tag:blogger.com,1999:blog-52394744224255039312024-03-05T20:14:07.057-06:00Security Executive BlogInformation for the CIO, CSO, FSO, ISSO and other security professionals. Understanding NISPOM and ITAR compliance is tough. With over 12,000 cleared defense contractors, a majority of those don't have a security staff. We'll hope to help fill the gap. From security clearances to performing on classified contracts, you can find help here.jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.comBlogger482125tag:blogger.com,1999:blog-5239474422425503931.post-15460078305605456772022-04-02T09:51:00.005-05:002022-04-02T09:51:57.101-05:00Protecting CUI on work Computers<p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></p><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHnVq3jGNkMfxSgWg5vTGi1Cs_r_sLSe0gHggaNXmvBFYvyL0Iku8ITPKAOaQDhTsx9s3JOlwyr-OILbCzpy867fqTAadAjvxTZeZ-SEM1klj1F1ySUTk2pokoucrMVDCR2BSNgzPG6CrS_cRCdIios7r4BUMCzEZbwE_GMZyZaQ6zu5owbbjf2g/s3383/AdobeStock_297628715.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1903" data-original-width="3383" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHnVq3jGNkMfxSgWg5vTGi1Cs_r_sLSe0gHggaNXmvBFYvyL0Iku8ITPKAOaQDhTsx9s3JOlwyr-OILbCzpy867fqTAadAjvxTZeZ-SEM1klj1F1ySUTk2pokoucrMVDCR2BSNgzPG6CrS_cRCdIios7r4BUMCzEZbwE_GMZyZaQ6zu5owbbjf2g/s320/AdobeStock_297628715.jpeg" width="320" /></a></div><br /><br /></div><br />It’s a common practice to allow employees to use enterprise computers outside of the enterprise. This has become more common where employees are increasingly working at home. Though a common practice, these occurrences are not always best practices. Anytime an employee leaves work with a company computer, the expectation is that all information is vulnerable. Malware, ransom ware “supply chain attacks”, hacking and other threats are prevalent. In many cases this can be controlled through applying NIST standards and strong cybersecurity measures. This article will focus on limiting use of loaned laptops and not on technical cybersecurity application.<p></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">The organization should assign a strong risk assessment based on use prior to assigning company computers for at home use. This risk assessment should limit the information to be provided and for specific purposes. For example, if a user works on a specific project, then the laptop might only contain information for that specific use. The laptop removed for home use should not contain all information available unless that information is absolutely necessary. Even though there may be strong policy and cybersecurity requirements required by the organization, the CUI on the computer is still vulnerable to the whims of whether or not the employee will follow the guidance.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">A specific example of a common, but not best practice is providing a laptop to an employee for college use. In this case, the employee would take the provided laptop to college, home, and many places along the way. They may connect to wifi and choose not to use a VPN. This would leave any information stored on the laptop vulnerable to exploitation. The organization should also expect to have the any number of hacking, thieving, or destroying attacks. This is a high risk activity if the laptop contained CUI. However, a low risk if the laptop does not contain any information.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">The point is to control data, not the laptop. If assigning laptops for non business (but approved) use, it should be provided with only the information absolutely needed and with the right protections. Performing work with CUI should be limited to the CUI necessary to accomplish tasks and with the controls in place required to protect CUI. If assigned for non CUI tasks, such as college or professional development, no CUI should be on the computer.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Laptop issuing risk management should identify contingencies for which astute technology control officers, export compliance officers and security specialists plan. Sensitive, and protected technology should not be contained within computer and related media without proper permissions.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Consider following export controls and applying these best practices to the risk assessment. Export violation can occur within the U.S. borders.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Foreign governments want US Technology and aggressively seek it and defense contractors should make the information very difficult to get. Cyber hacking and supply chain attacks are increasing, calling for stronger controls. Relying on technical controls is not enough, often appointing too many resources for actions that don’t address the real threat. For example physical security efforts may focus on fortifying laptops with barriers, alarms, access control, and etc. These are important, but the employee may make information vulnerable when the first time they use public WIFI without first logging in to VPN for example. Risk assessments include technical controls AND limiting data to be used on the laptop. CUI is leaked through careless or malicious employee behavior or actions taken due to poorly understood responsibilities and security discipline.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Export compliance officers and Facility Security Officers should develop a culture within their organizations to prevent unauthorized disclosure of economic, classified or sensitive information. Such practices include destroying sensitive waste properly, locking all desk and cabinets drawers after work, and using access control to keep employees, vendors and non-US persons from accessing unauthorized areas.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Prior to removing any devices with CUI, employees should understand the risks. A defensive security briefing is for cleared employees who travel overseas and may be vulnerable to foreign entity recruiting methods. These or similar types of training could be tailored and given to all employees who remove information from the enterprise.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">If technical data and laptop computers will be removed from the organization, CUI and other sensitive information, export controlled information not under license or TAAs should be limited to the need to know to perform necessary work.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">If you need assista</span><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">nce with FSO or security training please contact me or visit my consulting site </span><a href="https://www.jeffreywbennett.com/" rel="noopener" style="background-color: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">www.jeffreywbennett.com</a><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">. Additionally, we have NISPOM fundamentals training perfect for studying and applying to your CDC facility. </span><a href="https://bennettinstitute.com/course/nispomfundamentals/" rel="noopener" style="background-color: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">https://bennettinstitute.com/course/nispomfundamentals/</a></p><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and training: <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM Fundamentals/FSO Training</a>" and <a href="https://www.redbikepublishing.com/nispom-training/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Cleared Employee Training</a>".Jeff is available to consult. <a href="https://www.jeffreywbennett.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Consulting Website</a>" </span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-66864328899194569952022-04-02T09:49:00.002-05:002022-04-02T09:49:58.008-05:00Security Training Topics For Cleared Defense Contractors<p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkHbp9FwcU8zQCDnALPFPQsZ94S_MPVI11Ue8DiJmQKpDaezgB0ncX4cAfE0n4p30WmwKLeE7qPl-1OzJXTthnYEErTFWkjHwZZoTdP1qkBvG-EFPjF2ATxJor0KF_A3KID8EkfSEFRBcAFoWs0tJl8wBe1Cr2w1s3AP0NE0uAAhHefpPlkChUVA/s6959/AdobeStock_320262349.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3856" data-original-width="6959" height="177" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkHbp9FwcU8zQCDnALPFPQsZ94S_MPVI11Ue8DiJmQKpDaezgB0ncX4cAfE0n4p30WmwKLeE7qPl-1OzJXTthnYEErTFWkjHwZZoTdP1qkBvG-EFPjF2ATxJor0KF_A3KID8EkfSEFRBcAFoWs0tJl8wBe1Cr2w1s3AP0NE0uAAhHefpPlkChUVA/s320/AdobeStock_320262349.jpeg" width="320" /></a></div><br />New cleared contractors should understand that the CDSE provides initial training and special briefings to their appointed Facility Security Officer (FSO). This training is invaluable as the new FSO will have a chance to learn about their responsibilities. Sometimes the new FSO will be learning for the first time exactly what is expected of them. After training, the FSO is then authorized to present the training to the organization’s cleared employees.<p></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">According to </span><a href="https://www.redbikepublishing.com/" rel="noopener" style="background-color: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">NISPOM</a><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">, the FSO is also required to attend the DSS mandated FSO Program Management Course within one year of appointment. This means that cleared contractors should be prepared to send a designated FSO to the DSS Academy for the training, or take the training on line. Either way, the FSO must be certified.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">CDSE provides new courses designed for FSOs of possessing and non-possessing facilities. FSOs should coordinate with their representative to determine the training that’s right for their situation. The training is designed to prepare the FSO to implement and direct a NISPOM based security program in their cleared contractor facility including, but not limited to the following topics:</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Protecting classified material – The proper receipt, accountability, storage, dissemination and destruction of classified material.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><a href="https://www.redbikepublishing.com/securityawareness/" rel="noopener" style="background-color: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Required training</a><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> – This instruction helps the FSO establish an ongoing training program designed to create an environment of security conscious cleared employees.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><a href="https://www.redbikepublishing.com/insidersguide/" rel="noopener" style="background-color: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Personnel security clearances</a><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> – The FSO gains an understanding of the personnel security clearance request procedure, briefing techniques and maintenance of personnel clearances.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Facility clearance – The FSO learns how FCLs are established and which records and activities are required to maintain the FCL.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Foreign Ownership Control and Influence (FOCI) – Organizations analyze foreign investments, sales and ownership on a regular basis using the Certificate Pertaining to Foreign Interests (SF 328). FSOs learn to interact with management and provide guidance and direction in preventing a foreign entity from unauthorized access to or controlling work involving classified and export controlled information.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Exports compliance and international operations –FSOs receive instruction on how to prevent unauthorized disclosure of critical technology, classified and export controlled information.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Restricted areas – The restricted area is established to control temporary access to classified material.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Closed areas – Space is approved to store and work with classified material. This involves approved construction and limited accesses controls to prevent unauthorized disclosure during and after work hours.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="noopener" style="background-color: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">Contract security classification specification (DD Form 254)<span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> </span></a><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">–The cleared contractor is allowed access to classified contracts based on the DD Form 254. The FSO would learns how the DD Form 254 is constructed and how to provide input to better meet security requirements.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Security classification guides (SCG) – As the DD Form 254 provides authorization to execute a classified contract, the SCG provides the “how to” instruction.