1 / 21

COUNTERINTELLIGENCE AND REPORTING REQUIRMENTS

COUNTERINTELLIGENCE AND REPORTING REQUIRMENTS. ALL THE WEIRD STUFF AN FSO OR CLEARED CONTRACTOR IS SUPPOSED TO REPORT…AND WHO THEY ARE SUPPOSED TO REPORT IT TO…AND WHILE WE’RE AT IT, SOME SPY STUFF TOO…. s. RULE NUMBER ONE.

geordi
Download Presentation

COUNTERINTELLIGENCE AND REPORTING REQUIRMENTS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. COUNTERINTELLIGENCE AND REPORTING REQUIRMENTS

  2. ALL THE WEIRD STUFF AN FSO OR CLEARED CONTRACTOR IS SUPPOSED TO REPORT…AND WHO THEY ARE SUPPOSED TO REPORT IT TO…AND WHILE WE’RE AT IT, SOME SPY STUFF TOO… s

  3. RULE NUMBER ONE Reporting requirements are in Section 1-300 of the NISPOM…so never hesitate to look it up if you’re not sure…

  4. RULE NUMBER TWO Feel free to call me anytime you have a question on any of this: Richard L. Harper Manager, Investigations/Counterintelligence/International Security Lockheed Martin Missiles and Fire Control 972-603-9398

  5. RULE NUMBER THREE • The easiest way to remember this stuff is as follows: • Any report of possible, probable, suspected or known espionage, sabotage, or terrorism goes to the local office of the FBI • Verbal report OK, but must be followed by written report with a copy to DSS • Anything else goes to DSS

  6. General Guidelines Regarding Reports to DSS • Cleared contractors are required to report events that: • impact the status of the facility clearance (FCL) • impact an employee's personnel security clearance (PCL) • affect proper safeguarding of classified information • indicate classified information has been lost or compromised. • appear to be suspicious contacts • Cleared contractors must establish procedures to ensure that cleared employees are aware of their individual reporting responsibilities

  7. REPORTS REGARDING EVENTS AFFECTING YOUR FCL (1) Any change of ownership, including stock transfers that affect control of the company. (2) Any change of operating name or address of the company or any of its cleared locations. (3) Any change to the information previously submitted for key management personnel including: • names of the individuals they are replacing • whether the new key management personnel are cleared and if so to what level and when • DPOBs, SSNs, and citizenship of the new key management personnel • whether they have been excluded from access or whether they have been temporarily excluded from access pending the granting of their clearance. (4) Action to terminate business or operations for any reason, including imminent adjudication or reorganization in bankruptcy (5) Any material change concerning the information previously reported by the contractor concerning foreign ownership, control or influence (FOCI).

  8. REPORTS REGARDING THE LOSS, COMPROMISE, OR SUSPECTED COMPROMISE OF CLASSIFIED INFORMATION • ‘reasonable time” rule…if you can’t find it quickly, assume it’s lost • Preliminary Inquiry - immediately capture the circumstances of the disappearance • Initial report – confirms the loss and provides the known information • Final report provides: • Material and relevant information that was not included in the initial report; • Name/SSN individual(s) primarily responsible, including any record of prior loss, compromise, or suspected compromise for which the individual had been determined responsible; • Statement of the corrective action and any disciplinary action • Specific reasons for reaching the conclusion that loss, compromise, or suspected compromise occurred or did not occur.

  9. REPORTS REGARDING EVENTS AFFECTING YOUR FACILITIY’S ABILITY TO SAFEGUARD CLASSIFIED INFO • Changes in Storage Capability • Any change in the storage capability that would raise or lower the level of classified information the facility is approved to safeguard. • Inability to Safeguard Classified Material • Any emergency situation that renders the facility incapable of safeguarding classified material. • Security Equipment Vulnerabilities • Significant vulnerabilities identified in security equipment, intrusion detection systems (IDS), access control systems, communications security (COMSEC) equipment or systems, and information system (IS) security hardware and software used to protect classified material. • Unauthorized Receipt of Classified Material • Receipt or discovery of classified material that the contractor is not authorized to have. The report should identify the source of the material, originator, quantity, subject or title, date, and classification level.

  10. REPORTS REGARDING AN INDIVIDUAL’S SUITABILITY FOR ACCESS TO CLASSIFIED INFORMATION • Change in Cleared Employee Status • Death • termination of employment • change in citizenship • possibility of access to classified information in the future has been reasonably foreclosed. • Citizenship by Naturalization (when a non-U.S. citizen employee granted a Limited Access Authorization (LAA) becomes a citizen through naturalization). • city, county, and state where naturalized • date naturalized • Name of the court • certificate number. • Employees Desiring Not to Perform on Classified Work (employee no longer wishes to be processed for a clearance or to continue an existing clearance) • Refusal by an employee to execute the "Classified Information Nondisclosure Agreement" (SF 312).

