1.89k likes | 2.9k Views
Security Awareness Training. A threat awareness briefing. A defensive security briefing. An overview of the security classification system. Employee reporting obligations and requirements. Security procedures and duties applicable to the employee's job. Report to DISCO.
E N D
Security Awareness Training • A threat awareness briefing. • A defensive security briefing. • An overview of the security classification system. • Employee reporting obligations and requirements. • Security procedures and duties applicable to the employee's job.
Report to DISCO • Employees who do not want to perform on classified work • Refusal to sign SF 312
General Requirements • Standard practice procedures • How FSO will direct and implement security procedures • Upon FSO or CSA determination
1-207 Hotlines • Hotlines are available. However, recommend that company officers have chance to handle situation • Not to take place of investigations • May be used to tip off Defense Hotline The Pentagon Washington, DC 20301-1900 (800) 424-9098
1-3 Reporting • Events that impact: • FCL • PCL • Protection of classified information • Loss or compromise • Contractors cleared employees on reporting channels with: • Federal agencies • FBI • CSA
1-3 Reporting (To FBI) • Reports to FBI • Espionage • Sabotage • Terrorism • Subversive activities • Submit copy of written report to CSA
How to Report • Report to the FBI • Follow up with written report • Send copy to IS Rep with FBI approval
1-3 Reporting (To CSA) • Reports to CSA • Adverse information • Suspicious contacts • Change in cleared employee status • Naturalization • Not desiring to work on classified contract Be careful! Don’t spread rumors
Reports to CSA • Personnel Clearance Issues • Facility Clearance Issues • How do you report? • IS Rep • DISCO
DISCO • Adverse Information • Changes in Cleared Employee Status • Citizenship by Naturalization • Employees Desiring Not to Perform on Classified Work • Standard Form (SF) 312
Adverse Information • Foreign influence • Foreign preference • Sexual behavior • Personal conduct • Financial considerations • Alcohol consumption • Drug involvement • Emotional, mental, and personality disorders • Criminal conduct • Security violations • Outside activities • Misuse of information technology systems
1-3 Reporting (To CSA) • Reports to CSA • Adverse information • Suspicious contacts • Change in cleared employee status • Naturalization • Not desiring to work on classified contract
1-3 Reporting (To CSA) • Reports to CSA • Adverse information • Suspicious contacts • Change in cleared employee status • Naturalization • Not desiring to work on classified contract
1-3 Reporting (to CSA) • Reports to CSA • Refusal to sign SF 312 • Changes affecting FCL • Changes in storage capability • Inability to protect classified • Security equipment vulnerabilities • Unauthorized receipt of classified • Compromise information • Disposition of classified information • Foreign classified contracts
1-3 Reporting (to CSA) • Reports to CSA • SF 312 • Changes affecting FCL • Changes in storage capability • Inability to protect classified • Security equipment vulnerabilities • Unauthorized receipt of classified • Compromise information • Disposition of classified information • Foreign classified contracts
1-3 Reporting (to CSA) • Reports to CSA • Refusal to sign SF 312 • Changes affecting FCL • Changes in storage capability • Inability to protect classified • Security equipment vulnerabilities • Unauthorized receipt of classified • Compromise information • Disposition of classified information • Foreign classified contracts
1-303 Loss, Compromise or Suspected Compromise • Report to CSA • Considered lost if cannot be found • Conduct investigation • Report to CSA or command channels
1-303 Loss, Compromise or Suspected Compromise Discover circumstances surrounding the reported loss, compromise or suspected compromise.
1-303 Loss, Compromise or Suspected Compromise Loss, compromise or suspected compromise? Submit initial report
1-303 Loss, Compromise or Suspected Compromise • Investigation Done? • Submit final • New information • Name and SSN of person responsible • Record of prior incidents • Corrective action • Reasons for conclusions
CONTENTS • Why Our Information • Employee Responsibilities • Threat Awareness and Defensive Information • Methods of Contact • Countermeasures • Test
WHY OUR TECHNOLOGY? • Why go through process of Research and Development • Let someone else pay for R&D • Possible military application Why Us? Because We're the BEST!