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Security administration and records keeping – This teaches the maintenance of facility and personnel security clearance information as well as all other accountability. The FSO is expected to provide information on personnel clearances, original documentation of their facility clearance and demonstrate classified information accountability during the DSS annual security inspection.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Sub contracting – When approved to subcontract classified work, the prime contractor will provide a DD Form 254 to the subcontractor.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">The academy issues a certificate which should be filed for presentation during security audits. The FSO training should not end with this course. Career enhancing training is available through various security and management courses. More in depth online and residence training is available in each above mentioned topic. Other agencies may offer more training certification in special access programs, COMSEC, and intelligence protection. Other training is available in colleges, professional organizations, vendor websites, through books like this and within the security community.</span></p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;"> </p><p style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; background-color: transparent; border: 0px; box-sizing: border-box; caret-color: rgb(102, 102, 102); color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: auto; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; vertical-align: baseline; white-space: normal; widows: auto; word-spacing: 0px;">You can find study recommendations, practice questions and NISPOM links at <a href="https://www.redbikepublishing.com/ispcertification/" rel="noopener" style="background-color: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">https://www.redbikepublishing.com/ispcertification/</a><span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> </span>and<span style="background-color: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> </span><a href="https://bennettinstitute.com/course/ispisoctipis/" rel="noopener" style="background-color: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; vertical-align: baseline;" target="_blank">https://bennettinstitute.com/course/ispisoctipis/</a></p><br /><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and training: <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM Fundamentals/FSO Training</a>" and <a href="https://www.redbikepublishing.com/nispom-training/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Cleared Employee Training</a>".Jeff is available to consult. <a href="https://www.jeffreywbennett.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Consulting Website</a>" </span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-55705367930719271352022-04-02T09:38:00.002-05:002022-04-02T09:38:19.612-05:00Security Clearance and Foreign Employment<p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> </span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZqPMGquhP9UaD-bTAg_yiO87Ad1Z3X16t6vciwk_liM-lr8-2FIc2vd4MIuGINQhadxLCkmUL06owkmDd4KXxZVDxNFJsKZjPo034yGOcHZWHc6R8oL4ML-Znl4qMtZeEaGyGAjHLo1ywPnTU-hJ8FuvCud8cRsho3t4fDhbuHk5rvunSV6jc6Q/s980/1iStock_000007768114Large-980x968.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="968" data-original-width="980" height="316" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZqPMGquhP9UaD-bTAg_yiO87Ad1Z3X16t6vciwk_liM-lr8-2FIc2vd4MIuGINQhadxLCkmUL06owkmDd4KXxZVDxNFJsKZjPo034yGOcHZWHc6R8oL4ML-Znl4qMtZeEaGyGAjHLo1ywPnTU-hJ8FuvCud8cRsho3t4fDhbuHk5rvunSV6jc6Q/s320/1iStock_000007768114Large-980x968.jpeg" width="320" /></a></div><br /><p></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">I’ve recently received many emails from people who are curious about<span> </span><a data-et-has-event-already="true" href="https://www.redbikepublishing.com/insidersguide/" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">security clearances</a><span> </span>and working for foreign owned companies. Though the volume of those questions have increased, I guess the topic is no longer surprising in content as it could have been many years ago.</span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"> </p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Many years ago, we might automatically assume that working for a foreign owned company would be indicative of highly questionable practices, but maybe not any longer. </span></span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Things have changed. More foreign owned companies are opening doors in the U.S. Internet opportunities open doors to employment. Working for foreign companies provides new opportunities regardless of boarders such as: investment, teleworking, and creative content services that allow artists to bid on customer jobs have made this more of a possibility. </span></span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">But the questions have been pretty vague and hard to answer. </span></span></p><ul style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; line-height: 26px; list-style: disc; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 23px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" face="georgia" size="6" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: xx-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Am I allowed to work for a foreign company if I have a security clearance?</span></li><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" face="georgia" size="6" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: xx-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Will I be able to get a security clearance if I work for a foreign company?</span></li></ul><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"> </p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">The questions are vague because there are so many scenarios that the questions can reflect. Some scenarios include:</span></span></p><ul style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; line-height: 26px; list-style: disc; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 23px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" face="georgia" size="6" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: xx-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">You are currently employed by a cleared defense contractor and have a security clearance and want to quit and work for a foreign owned company, and would one day like to return to working with a clearance. This scenario is very risky as you could lose out on future employment, but can be mitigated.</span></li><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" face="georgia" size="6" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: xx-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">You do not have a security clearance, but may one day like to work on classified contracts in some capacity. However you want to apply to work for a foreign owned company. This scenario is less risky because you have nothing to lose other than the possibility of getting a clearance “one day”.</span></li></ul><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"> </p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">There are many other scenarios and reasons describable and all are different and my answer would be, “It depends on the scenario”. Additionally, it may depend on the security clearance level such as SECRET, TOP SECRET SCI, etc.</span></span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">The bottom line is, can you be entrusted with national secrets because of employment with a foreign owned company? Having a security clearance is a very important responsibility. The security clearance holder is responsible for<a data-et-has-event-already="true" href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank"><span> </span>protecting classified information and supporting the security program</a><span> </span>to protect that classified data. </span></span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">This opportunity is based on the adjudication process. Security clearance award is provided after the adjudication of the investigation results. Allegiance to the United States and Foreign Influence are two very important considerations that would have to be addressed prior to awarding the security clearance.</span></span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span data-keep-original-tag="false" face="georgia" size="5" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: x-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 24px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">There are many ways to adjudicate risks under Allegiance to the United States, Foreign Influence and other adjudicative criteria. There are no automatic answers to these questions since it depends on the situation. Get all the facts prior to taking on such a job, determine your risk level, and develop a strategy to mitigate the risk to your security clearance. </span></span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" face="georgia" size="6" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: xx-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">If you have questions about this or other security clearance topics, visit my consulting site<span> </span></span><a data-et-has-event-already="true" href="https://www.jeffreywbennett.com" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;">https://www.jeffreywbennett.com</a><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" face="georgia" size="6" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: xx-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span> </span>or email me at<span> </span></span><a data-et-has-event-already="true" href="mailto:editor@redbikepublishing.com" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;">editor@redbikepublishing.com</a><span color="rgba(0, 0, 0, 0.75)" data-keep-original-tag="false" face="georgia" size="6" style="background: transparent; border: 0px; box-sizing: border-box; font-family: georgia; font-size: xx-large; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> <br /></span></p><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and training: <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM Fundamentals/FSO Training</a>" and <a href="https://www.redbikepublishing.com/nispom-training/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Cleared Employee Training</a>".Jeff is available to consult. <a href="https://www.jeffreywbennett.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Consulting Website</a>" </span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-60861355600465120172022-04-02T09:36:00.002-05:002022-04-02T09:36:09.533-05:00Three Ways FSOs can Impact the Cleared Defense Contractor<p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #555555; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 700; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> </span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfQYAZl7XMAmbFZtcGBONJTvTZ1wuxMt6H5eSB2sf2069QQz7tv9UfQCe-mZW6WFjl6nxsMvCpt5YWSXoKJ8P9aj0iDfFmHs_NPzVORuwVyH76E4YigPRPsqpPm0rtLOa1SM6a9HAp0Txlmjul9AlhQZjwbRhUl5PJ-jHi5Inz-qlTVFattXUPUw/s1400/GettyImages-619411950.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="933" data-original-width="1400" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfQYAZl7XMAmbFZtcGBONJTvTZ1wuxMt6H5eSB2sf2069QQz7tv9UfQCe-mZW6WFjl6nxsMvCpt5YWSXoKJ8P9aj0iDfFmHs_NPzVORuwVyH76E4YigPRPsqpPm0rtLOa1SM6a9HAp0Txlmjul9AlhQZjwbRhUl5PJ-jHi5Inz-qlTVFattXUPUw/w457-h304/GettyImages-619411950.jpeg" width="457" /></a></div><br /><p></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #555555; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 700; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">The Facility Security Officer’s (FSO) successful program depends on developing relationships with employees, managers and executives to facilitate execution of company policies, necessary security awareness training, willful employee self-admittance of security infractions or change of status, and proactive action toward expired, existing and future classified contracts. Any of the above mentioned success measures is difficult to obtain in a changing employee and contract environment, but is simplified through employee and executive buy-in.</span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #555555; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 700; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">How to do this:</span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #555555; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 700; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">The following 3 points pave the way for a successful security program.