  11. REPORTS REGARDING AN INDIVIDUAL’S SUITABILITY FOR ACCESS TO CLASSIFIED INFORMATION (continued) • Violations of the NISPOM which: • indicate a deliberate disregard of security requirements. • indicate gross negligence in the handling of classified material. • were not deliberate in nature but involve a pattern of negligence or carelessness. • Must include description of administrative actions taken against the culpable employee • Adverse Information • Cleared employee • No rumor or innuendo • Subsequent termination of employment of an employee does not obviate the requirement • If the individual is employed on a Federal installation, send a copy of the report to the head of the installation. Becker vs. Philco and Taglia vs. Philco (389 U.S. 979): contractor is not liable for defamation of an employee because of reports made to the Government under the requirements of this Manual

  12. REPORTS REGARDING SUSPICIOUS CONTACTS – PER NISPOM 1-302B • efforts by any individual, regardless of nationality, to obtain illegal or unauthorized access to classified information or to compromise a cleared employee. • all contacts by cleared employees with known or suspected intelligence officers from any country • any contact which suggests the employee concerned may be the target of an attempted exploitation by the intelligence services of another country

  13. REPORTS REGARDING SUSPCIOUS CONTACTS – PER THE SCHOOL OF HARD KNOCKS • Personal, Telephone, E-mail And Written Communications Asking Questions “Beyond The Scope.” • Company Info • Classified Info • Tech Info • Illegal Acts • Incidents During Travel: • Luggage/Belongings Tampered With • Same Hotel Room Every Trip • Sense Of Being Followed/Observed • Detention By Host Country Law Enforcement Or Intelligence Services • Confiscation Of Passport Or Personal Papers • Any Attempt At Coercion • Any Attempt At Elicitation • Any Attempt By A Foreign Citizen To Establish Long-term Relationship s

  14. SUSPICIOUS CONTACTS - WHO IS CONTACTING US AND WHAT DO THEY WANT? • 106 countries targeted US Technologies last year. • 80% of data targeted was OPEN information-NOT CLASSIFIED information. • What are they looking for? -Dual-use technology -DATED Military technology -Infrastructure-supportive technology What aren’t they looking for? The Crown Jewels. s

  15. SUSPICIOUS CONTACTS - HOW DO THEY DO IT? • They ASK for it. • They employ use of Internet. • They go to trade shows. • They sit at bars/restaurants and LISTEN. • They task students, visiting scientists, etc. • They don’t play by U.S. “rules.” • They are patient. They gather info a piece at a time. They don’t want or need the big picture. s

  16. Most Frequently Reported Foreign Collection Methods of Operation (MO) • Requests for Information - 34.2% • Acquisition of Controlled Technology 32.2% • Solicitation of Services - 9.6% • Exploitation of Relationships - 5.3% • Suspicious Internet Activity - 5.3% • Exploitation of a Foreign Visit - 4.6% • Targeting at Conventions, Expositions, or Seminars - 4.3% • Cultural Commonality - 0.9% • Foreign Employees - 0.6%

  17. SUSPICIOUS CONTACTS…SIGNS THAT YOUR FRIENDLY VISITOR MAY NOT BE YOUR FRIEND • Foreign Liaison Officer or embassy official attempts to conceal official identity during commercial visits • Suspected hidden agendas versus the original purpose of the visit • Last minute and unannounced persons are added to the visiting party • Presence of wandering visitors who act offended when confronted • Foreign entity attempts a commercial visit or uses U.S. based third party to arrange a visit after the original foreign visit request is denied • Visitors ask questions outside the scope of the approved visit to receive a courteous or spontaneous answer • Visitors claim business-related interest but lack experience researching and developing technology • Visitors ask to meet personnel from their own countries and attempt to establish continuing contact with them

  18. Today’s foreign/domestic intelligence-gatherer…. • IS NOT A 007!!! He or she IS: • Visiting foreign Student/Intern • Defense Attaché • Émigré • Businessman/Scientist/Researcher • External contact (phone, e-mail, letter) • Insider s

  19. SUMMARY – DO YOU REMEMBER: • What you have to report? • events which: • impact the status of the facility clearance (FCL) • impact an employee's personnel security clearance (PCL) • affect proper safeguarding of classified information • indicate classified information has been lost or compromised. • suspicious contacts • potential or actual acts of espionage, sabotage, or terrorism • Who you report them to?

  20. Thank You – Questions? s

More Related