing Center

Randy Marchany VA Tech Computing Center
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.

Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.
Section Ten: Security Violations and Deviations Note: All classified markings contained within this presentation are for training purposes only.

Section Ten: Security Violations and Deviations Note: All classified markings contained within this presentation are for training purposes only.
Agenda  Introduce key concepts in information security from the practitioner’s viewpoint.  Discuss identifying and prioritizing information assets through.

Agenda  Introduce key concepts in information security from the practitioner’s viewpoint.  Discuss identifying and prioritizing information assets through.

Similar presentations

Ads by Google