</span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #555555; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 700; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">1. Gain executive, manager and work force buy-in. This can be accomplished by first demonstrating a sound understanding of company mission, classified contract requirements and providing sound security policy. Cross cultural buy-in is critical for integrating the security plan into all business units and company operations.</span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #555555; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 700; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">2. Become the “go to” person for all new security challenges. The FSO doesn’t need to be involved in every decision made by cleared employees. However, if it involves a procedural change or the degradation in security, contacting the FSO should be an automatic response. Become recognized as not only and expert at </span><a href="https://www.redbikepublishing.com/nispom" rel="noopener" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">NISPOM</a><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> compliance, but a part of the team. This will help ensure that all units within an enterprise notify the FSO of any change in disposition of classified material storage. This integrated system will trigger the contracts, program manager, business development and other units to coordinate with the FSO and keep the FSO informed of expired, current, and future contract opportunities and responsibilities.</span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #555555; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 700; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">3. Create a budget based on mission and NISPOM compliance. An obviously important task is to direct the security program to protect classified information. But this is not to be assumed at all costs. Even NISPOM identifies the need to apply using economically feasible solutions. The FSO’s task should be to have an award winning program while supporting the company’s primary mission; to make money. The FSO owes allegiance to protecting nation’s secrets, but will not be able to do so if the company profits go straight into the security budget. Do this by becoming a good steward of company resources and develop policy that corresponds with the mission.</span></p><ol style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #555555; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 700; letter-spacing: normal; line-height: 26px; list-style: inside decimal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 23px; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">More tips can be found in the book “</span><a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="noopener" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">”</span></li></ol><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and training: <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM Fundamentals/FSO Training</a>" and <a href="https://www.redbikepublishing.com/nispom-training/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Cleared Employee Training</a>".Jeff is available to consult. <a href="https://www.jeffreywbennett.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Consulting Website</a>" </span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-6289520074944471982022-04-02T09:34:00.000-05:002022-04-02T09:34:10.430-05:00Impactful ways to augment security awareness training<p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> <br /></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj96ebS1NulOMO_JoPYhfcTWr4RkYu-FpLDFTLPu56NRajhOxph5eGkqRvVafKm1Ro84ZcusDQIyOvmyAc2L0IDS-_WtyvMMA0GW5-ZUHMuoCRHQduz7v8df1JvhH4Qx-PPvSPqWP2Ai8JG6FST7qY2-9fiIvPL2Mhgm0YNCE7TaQbPo6OAx0PnBw/s980/AdobeStock_106074035-980x540.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="540" data-original-width="980" height="315" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj96ebS1NulOMO_JoPYhfcTWr4RkYu-FpLDFTLPu56NRajhOxph5eGkqRvVafKm1Ro84ZcusDQIyOvmyAc2L0IDS-_WtyvMMA0GW5-ZUHMuoCRHQduz7v8df1JvhH4Qx-PPvSPqWP2Ai8JG6FST7qY2-9fiIvPL2Mhgm0YNCE7TaQbPo6OAx0PnBw/w572-h315/AdobeStock_106074035-980x540.jpeg" width="572" /></a></div><br /><p></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> </span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">When Defense Counterintelligence and Security Agency (DCSA) conduct reviews of cleared defense contractor facilities, they go with a purpose. Their first priority may be to conduct a risk assessment of classified information in the contractor’s possession. However, they are also looking at above and beyond metrics that demonstrate the commitment to national security. These above and beyond attributes are often recorded and rewarded. Here are some ideas Facility Security Officers can employ to demonstrate above and beyond </span><a href="https://www.redbikepublishing.com/nispom/" rel="noopener" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">NISPOM</a><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> application. Some of the suggested ideas include:</span></p><ul style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; line-height: 26px; list-style: disc; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 23px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Security fairs-Security fairs are great ways to demonstrate the added value security provides to the cleared defense contractors. The FSO can set up designated booths that functions to provide security solution and awareness. For some examples include:</span></li><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Document wrapping booth to demonstrate how to properly mark and wrap classified packages. You can take the opportunity to brief courier and other classified transport opportunities.</span></li><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Fingerprint booth-As FSO I ordered children’s finger print cards. When we had a company picnic, I invited all the parents to come by to get their children fingerprinted. I then turned the completed cards back to the parents for safe keeping. This provided a service to the company and helped establish personal and working relationships.</span></li><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Document destruction-You can extend shredding and destruction services to employees. Invite them to bring in personal information such as financial records and shred them on site. If you have a vendor that provides the service for you, they many offer to do so in support of the security fair. While there, you can relay the importance of protecting and properly destroying classified, export controlled and privacy information.</span></li><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Interactive designated security focused weeks-You can implement great security training by having theme weeks. For example, you can designate one week for information security, one week for personnel security, one week for general security and etc. During the focus weeks, you can provide educational emails, letters, posters or announcements with the relevant security reminders or training.</span></li><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Security lunch events-I worked with a company that initiated a “lunch with the FSO”. The FSO reserved a conference room, carved out time in his schedule, and invited subject matter security experts to sit on a board. Every employee was extended an invitation to attend the monthly events. The FSO opened the meeting with any updates or reminders of security policy and invited the attendees to ask questions of the subject matter experts.</span></li><li style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Hosting guest speakers on security related topics –There are great resources that the FSO can call on to provide guest speakers. Fellow members of professional organizations may be happy to help. You can enlist fellow professionals to talk about </span><a href="https://www.redbikepublishing.com/itar/" rel="noopener" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">International Traffic in Arms Regulation (ITAR)</a><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> compliance or how to escort foreign visitors or other subject matter expert to on any topic appropriate for your company. You can contact a vendor to talk about their security related products or bring in a paid speaker or consultant. Also, don’t forget counter intelligence agencies, DSS or the FBI’s domain coordinators who may be available for such occasions. You might even consider inviting an </span><a href="https://www.redbikepublishing.com/ispcertification/" rel="noopener" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">Industrial Security Professional (ISP) or Industrial Security Oversight (ISOC)</a><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> certified guest speaker to discuss the value of hiring employees board certified to protect classified information.</span></li><li class="paragraph-spacing-none" style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Webinars-More and more training is being conducted on line. Professional organizations have such material available to paid members, DSS has a catalog of tons of training, and there is lots of free training available online. There are also great vendors who provide training software and hosting for company developed online training. Additionally, many vendors offer already developed online </span><a href="https://bennettinstitute.com/" rel="noopener" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">NISPOM training</a><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> perfect for sending to your employees.</span></li></ul><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px 0px 1em; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">Be sure to visit </span><a href="https://www.redbikepublishing.com/" rel="noopener" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">Red Bike Publishing</a><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;"> for books and training.</span></p><p style="-webkit-text-stroke-width: 0px; background: rgb(255, 255, 255); border: 0px; box-sizing: border-box; color: #666666; font-family: "Open Sans", Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-caps: normal; font-variant-ligatures: normal; font-weight: 500; letter-spacing: normal; margin: 0px; orphans: 2; outline: 0px; overflow-wrap: break-word; padding: 0px; text-align: left; text-decoration-color: initial; text-decoration-style: initial; text-decoration-thickness: initial; text-indent: 0px; text-size-adjust: 100%; text-transform: none; vertical-align: baseline; white-space: normal; widows: 2; word-spacing: 0px;"><span style="background: transparent; border: 0px; box-sizing: border-box; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-size-adjust: 100%; vertical-align: baseline;">If you have questions, visit Jeff’s website: </span><a href="https://jeffreywbennett.com/nispomservices/" rel="noopener" style="background: transparent; border: 0px; box-sizing: border-box; color: #2ea3f2; font-size: 14px; margin: 0px; outline: 0px; padding: 0px; text-decoration: none; text-size-adjust: 100%; vertical-align: baseline;" target="_blank">jeffreywbennett.com</a></p><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and training: <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM Fundamentals/FSO Training</a>" and <a href="https://www.redbikepublishing.com/nispom-training/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Cleared Employee Training</a>".Jeff is available to consult. <a href="https://www.jeffreywbennett.com/" rel="nofollow noopener" style="background: transparent none repeat scroll 0% 0%; border: 0px none; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Consulting Website</a>" </span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-76735620924322188492021-04-24T09:16:00.001-05:002021-04-24T09:16:24.570-05:00Security clearance eligibility and working for foreign companies<p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);"></span></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: georgia; font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjn39KGv-put6S2ZrLqaKgAZUy44Dh4Mt7LbFqiDchn65cMjfbRWNWB_1yMXvb71XzLrLAeurF6zpyJlQT9hPvv1pZnz2DiWeC_KtJf4cvWRBRejU0Q1AqpyrxV1VqiZOk36oNMYQZ9Yw/s800/technology.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="585" data-original-width="800" height="468" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjn39KGv-put6S2ZrLqaKgAZUy44Dh4Mt7LbFqiDchn65cMjfbRWNWB_1yMXvb71XzLrLAeurF6zpyJlQT9hPvv1pZnz2DiWeC_KtJf4cvWRBRejU0Q1AqpyrxV1VqiZOk36oNMYQZ9Yw/w640-h468/technology.jpg" width="640" /></a></span></div><span style="font-family: georgia; font-size: large;"><br />I've recently received many emails from people who are curious about <a href="https://www.redbikepublishing.com/insidersguide/" target="_blank">security clearances</a> and working for foreign owned companies. Though the volume of those questions have increased, I guess the topic is no longer surprising in content as it could have been many years ago.