WHY OUR TECHNOLOGY? • Research and development is an expensive endeavor. It is much cheaper to acquire technology through reverse engineering, requests for information or theft • It is illegal to provide any export to some countries. It is easier for them to think of creative methods of obtaining what they need. • Some products seem to have commercial application, but they may appeal to a dual use possibilities
EMPLOYEE RESPONSIBILITY Protect Proprietary, For Official Use Only and Sensitive Information • This information includes: • Vendor prices • personnel ratings • medical records • corporate financial investments and resources • trade secret information • corporate/government relations • corporate security vulnerabilities • financial forecasts and budget information
PROTECT PROPRIETARY, FOR OFFICIAL USE ONLY AND SENSITIVE INFORMATION • Lock up in a drawer or cabinet • Restrict emailing or faxing • Develop a destruction policy • Everyone has a right to privacy, respect that right • Protect your business to the fullest
EMPLOYEE RESPONSIBILITY Company Computer Security Safeguards • Use computers for authorized business • Establish and protect passwords • Visit only authorized websites • Use caution when downloading attachments • Save all work • Use classified systems for classified processing
COMPUTER SECURITY SAFEGUARDS • Password should be at least six characters long. More stringent measures apply to classified processing systems • Don’t share passwords or write them down • Use the internet for official company use • Download attachments if email comes from a reliable source • Save work regularly in case of loss • Follow procedures as established by the Information System Security Manager
EMPLOYEE RESPONSIBILITY • The following may indicate that you could be targeted: • Your access to active intelligence interest • Overseas locations where foreign intelligence operates • Located in the U.S. where foreign nationals can gain access to you • Ethnic, racial, or religious background that may attract the attention of a foreign intelligence operative
EMPLOYEE RESPONSIBILITY • You have no control over whether or not you are targeted • Your present situation may make you appear vulnerable, but it doesn’t mean you will be targeted • Also, you may be targeted even if your circumstances aren’t as above-It’s out of your control • You can control your actions and how you react to assessment and recruiting efforts. • Most foreign contacts are perfectly legitimate and well meaning • Be aware of situations out of the norm of regular business • Notify your FSO of suspicious contacts
THREAT AWARENESS AND DEFENSE • Foreign Threat • Economic – theft of technology and commerce • Classified information-solicitation for unauthorized disclosure • Intelligence-collection efforts • Conduct Risk Analysis • Who is targeting • What do they want • How do they get it
THREAT AWARENESS AND DEFENSE • Collection efforts • Elicitation • Eavesdropping • Surveillance • Theft • Interception
COLLECTION EFFORTS DEFINED • Elicitation-Subtle form of questioning where conversation is directed to collect information. Differs from interrogation and may be hard to recognize • Example of Elicitation: in a recent case, Ben-Ami Kadish, a government employee, turned over secrets to Israel. His handler, who also handled a spy name Pollard, smoothly convinced him to turn over documents to while appealing to Kadish’s sensibilities toward Israel’s security. Kadish only received small gifts and private dinners • Eavesdropping-Listening in to get information • Surveillance-Watching target while remaining discreet
INSIDER THREAT Robert Philip Hanssen • Suspicious Activities • Requests for information outside of need to know • Unauthorized reproduction of materials • Unauthorized removal/destruction of materials • Unexplained affluence • Regular, unexplained foreign travel • Maintains long hours in spite of job dissatisfaction Employees are required to report efforts by any individual to obtain illegal or unauthorized access to classified or sensitive information— This include proprietary information
THE REAL THREAT-INSIDERS • Very few news reports made of anyone breaking into a DoD contractor facility to crack or blow safes. Our threat stems from employee actions and how they respond to suspicious contacts. • Espionage of any type is a very draining process to the perpetrator. They are conflicted between loyalty, incentive and consequences. • Suspicious employee activities can take any form. It’s important to realize that these are just indicators and not confirmation. Your reporting is necessary to conduct an investigation or execute caution.