</span><p></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);">Many years ago, we might automatically assume that working for a foreign owned company would be indicative of highly questionable practices, but maybe not any longer. </span></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);">Things have changed. More foreign owned companies are opening doors in the U.S. Internet opportunities open doors to employment. Working for foreign companies provides new opportunities regardless of boarders such as: investment, teleworking, and creative content services that allow artists to bid on customer jobs have made this more of a possibility. </span></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);">But the questions have been pretty vague and hard to answer. </span></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"></p><ul style="text-align: left;"><li><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;">Am I allowed to work for a foreign company if I have a security clearance?</span></li><li><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;">Will I be able to get a security clearance if I work for a foreign company?</span></li></ul><p></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);">The questions are vague because there are so many scenarios that the questions can reflect. Some scenarios include:</span></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"></p><ul style="text-align: left;"><li><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;">You are currently employed by a cleared defense contractor and have a security clearance and want to quit and work for a foreign owned company, and would one day like to return to working with a clearance. This scenario is very risky as you could lose out on future employment, but can be mitigated.</span></li><li><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;">You do not have a security clearance, but may one day like to work on classified contracts in some capacity. However you want to apply to work for a foreign owned company. This scenario is less risky because you have nothing to lose other than the possibility of getting a clearance "one day".</span></li></ul><p></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);">There are many other scenarios and reasons describable and all are different and my answer would be, "It depends on the scenario". Additionally, it may depend on the security clearance level such as SECRET, TOP SECRET SCI, etc.</span></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);">The bottom line is, can you be entrusted with national secrets because of employment with a foreign owned company? Having a security clearance is a very important responsibility. The security clearance holder is responsible for<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" target="_blank"> protecting classified information and supporting the security program</a> to protect that classified data. </span></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);">This opportunity is based on the adjudication process. Security clearance award is provided after the adjudication of the investigation results. Allegiance to the United States and Foreign Influence are two very important considerations that would have to be addressed prior to awarding the security clearance.</span></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75);">There are many ways to adjudicate risks under Allegiance to the United States, Foreign Influence and other adjudicative criteria. There are no automatic answers to these questions since it depends on the situation. Get all the facts prior to taking on such a job, determine your risk level, and develop a strategy to mitigate the risk to your security clearance. </span></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;">If you have questions about this or other security clearance topics, visit my consulting site </span><a href="https://www.jeffreywbennett.com" style="caret-color: rgba(0, 0, 0, 0.75); font-family: georgia;">https://www.jeffreywbennett.com</a><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;"> or email me at </span><a href="mailto:editor@redbikepublishing.com" style="caret-color: rgba(0, 0, 0, 0.75); font-family: georgia;">editor@redbikepublishing.com</a><span style="caret-color: rgba(0, 0, 0, 0.75); color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;"> </span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background-color: transparent; background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background-color: transparent; background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. </span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background-color: transparent; background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>"</span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">"<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background-color: transparent; background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>"</span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">"<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background-color: transparent; background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p"</span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> and training: </span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background-color: transparent; background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM Fundamentals/FSO Training</a></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><a href="https://www.redbikepublishing.com/nispom-training/" rel="nofollow noopener" style="background-color: transparent; background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Cleared Employee Training</a></span></p><p style="background-color: white; background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Jeff is available to consult. <a href="https://www.jeffreywbennett.com/" rel="nofollow noopener" style="background-color: transparent; background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Consulting Website</a>" </span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-43169629192399307682021-04-21T08:16:00.002-05:002021-04-21T08:16:42.256-05:00Cleared Defense Contractor Performance and How to Protect Classified Information Fundamentals By: Jeffrey W. Bennett, SAPPC, SFPC, ISOC, ISP<p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"> </span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: georgia; font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpD7P74LS9U8AvtYy7yaky4COwB5EYIArBY8zdXjaFdMqkQKaS2u4YTVCRbyjyahz8E4YmpB6VuuF2e4ui0WVjOjtLqamWhaCgRtJaygDxXkE-u4Vd99ItGpSsoN7jh9u6Oo13bj94fA/s7922/AdobeStock_271715382.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="4000" data-original-width="7922" height="324" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpD7P74LS9U8AvtYy7yaky4COwB5EYIArBY8zdXjaFdMqkQKaS2u4YTVCRbyjyahz8E4YmpB6VuuF2e4ui0WVjOjtLqamWhaCgRtJaygDxXkE-u4Vd99ItGpSsoN7jh9u6Oo13bj94fA/w640-h324/AdobeStock_271715382.jpeg" width="640" /></a></span></div><span style="font-family: georgia; font-size: large;"><br />Cleared Defense Contractors use classified information during performance of contracts. The Department of Defense makes the rules and governs how the classified contractors protect classified material. The Federal Government has published a policy appropriately titled: The National Industrial Security Program Operating Manual (<a href="https://www.redbikepublishing.com/nispom/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank">NISPOM</a>). This page turner is sponsored by the Presidential Executive Order (E0)12829 for the protection of information classified under E.O. 12958, As Amended. Having poured over both publications and the updates, I can confidently assure you that they take this business very seriously.</span><p></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"> When specific work declares performance objectives on classified efforts, provisions of the applicable DD Form 254 and Security Classification Guide (SCG) shall govern. Both the DD 254 and SCG spell out what specific work a contractor can and cannot perform, what exactly is classified and how to protect it. Both of these documents not only should be available prior to execution but read and understood by all performing employees.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"> Classified information is marked with CONFIDENTIAL, SECRET and TOP SECRET designations and must be afforded protection at the appropriate level. For example, unauthorized disclosure of CONFIDENTIAL information could reasonably be expected cause damage; SECRET could reasonably be expected to cause serious damage; and TOP SECRET could reasonably be expected to cause exceptionally grave damage to national security. Prior to discussing or providing classified data, cleared employees are required to ascertain the receiving party’s clearance level and need-to-know. </span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"> Facility security officers and industrial security professionals should develop measures to safeguard classified information at the highest level indicated. Employees should be trained to perform on these contracts based on NISPOM Guidance. This training includes:</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><a href="https://www.redbikepublishing.com/sf312/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank"><span style="font-family: georgia; font-size: large;">Non Disclosure Agreement (SF 312)</span></a></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><a href="https://www.redbikepublishing.com/derivative/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank"><span style="font-family: georgia; font-size: large;">Derivative Classifier</span></a></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><a href="https://www.redbikepublishing.com/securityawareness/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank"><span style="font-family: georgia; font-size: large;">Security Awareness Initial and Annual Refresher</span></a></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><a href="https://www.redbikepublishing.com/insiderthreat/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none; white-space: pre-wrap;" target="_blank">Insider Threat</a>Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-54513422326958705342021-04-21T08:13:00.001-05:002021-04-21T08:13:11.049-05:00Controlled Unclassified Information<p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: georgia; font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAU3wE3l9VlcaFOdB4U9riMdHIWTo05x7MjoHCLqQZDkBE0rRG1j47zdX-Z7m6_4uIvNlgU6LgJYt5olrxlY1JuN2MYPiz9FR45Zzu93TWfPqTCrMd1NAdTOzSEJ_SKkiz1WZZTzSMzQ/s800/computer+security.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="534" data-original-width="800" height="428" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAU3wE3l9VlcaFOdB4U9riMdHIWTo05x7MjoHCLqQZDkBE0rRG1j47zdX-Z7m6_4uIvNlgU6LgJYt5olrxlY1JuN2MYPiz9FR45Zzu93TWfPqTCrMd1NAdTOzSEJ_SKkiz1WZZTzSMzQ/w640-h428/computer+security.jpg" width="640" /></a></span></div><span style="font-family: georgia; font-size: large;"><br />A buzz is sweeping the security community since the industry has been notified of the recent updates to DoD's CUI program based on the presidential memorandum with the subject, <em style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;">Designation and sharing of Controlled Unclassified Information (CUI)</em>. This memorandum implements a program designed to encourage the speedy sharing of information to those authorized and to better protect the information, privacy and legal rights of Americans. The CUI program is designed to promote proper safeguarding and dissemination of unclassified information. </span><p></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"> Many readers may be familiar with the program CUI has replaced. Sensitive But Unclassified (SBU) information had enjoyed protection to a certain level but was not conducive to the necessary information sharing. Controlled Unclassified Information (CUI) directives provide procedures for a more appropriate Information Sharing Environment.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"> CUI is a designation of unclassified information that does not meet the requirements of Executive Order 12958, as amended (Classified National Security Information). However the protection is necessary for national security or the interests of entities outside the Federal Government. The unclassified information also falls under the law or policy advocating protection from unauthorized disclosure, proper safeguarding and limiting dissemination. Though not a classification, the controls in place may prove to require significant administrative action.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"> Designation of CUI can only be based on mission requirements, business prudence, legal privilege, protection of personal or commercial rights, safety or security. Finally, as with the classified information, sensitive information cannot be labeled CUI for the purposes of concealing violation of law, inefficiency, or administrative error. The designation cannot be used to prevent embarrassment to the Federal Government or an official, organization or agency, improperly or unlawfully interfere with competition in the private sector or prevent or delay the release of information that does not require such protection.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"> What does this mean for affected businesses and government agencies? Be prepared to implement the program to allow for proper storage and dissemination, and provide required CUI training. This requires the ability to properly mark the material or provide proper warning before discussing the information. Things to think about include: training employees, developing mail, fax, email and reception procedures, and ordering marking supplies. Also, keep information technology and other business units in the loop of communication. They will need to provide the right support at the right time.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-10641692356920132262021-03-31T18:34:00.001-05:002021-03-31T18:34:14.768-05:00What Defense Contractors Should Consider Before Appointing FSOs<p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 0px;"><span style="font-size: large;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyRDF51MqrVg7taNFL_35gZk3IWO5k_tGsF7TWKAzLUbnNwlQ7wgBkaaLAZUCEPfLdI1np5Wgd5SoqUpzcS96QjI1tRUFIgOJ0Lz49gbOoztgw8XDQ7Abs8SPD-vWjAIjRATn_HkQs2Q/s7833/AdobeStock_106074035.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="4318" data-original-width="7833" height="352" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyRDF51MqrVg7taNFL_35gZk3IWO5k_tGsF7TWKAzLUbnNwlQ7wgBkaaLAZUCEPfLdI1np5Wgd5SoqUpzcS96QjI1tRUFIgOJ0Lz49gbOoztgw8XDQ7Abs8SPD-vWjAIjRATn_HkQs2Q/w640-h352/AdobeStock_106074035.jpeg" width="640" /></a></span></div><span style="font-size: large;"><br /><span style="color: #666666;"><br /></span></span><p></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 0px;"><span style="font-size: large;"><span style="color: #666666;"><br /></span></span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 0px;"><span style="font-size: large;"><span style="color: #666666;">Becoming a cleared defense contractor (CDC) demands more than just a defense contractor getting a security clearance and performing on </span><a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" style="color: #666666;" target="_blank">classified contracts</a><span style="color: #666666;">. It's more to do with, what to do once the clearance is awarded; specifically, protecting classified information. This protection involves physical, classified processing, and information security. It's more than just buying safes, installing access controls and getting employees security clearances. Primarily, the CDC must appoint a Facility Security Officer (FSO) responsible for implementing a program to protect classified information.</span></span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"><span style="color: #666666;">To better answer frequently asked questions, I've written several times on the topic of selecting the right Facility Security Officer (FSO) qualifications. According to the N</span><a href="https://www.redbikepublishing.com/nispom/" style="color: #666666;" target="_blank">ational Industrial Security Program Operating Manual (NISPOM)</a><span style="color: #666666;">, the FSO must be a US Citizen and be cleared to the level of the facility (security) clearance (FCL); period. This provides a lot of room for a cleared facility to figure out how to get the job done. However, in the book, </span><a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" style="color: #666666;" target="_blank"><strong><em>How to Get U.S. Government Contracts and Classified Work</em></strong></a><span style="color: #666666;">, the author identifies what additional qualifications cleared contractors should recognize prior to appointing or hiring the FSO.</span></span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="color: #666666;"><span style="font-size: large;">Primarily, the FSO should understand how to protect classified information as it relates to the cleared contract, organizational growth, enterprise goals, and NISPOM guidance. The FSO should be able to conduct a risk analysis, express the cost, benefits and impact of supporting a classified contract under the NISPOM requirements and incorporate an environment of cooperation and compliance within the enterprise. Finally, they should be able to influence and compel the senior leaders to make good decisions, support compliance and integrate security into the corporate culture. After all, security violations not only cause damage to national security, but could also impact the organization with loss of contracts. The FSO is pivotal to the successful execution of classified contracts.</span></span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="color: #666666;"><span style="font-size: large;">In larger cleared contractor organizations the FSO is a full time job held by a department manager or higher. This FSO is supported by a staff of security specialists who may manage classified contract administration, safeguarding classified documents, process classified information on information systems, security clearances and other disciplines. The FSO oversees the entire security program as executed by the competent staff. In a best case scenario, they will report to the senior officer of the organization.</span></span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="color: #666666;"><span style="font-size: large;">In small business the FSO may be the owner, chief officer, vice president or other senior leader picking up an additional responsibility. This is more of a situation of selecting the most knowledgeable, capable or competent and is usually the best choice. However, these people are already very busy trying to meet cost, scheduling and performance objectives. They may be able to implement and direct a security program to protect classified information, but not the day to day job functions that can pull them away from critical tasks. Jobs such as document control, visit authorization requests, security clearance requests and etc can be delegated to other competent, organized and less busy employees.</span></span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"><span style="color: #666666;">When competing for classified contracts, the winning company must be eligible to receive a security clearance. Prior to performing on the contract, they should have a facility </span><a href="https://www.redbikepublishing.com/insidersguide/" style="color: #666666;" target="_blank">security clearance</a><span style="color: #666666;"> in place and appoint an FSO. The FSO is responsible for the security program, but not necessarily solely responsible for executing the day to day activities. Just as FSOs in large organizations have a staff of employees, the FSO of small organizations should delegate day to day activities to competent cleared employees.</span></span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><span style="color: #666666; font-family: sans-serif;">If you need assistance with FSO or security training please contact me. Additionally, we have NISPOM fundamentals training perfect for studying and applying to your CDC facility. </span><a href="https://bennettinstitute.com/course/nispomfundamentals/" style="color: #666666; font-family: sans-serif;" target="_blank">https://bennettinstitute.com/course/nispomfundamentals/</a></span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><br /></span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-45888803276164675372021-03-31T18:32:00.000-05:002021-03-31T18:32:01.948-05:00It's always the insider who steals the classified information. <p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 0px;"><span style="font-size: large;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzRrOex7HrqI4cF8eLYQLCKnbTl320zY_XwO7I1ZvrAomgVv7VcSCAiu0yBpdyzQKktqyTVA6ZHvQuhLGHeN-RIe9-TZdL2nqh__ivlnQH_P7th2SX1A6rZJXghDCf4GV6pex6WL8Zyg/s3000/dreamstime_l_20753741.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2250" data-original-width="3000" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzRrOex7HrqI4cF8eLYQLCKnbTl320zY_XwO7I1ZvrAomgVv7VcSCAiu0yBpdyzQKktqyTVA6ZHvQuhLGHeN-RIe9-TZdL2nqh__ivlnQH_P7th2SX1A6rZJXghDCf4GV6pex6WL8Zyg/w640-h480/dreamstime_l_20753741.jpg" width="640" /></a></span></div><span style="font-size: large;"><br />A former engineer with Boeing Company has pleaded guilty to possessing classified information in an unauthorized location. Does anyone want to guess where? Yes, that’s right, his house. He thought he could take the information home with him and work on it there. You can read more about the information in the article <a href="https://www.dailynews.com/2008/07/02/boeing-engineer-is-found-guilty/" style="color: #7f7f7f;" target="_blank">Boeing Engineer is found guilty.</a></span><p></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> While many security managers are focused on good training and may think that they have it all under control, don’t rest just yet. Chances are that the involved engineer is not the only one breaking the rules of safeguarding classified material. Those who work on <a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" style="color: #7f7f7f;" target="_blank">classified contracts</a> need to be reminded again and again how to do so while following the laws of our country.</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Let’s break this case down. Engineer has access to computer processing. He then downloads the information to a data stick and brings it home with him. Though he probably meant no harm, his actions created tons of it and he will be punished for it. This is an example of an insider threat with out malicious intent. Regardless of intent, his actions caused a lot of harm.</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Chances are, he had attended and understood all security awareness training events. His former employer probably had warning signs and controls in place to remind the engineer of the proper use of classified IT. The FSO probably followed <a href="http://www.redbikepublishing.com/" style="color: #7f7f7f;" target="_blank">NISPOM</a> requirements to perform random checks, control classified processing, account for classified material and all actions necessary to prevent unauthorized disclosure. However, he still got through. </span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> This serves to remind security professionals to be creative in their risk analysis. This involves thinking like those you support and answering questions like the following: How could an employee sneak or inadvertently remove classified material? Are there any ways to remove, copy, destroy or disclose information without leaving a trail? Can employees be duped into releasing classified, export controlled or proprietary information at a convention?</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Find the answers and address them as soon as possible. For example, our engineer downloaded classified information on a data stick. FSOs could return to policies of two person rules for all tasks requiring the use of classified material, or require each employee to verify verbally that they do not have cameras, data sticks, or recording devices before entering facilities.</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> CDCs have the tough job of protecting classified material while under their control. While many may feel they are in the business alone, professionals create an environment including the whole company in the plan and activities of protecting our nation’s secrets.</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Update: More recently a former military officer and Pentagon employee has been sentenced for providing classified information to a Chinese national. Though this happened in a U.S. Government facility, lessons can apply to FSOs. For example, how do you control the movement of classified information? Establishing an Information Management System as required by NISPOM plays a big role. With an established IMS, the CDC can help control the duplication, removal, destruction and any status of classified information. An effective IMS coupled with limiting removable data recorders and providing random searches makes unauthorized use of classified information very difficult. </span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;">Take time to train cleared employees, not only on how to perform specifically on the contract, but how to do so while protecting the classified information. A focus on the right type of performance training plus the <a href="https://www.redbikepublishing.com/nispom-training/" style="color: #7f7f7f;" target="_blank">insider threat, security awareness and derivative classifier training </a>should provide the perfect package to help counter the insider threat to classified information.