METHODS OF CONTACT • Fax • Snail Mail • E-mail • Telephone • Personal Contact • May seem innocent enough, but…. • Legitimate business requests will come through appropriate channels • Personal Contact: Asks about project specifics, whether or not classified or proprietary details • Email address originated in a foreign country
COUNTERMEASURES • Remain non-committal if approached • Report all suspicious activities to FSO • Practice smart information systems security • Escort visitors • Pay attention to surroundings • Secure building at the end of the day
COUNTERING COLLECTION EFFORTS • Don’t agree or disagree to a suspicious request. If you agree, you may find yourself under investigation. If you say “no”, the suspicious person may go to another target. Remain non-committal and report as many details as possible. • Have a strong visit control policy. Know where visitors are and how to identify them. Practice access control. • Secure work areas at the end of the day: • Lock safes • close and lock doors • clear desk and lock proprietary information in a file or desk drawer.
CONTENTS • Employee Responsibilities While Traveling • Threat Awareness and Defensive Information • Methods of Contact • Countermeasures • Test This briefing is designed to prepare you the “cleared employee” for overseas travel. You have responsibilities to protect our employees, product, customers and those we do business with while you are traveling
EMPLOYEE RESPONSIBILITIES • Notify FSO of travel plans • Ensure proper travel documentation • Protect export controlled technology and classified information • Visit the State Department website for up to date travel information www.state.gov
EMPLOYEE RESPONSIBILITIES • Notification to FSO includes travel plans for Canada, Mexico and Caribbean Countries • The state department website informs you of necessary travel documentation. Familiarize yourself with the site and use it to become an informed international traveler www.state.gov • Exports Compliance: Technical data can be transferred by reading a note, viewing a computer screen, conducting seminars and etc. Make sure you are authorized with a license and or TAA before discussing technical data that falls under exports compliance.
EMPLOYEE RESPONSIBILITIES • Maintain professional bearing • Remain in contact with host • Travel with others when possible • Display wealth as little as possible • Learn customs and courtesies of host country
EMPLOYEE RESPONSIBILITIES • Conduct yourselves as professionals at all times. Pretend you are travelling with the CEO (or title of highest ranking officer) as you represent the company • Stick with your host-They will ensure your safety and refer you to reputable establishments • Travel in a group to make yourself as unattractive target of opportunity
EMPLOYEE RESPONSIBILITY • Protect Privileged Information (Classified, Proprietary, For Official Use Only and Sensitive Information) While Traveling • This information includes: • Carryon baggage • Laptop computers • Conversations
EMPLOYEE RESPONSIBILITY • Company employees should bring a sanitized computer while on travel. You can almost guarantee that you will be separated from your laptop at some point during customs checks. A sanitized computer provides no threat of exports violations or theft of economic or corporate data. • Keep all information that could lead to export violations or the release of proprietary data close at hand. • Company employees cannot transport classified material across international borders.
THREAT AWARENESS AND DEFENSE • Foreign Threat • Economic Classified information • Intelligence • Conduct Risk Analysis • Who is targeting • What do they want • How do they get it
THREAT AWARENESS AND DEFENSE • Economic Threat– theft of technology and commerce. Foreign entities may target classified or company sensitive information to gain a competitive edge. This costs millions of dollars in damage to U.S. business • Intelligence Threat-Collection efforts against the U.S. to increase for government power and competitive edge.
THREAT AWARENESS AND DEFENSE • When conducting analysis of threat ask the following questions: • What do we have? • What is our technology, defense or economic product • What do they want? • The product the foreign entity or government have the most to gain • How can they get it? • Where are we vulnerable • What efforts can we take to prevent unauthorized disclosure? • Training • Recognizing the threat • How to react to the threat • Reporting • How and what to report