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-89834732967517147222021-03-31T18:30:00.002-05:002021-03-31T18:30:15.626-05:00The fundamentals of protecting classified information and NISPOM<p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 0px;"><span style="font-size: large;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggo9IGuf-3p_duvnYugeI-lejGh3gHJlXb5MFj8PaaW7uEWeMm0J49T3Gy_tP7R2IBUd3cEn-xh8epxj7DEAh331PmHVIG5A09ojnT8sFSVMOSpoTrlmIn9d9Wn9AhnEPzYulKzop1EA/s800/computer+security.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="534" data-original-width="800" height="428" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggo9IGuf-3p_duvnYugeI-lejGh3gHJlXb5MFj8PaaW7uEWeMm0J49T3Gy_tP7R2IBUd3cEn-xh8epxj7DEAh331PmHVIG5A09ojnT8sFSVMOSpoTrlmIn9d9Wn9AhnEPzYulKzop1EA/w640-h428/computer+security.jpg" width="640" /></a></span></div><span style="font-size: large;">Cleared Defense Contractors use classified information during performance of contracts. The Department of Defense makes the rules and governs how the classified contractors protect classified material. The Federal Government has published a policy appropriately titled: The National Industrial Security Program Operating Manual (<a href="https://www.redbikepublishing.com/nispom/" style="color: #7f7f7f;" target="_blank">NISPOM</a>). This page turner is sponsored by the Presidential Executive Order (E0)12829 for the protection of information classified under E.O. 12958, As Amended. Having poured over both publications and the updates, I can conf<br />idently assure you that they take this business very seriously.</span><p></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> When specific work declares performance objectives on classified efforts, provisions of the applicable DD Form 254 and Security Classification Guide (SCG) shall govern. Both the DD 254 and SCG spell out what specific work a contractor can and cannot perform, what exactly is classified and how to protect it. Both of these documents not only should be available prior to execution but read and understood by all performing employees.</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Classified information is marked with CONFIDENTIAL, SECRET and TOP SECRET designations and must be afforded protection at the appropriate level. For example, unauthorized disclosure of CONFIDENTIAL information could reasonably be expected cause damage; SECRET could reasonably be expected to cause serious damage; and TOP SECRET could reasonably be expected to cause exceptionally grave damage to national security. Prior to discussing or providing classified data, cleared employees are required to ascertain the receiving party’s clearance level and need-to-know. </span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Facility security officers and industrial security professionals should develop measures to safeguard classified information at the highest level indicated. Employees should be trained to perform on these contracts based on NISPOM Guidance. This training includes:</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><a href="https://www.redbikepublishing.com/sf312/" style="color: #7f7f7f;" target="_blank"><span style="font-size: large;">Non Disclosure Agreement (SF 312)</span></a></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><a href="https://www.redbikepublishing.com/derivative/" style="color: #7f7f7f;" target="_blank"><span style="font-size: large;">Derivative Classifier</span></a></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><a href="https://www.redbikepublishing.com/securityawareness/" style="color: #7f7f7f;" target="_blank"><span style="font-size: large;">Security Awareness Initial and Annual Refresher</span></a></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><a href="https://www.redbikepublishing.com/insiderthreat/" style="color: #7f7f7f;" target="_blank"><span style="font-size: large;">Insider Threat</span></a></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-48468626500600575622021-03-31T18:27:00.002-05:002021-03-31T18:27:45.633-05:00Another explanation of CUI<table cellpadding="0" cellspacing="0" style="background-color: white; color: black; font-family: sans-serif; width: 578px;"><tbody><tr><td style="border-collapse: collapse; border-spacing: 0px; border: 0px none;"><div style="background-color: transparent; border-color: transparent; border-style: none; border-width: 0px; color: #333333; margin: 0px; padding: 0px;"><p style="margin-bottom: 0px; margin-top: 0px;"><span style="font-size: large;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWsp4GI0PuisHOisLp3hn4fkX7OVBDgScyX54zqx7FY0n5XtVhyphenhyphen_T27yudY0KtGjNGHJEBBiUd1FGYRGRkEAiTNEcSyqTmCMm1grISptIa8Vc-QSBei5Ft5oz2EUSl9A6XAwYskrHylA/s7922/AdobeStock_271715382.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="4000" data-original-width="7922" height="324" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWsp4GI0PuisHOisLp3hn4fkX7OVBDgScyX54zqx7FY0n5XtVhyphenhyphen_T27yudY0KtGjNGHJEBBiUd1FGYRGRkEAiTNEcSyqTmCMm1grISptIa8Vc-QSBei5Ft5oz2EUSl9A6XAwYskrHylA/w640-h324/AdobeStock_271715382.jpeg" width="640" /></a></span></div><span style="font-size: large;"><br />A buzz is sweeping the security community since the industry has been notified of the recent updates to DoD's CUI program based on the presidential memorandum with the subject, <em>Designation and sharing of Controlled Unclassified Information (CUI)</em>. This memorandum implements a program designed to encourage the speedy sharing of information to those authorized and to better protect the information, privacy and legal rights of Americans. The CUI program is designed to promote proper safeguarding and dissemination of unclassified information. </span><p></p><p style="margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Many readers may be familiar with the program CUI has replaced. Sensitive But Unclassified (SBU) information had enjoyed protection to a certain level but was not conducive to the necessary information sharing. Controlled Unclassified Information (CUI) directives provide procedures for a more appropriate Information Sharing Environment.</span></p><p style="margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> CUI is a designation of unclassified information that does not meet the requirements of Executive Order 12958, as amended (Classified National Security Information). However the protection is necessary for national security or the interests of entities outside the Federal Government. The unclassified information also falls under the law or policy advocating protection from unauthorized disclosure, proper safeguarding and limiting dissemination. Though not a classification, the controls in place may prove to require significant administrative action.</span></p><p style="margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Designation of CUI can only be based on mission requirements, business prudence, legal privilege, protection of personal or commercial rights, safety or security. Finally, as with the classified information, sensitive information cannot be labeled CUI for the purposes of concealing violation of law, inefficiency, or administrative error. The designation cannot be used to prevent embarrassment to the Federal Government or an official, organization or agency, improperly or unlawfully interfere with competition in the private sector or prevent or delay the release of information that does not require such protection.</span></p><p style="margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> What does this mean for affected businesses and government agencies? Be prepared to implement the program to allow for proper storage and dissemination, and provide required CUI training. This requires the ability to properly mark the material or provide proper warning before discussing the information. Things to think about include: training employees, developing mail, fax, email and reception procedures, and ordering marking supplies. Also, keep information technology and other business units in the loop of communication. They will need to provide the right support at the right time.</span></p></div></td></tr></tbody></table><table border="0" cellpadding="0" cellspacing="0" style="background-color: white; color: black; font-family: sans-serif; width: 578px;"><tbody><tr><td style="border-collapse: collapse; border-spacing: 0px; border: 0px none; padding-bottom: 10px; padding-top: 10px;"><table align="center" border="0" cellpadding="0" cellspacing="0" style="margin: 0px auto; width: 578px;"><tbody><tr><td style="border-bottom-color: rgb(136, 136, 136); border-collapse: collapse; border-image: initial; border-left-color: initial; border-right-color: initial; border-spacing: 0px; border-style: none none solid; border-top-color: initial; border-width: 0px 0px 1px; font-size: 0px; line-height: 0px;"> </td></tr></tbody></table></td></tr></tbody></table><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-50381774112189571972021-03-05T12:43:00.006-06:002021-03-05T12:43:56.636-06:00Training and Goals for Cleared Defense Contractor Employees<p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 0px;"><span style="font-size: large;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZxW4fjOIq167iFt_z_ZMnADjdtJOe-M05OWrygfBOE6Q8DN43f9rdGMyP4b4iMW432V-4zVkd1yJ1EQqlt0pS1XgyNeph3bA-gFmztjhni00QQRzs_eqYc11r78KIFmaXMu-maFFcdQ/s4679/AdobeStock_213594025.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2172" data-original-width="4679" height="298" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZxW4fjOIq167iFt_z_ZMnADjdtJOe-M05OWrygfBOE6Q8DN43f9rdGMyP4b4iMW432V-4zVkd1yJ1EQqlt0pS1XgyNeph3bA-gFmztjhni00QQRzs_eqYc11r78KIFmaXMu-maFFcdQ/w640-h298/AdobeStock_213594025.jpeg" width="640" /></a></span></div><span style="font-size: large;"><br />Putting first things first. That has been a motto for many after reading books such as Franklin Covey’s 7 Habits of Highly Effective People or Reverend Rick Warren’s The Purpose Driven Life. Those and several similar motivational publications stress that everyone has the same amount of time in a day. What we do during that time helps us either make or goals or fail before we even get started.</span><p></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> As leaders, FSOs can help cleared defense contractor employees understand how to create incredible security programs. Focusing on training, interaction with other cleared employees, self-improvement and institutional education should be part of professional development. FSOs and managers who write evaluations for direct reports have an excellent opportunity to help them establish goals to become better at their jobs, more impactful in their careers and hopefully, groomed to become FSO’s themselves. Challenging employees and team members to achieve personal and professional goals breeds success.</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;">Security certifications such as <a href="https://www.redbikepublishing.com/ispcertification/" style="color: #7f7f7f;" target="_blank">ISP Certification and ISOC certification </a>are goals cleared employees could take as a goal as well as encourage employees to achieve. The employee gains from such education and a prestigious career milestone. The organization also benefits from what the security employee learns and applies on the job. When employees study for the ISP Certification, they learn: how to read and apply the NISPOM, the importance of forming professional relationships with cleared employees, how the cleared contractor and the DSS representatives interact, and much more.</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> A leader also creates pride in the organization and employee by making them more competitive in their career and providing basis for professional pride. When employees are challenged with the goal, the manager can help by providing or allowing education as found on the DCSA, professional organization or vendor websites. Studies on NISPOM topics are available on the internet as well as on site. If your team is large enough, consider helping them start a study group.</span></p><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;"> Here are 2 good training ideas:</span></p><ol style="background-color: white; color: #333333; font-family: sans-serif;"><li><span style="font-size: large;">If the cleared contractor facility has multiple security employees, provide an opportunity to cross train. Security employees who work personnel security issues could work with document control and etc. Also, consider allowing security employees from one discipline inspect anther security section during the annual self inspection.</span></li><li><span style="font-size: large;">Another idea is for the FSO to create an internal certification program. This helps integrate new employees into their jobs. A self-certification program would train an employee on performing individual tasks. The employee works under a mentor who verifies and documents the training. This training covers how the cleared contractor facility security employees practice document control, manage personnel security, provide classified contract support and etc. If such a program exists in your organization, consider using it for further cross training employees who concentrate only on one task. This will help them become more experienced and more prepared for the exam.</span></li></ol><p style="background-color: white; color: #333333; font-family: sans-serif; margin-bottom: 0px; margin-top: 16px;"><span style="font-size: large;">Employees may not feel comfortable asking for<a href="https://bennettinstitute.com/course/nispomfundamentals/" style="color: #7f7f7f;" target="_blank"> NISPOM Fundamentals Training,</a> setting prestigious goals, or asking for funding for professional organizations or certifications. However, a supervisor who is aware of such opportunities can encourages the employee to become engaged.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-64388223835371916182021-02-20T17:21:00.003-06:002021-02-20T17:21:52.735-06:00Is Security Certification a New Year's Resolution?<div><span style="font-family: Georgia, Times New Roman, serif; font-size: large;"><br /></span></div><span style="font-family: Georgia, Times New Roman, serif; font-size: large;"><div><span style="font-family: Georgia, Times New Roman, serif; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><a href="https://www.redbikepublishing.com/ispcertification/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" data-original-height="1595" data-original-width="1421" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaHeA4ai4TWb9FTzCZQI4OykWJBj3gFZf66Xn7RbkdpOGcjVoof_vQOO2vJzODbnfUmQtFvkPAk96C6PgDNFTTXh2NpkHj2BZoSo72v4bn3QO5XY4vVVBQuATPXTSqtSMPYh5-XyCg5A/w570-h640/isp.jpg" width="570" /></a></div><br />Wow, New Year’s Eve has come and gone, and many of us are reflecting on our goals. It’s traditional to plan events as the calendar rolls over to a new year. It’s great to dream big and visualize these goals, it’s quite another to actually reach them. So let’s talk professional goals, the NCMS’ ISP Certification and CDSE's ISOC are great ones to strive for.</span><br />
<span style="font-family: Georgia, Times New Roman, serif; font-size: large;"><br /></span>
<div>
<span style="font-family: Georgia, Times New Roman, serif; font-size: large;">It’s one thing to dream and another to plan. The difference is what you do from the vision to make it a reality. Here are some deliberate actions you can use to help develop a plan to become ISP Certified.<br /><br />1. Begin at the NCMS, ISP Certification information website @ <a href="http://www.ncms-isp.org/ISP_Certification/index.asp">http://www.ncms-isp.org/ISP_Certification/index.asp</a>. There you can find ISP Certification testimonials, brochures, application and other information about the certification. When you review the qualification, study and application information, begin with the end in mind. If your goal is to become ISP Certified</span><span style="font-family: Georgia, "Times New Roman", serif; font-size: x-large;">, gather all the data needed and determine the possibility. If the application, approval and study timeline is too timely, consider changing your goal the next year. The goal is to study the requirements and build a realistic plan to achieve your goal. Let preparation set the way and not a calendar date. Once you determine how long it will take to get prepared (6 months, 1 year, etc.) build a plan based on the date and work backward.</span></div><div><span style="font-family: Georgia, "Times New Roman", serif; font-size: x-large;"><br /></span></div><div><span style="font-family: Georgia, Times New Roman, serif; font-size: large;">If your goal is ISOC certification, begin at the <a href="https://www.cdse.edu/certification/isoc.html" target="_blank">CDSE website</a>. </span></div><div><span style="font-family: Georgia, Times New Roman, serif; font-size: large;"><br />2. Understand the application process. There are minimum experience requirements that applicants must meet as well as administrative tasks built into the process. If an applicant does not meet minimum requirements, they can begin study, but will have to wait to meet those requirements before applying. This should be built into the timeline. Applicants who meet the minimum, should build in the administrative tasks into the timeline. This includes filling out applications, payment, getting approval to take the exam and setting up a test date.<br /><br />3. Understand the testable topics. Gather the relevant test information from the website. Understand the requirements and get a feel of where you are professionally and any gaps you need to breach to bring your knowledge of <a href="http://www.redbikepublishing.com/book/nispom/">NISPOM</a> and I<a href="https://www.redbikepublishing.com/ispcertification/" target="_blank">SP or ISOC Certification</a> categories to where it needs to be. It’s not necessary to be an expert in all areas or to be able to quote regulations and requirements. What’s important is a knowledge of where to find information in source documents and apply that knowledge to question based scenarios. In other words, understand where the information can be found and applied to the situation in a quick manner. For example, a person appointed as FSO may have substantial experience with personnel and contract security after working those areas exclusively for many years. However, they are still responsible for understanding information security as outlined in the NISPOM. This means that they will need to spend some time understanding where to find topic related information and answer questions in context.<br /><br />4. The following are some things that you can do to prepare to fill those knowledge gaps:<br /><br />a. Study the NISPOM and other reference document structure and understand where to find topic related information. Also, become familiar with key industry standard words found in the source documents. Some of these words are original classification authority, government contracting agency, DCSA, security clearance, cognizant security agency, and etc. The NISPOM and source documents are available in print and electrons and can be used in the exam. Understand where certain information can be found or how to search an electronic copy is a very good technique for real life and test based scenarios. <br /><br />b. Join a study group. There you can study their material, ask questions and get feedback. <br /><br />c. Find a mentor. They understand the stress of working full time and studying for a professional level exam. Mentors can calm fears, answer questions, put rumors to rest, and put the right perspective on stress, studying and life in general.<br /><br />5. Set a date. Once that date is set and approved, you have a certain amount of to take the test before having to reapply. Setting the date will keep you motivated to study and stay focused.<br /><br />Dreaming is one this, but achieving is another. The best way to ensure success is to build a plan and follow it. Begin with the end in mind, understand the limitations, meet those limitation, set a date and stay focused. </span><br />
<div class="MsoNormal">
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800314";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "efd2de9e389fd0612b5877dd98471366";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<span style="font-family: Georgia, Times New Roman, serif; font-size: large;"><br /></span></div>
<br /><br /></div><div><span style="background-color: white; color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;"><br /></span></div><div><span style="background-color: white; color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;">Join our </span><a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 0px; box-sizing: inherit; font-family: georgia; font-size: x-large; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a><span style="background-color: white; color: rgba(0, 0, 0, 0.75); font-family: georgia; font-size: x-large;"> for more articles.</span><br /><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p></div>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-50739053307491103562021-02-08T12:46:00.003-06:002021-02-08T12:52:50.589-06:00How FSOs can determine security budgets<div class="separator" style="clear: both;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTYxjOED2Ne8hwELHc1jJDpfLE10Z4LXp8440fDgHbopWANO5lAO-IXdRm1twBAA8q-i4E8JRlwUGtSzhUAPgnMk_1LCLRfAPKy6_amD_PX1MjUiIgGLcFevXEEOos5BxxIS06eumclQ/s5760/AdobeStock_317396428.jpeg" style="display: block; padding: 1em 0px; text-align: center;"><img border="0" data-original-height="3240" data-original-width="5760" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTYxjOED2Ne8hwELHc1jJDpfLE10Z4LXp8440fDgHbopWANO5lAO-IXdRm1twBAA8q-i4E8JRlwUGtSzhUAPgnMk_1LCLRfAPKy6_amD_PX1MjUiIgGLcFevXEEOos5BxxIS06eumclQ/w640-h360/AdobeStock_317396428.jpeg" width="640" /></a></div><div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">A Facility Security Officer (FSO) should put careful consideration into the security budget. This is a primary opportunity in the continuing plan of building credibility. The manager who arbitrarily throws in a number with meritless base is sending the wrong message. However, a well thought out line item count based on risk management, company mission and <a href=" NISPOM" target="_blank">NISPOM</a> requirements is more apt to impress and build instant respect. The budget contribution should enforce and support a message the FSO is constantly communicating. The budget request should not be first time executives are introduced to figures.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Management support or lack of support of a security budget demonstrates either a well received or an unsupported security program. The intuitive FSO understands business, the company mission and how the role of protecting classified material fits. In that environment, the FSO provides a risk assessment based on the threat appraisal and speaks intelligently of the procedures, equipment and costs associated with protecting classified information. For example the FSO understands how to <a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" target="_blank">contract security vendors</a> to install alarms, access control and other life safety and protective measures. The FSO is also able to demonstrate how the expense will benefit the company either in cost reduction or other tangible results.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">The FSO presents the budget in a manner that all business units understand. For example, if part of the budget line is to provide access control there is a significant associated cost. Incorporating management involvement and support builds credibility and puts the company in a better position to provide the funding. Not only is a projected return on investment required, due diligence should be conducted. Sample questions and answers the FSO should be prepared to address are:</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">• Why is access control necessary? Prevents unauthorized persons from entering the premises and gives an extra layer of protection for classified and sensitive information.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">• What happens if we do not implement access controls? The organization would have to commit persons to controlling the access to the company. At a manager’s salary of between $20.00 - $30.00 per hour, this could become expensive over time. The FSO could demonstrate the cost of the access controls against the time a manager takes to ensure someone provides visibility of the doors.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">• What is the return on investment for access control? The intangible return on investment is the prevention of damage, injury, theft, and other risks inherent to unauthorized visitors. More tangible is the amount of energy saved while keeping the doors closed and saving energy. In one such study an FSO estimated a cost reduction of $12,000 per year cost reductions on the electric bill.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Other questions abound and the FSO should not hesitate to forward such questions to vendors. These vendors have statistics that they use as selling points for their products.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Speaking the language of business will serve the FSO well and ensure that executives understand the significance of a well supported security program. Security managers who just quote regulations or use “best practices” without putting much thought into the costs or talking points will quickly lose credibility. </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">More information is available in the books below:
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "B08K5LKRF4";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "dc897591618036a9b3e62da1c3ebcb94";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "0981620655";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "b1b221b0c93c8dca76ca9e8ab913498e";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800896";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "c8d7be971dfc29cf8f2269f21bccbcd5";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
</span></div><div><br /></div></div><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-71466011027240518142021-02-07T17:18:00.005-06:002021-02-08T12:57:48.040-06:00Receiving Classified Information into Accountability<div class="separator" style="clear: both; text-align: center;"><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjicFZB3rdB5_EimyJRRgHiwcn-32wFuhQLGted0FAut_Bb4oXSKrllMrcOuHmP3t-5moSzeeTaNrraYXm6HljOwpJRg-KP6ySJiMmcDlZQkS2vRraVTqb2iLC9PmyvaR8larguFsMv7g/s6720/AdobeStock_255521013.jpeg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3780" data-original-width="6720" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjicFZB3rdB5_EimyJRRgHiwcn-32wFuhQLGted0FAut_Bb4oXSKrllMrcOuHmP3t-5moSzeeTaNrraYXm6HljOwpJRg-KP6ySJiMmcDlZQkS2vRraVTqb2iLC9PmyvaR8larguFsMv7g/w640-h360/AdobeStock_255521013.jpeg" width="640" /></a></div><br /><span style="font-family: georgia;"><br /><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-size: x-large;">I catch myself watching fun Youtube videos. Some of my favorites are watching consumers open my favorite products and orienting me on how to use them. The unpacking causes excitement and the by item unpacking and layout of what to expect helps me understand my product better. </span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-size: x-large;">In the National Industrial Security Program Operating Manual (</span><a href="https://www.redbikepublishing.com/nispom/" style="font-size: x-large;" target="_blank">NISPOM</a><span style="font-size: x-large;">), we have a similar package "reveal". Security specialists, document control professionals, facility security officers and others in possessing facilities may receive classified information, depending on the contract. Part of the receipt is the critical inspection of the package during the integration process. </span></p></span><p></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"></span></p><div class="separator" style="clear: both; text-align: center;"></div><span style="font-family: georgia; font-size: large;"><div style="text-align: left;">As they unwrap the package, the inspector is orienting themselves to better understand what they should be receiving. This begins by inspecting the package physically, then comparing the contents with the receipt. They are also searching for evidence of tampering or to otherwise to inspect that there has been no compromise of<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" target="_blank"> classified material</a> since leaving the sender’s organization. </div></span><p></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Classified material is protected by a two layer wrapping job. Each layer consists of material that is impossible to see through such as: an envelope, paper, box or other strong wrapping material. To prevent opening, the seams of the layers are covered with anti-tampering rip proof tape to create a solid layer of covering. The initial inspection is more cosmetic as the inspector looks for evidence of tearing, ripping, re-wrapping or some other means of unauthorized access to the material.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Next, review the address labels for approved classified mailing address, return address and which does not identify any recipient by name. The label is addressed to the “Commander” if a Government entity or the name and approved classified mailing address of the contractor facility. Additionally, check to see that there are no classification markings on the outer layer. The outer layer should is designed not to draw attention that it contains classified contents. Classification markings and named individuals on the outer layer are security violations because they direct unwanted attention.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">The inside wrapping contains the full address of the recipient as well as classification markings on the top, bottom, front and back. Classified information should have receipts included. Receipts are not necessary with the shipment of CONFIDENTIAL material. Sign all receipts and return them to the sender.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">The receiver then checks the receipt against the titles to ensure the item has been identified correctly. The receipt lists all the pertinent information to identify the contents. The properly filled out receipt identifies the sender, the addressee and correctly identifies the contents by the correct and preferably unclassified title and appropriate quantity. The title should be unclassified. If not, then the receipt is to be protected at the classification level identified in the title. When practical, contact the sender to see if it can be issued an unclassified title or prepare to store the receipt long term in a GSA approved container.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht2cSHmYfMiB4mdQfaac7o8gDNdAfNvLMwaJlfuidcxnQrPtJpHMzxhhZ5__pS8c21X_8hyphenhyphenwrMqYg3YjjnAp97xY0wetLNp2Mr17EFxYnYQpp1vI2-NUXw3qW-uFMm2v5oh9yHzMy0fg/s2200/Figure+4-7+Checklist.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2200" data-original-width="1700" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht2cSHmYfMiB4mdQfaac7o8gDNdAfNvLMwaJlfuidcxnQrPtJpHMzxhhZ5__pS8c21X_8hyphenhyphenwrMqYg3YjjnAp97xY0wetLNp2Mr17EFxYnYQpp1vI2-NUXw3qW-uFMm2v5oh9yHzMy0fg/w494-h640/Figure+4-7+Checklist.jpg" width="494" /></a></span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: x-large;">The receiver then compares the classification identified in the receipt with that annotated on the inner wrapper. These will ensure the package is handled correctly once the outer wrapping has been opened or removed. The receiver of the classified item compares the classification marking on the contents with the wrapper and the receipt to once again verify the accuracy of the classified information and prevent unauthorized disclosure. </span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Once all the checks and verifications are complete, the receiver can then sign a copy of the receipt and return to the sender, thus closing the loop on the sender’s accounting responsibilities. The copies of receipts are filed away and the classified information is put into a database and the items are stored according to the classification.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; text-align: left; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">See below for an inspection checklist.</span></p>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "0981620655";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "5a5c931fead8add2ecb0112d8464044d";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800268";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "c2351e6d1726cdcb3cc132d190eb4b3a";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<div style="text-align: left;"><br /></div></div><div class="separator" style="clear: both; text-align: center;"><br /></div><br /><br /><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-7628549934198784102021-02-07T17:08:00.001-06:002021-02-07T17:08:19.872-06:00Protect Classified Conversations and Instructions Keeping These in Mind<div class="separator" style="clear: both; text-align: center;"><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqrK2kcpgwcYAU17zlT7mARKGtydx9EgF0qj4a3rP8NvgwL1o3b9QD04SSlWZLcJytmUMROJAINqNePdTda6elujMZ085nA5iqp95NN_c_-59FPO6pFuB_ZBA26j3v4Y4on_KpKyTDOw/s6959/AdobeStock_320262349.jpeg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3856" data-original-width="6959" height="354" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqrK2kcpgwcYAU17zlT7mARKGtydx9EgF0qj4a3rP8NvgwL1o3b9QD04SSlWZLcJytmUMROJAINqNePdTda6elujMZ085nA5iqp95NN_c_-59FPO6pFuB_ZBA26j3v4Y4on_KpKyTDOw/w640-h354/AdobeStock_320262349.jpeg" width="640" /></a></div>In the course of performing on classified defense contracts, exchange of classified information is inevitable. While, the movement of classified information outside of a secure environment is to be kept to a minimum, there are times it must be moved in fulfillment of requirements. </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">When movement is necessary, the party responsible for movement should determine whether or not the classified information is necessary at the gaining organization, the organization is cleared to the appropriate level, and that there is a contractual need to know. Then they should provide the classified information in the appropriate format, using the approved methods. For example, a SECRET document can be hand carried, provided on a disc, emailed, or faxed.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"> </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Once the classified information is on-site, the receiving CDC takes over. There are many reasons for transporting classified material. These include conferences, classes, engineering, services or any other environment where it is needed. </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">As the<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" target="_blank"> senior industrial security manager in CDCs</a>, the FSO leads the security program designed to protect classified information and prevent unauthorized disclosure. While working in the secure environment, contractors protect classified information under their control and cleared employees protect classified information entrusted to them. </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Without this protection, national security could face varying degrees of damage depending on what information is disclosed and how it was used. This protection applies to documents as well as classified discussions. </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Classified verbal communications should only occur in controlled environments. For example, classified conversations are authorized in locations where access and need to know have been verified. They should never take place in hallways, around the water cooler, in public places or car pools where eavesdropping cannot be prevented or access and need to know cannot be verified. Just as the holder of classified documents verifies a receiver’s need to know and security clearances before handing them over, the same is true for releasing classified information in verbal form.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><a href="https://www.redbikepublishing.com/nispom/" target="_blank">Classified Meetings:</a></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Prior to the start of a classified meeting either the government sponsor or the contractor representative should provide a security briefing notifying attendees of the classification of information to be discussed, whether or not taking notes is permitted and if so, how they will be controlled. For example, when classified notes are permitted, they will have to be properly marked, introduced into accountability and prepared for dissemination (hand carry with the attendee or mailed at a later date). The presentation is controlled to prevent the inadvertent and unauthorized release. Each attendee should also be reminded to remove any cell phones or other electronic devices.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Impromptu Discussions:</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">When working on classified material in approved locations, keep in mind that uncleared persons in the area may be within voice range. Some companies and security managers may allow cleared employees to take classified work back to their cubicles and desks. They are able to protect the information from prying eyes, but eavesdropping cannot be prevented outside of a closed area. </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Limit opportunities for unauthorized access to classified information by limiting opportunities for these discussions. Impromptu discussions could provide unauthorized access to repair persons, uncleared employees, and others. For example, while everyone in the immediate area may be cleared and with need to know, they could be on the phone with uncleared people. </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Another factor to consider is need to know. While everyone within earshot may have the appropriate <a href="https://www.redbikepublishing.com/insidersguide/" target="_blank">security clearance</a>, they may not have the need to know. </span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">Here are three ideas you can apply immediately:</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">1.<span style="white-space: pre;"> </span>Post signs where classified contracts are authorized and likewise where unauthorized.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">2.<span style="white-space: pre;"> </span>Provide reminders of the dangers of impromptu conversations.</span></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: georgia; font-size: large;">3.<span style="white-space: pre;"> </span>Provide <a href="https://www.redbikepublishing.com/securityawareness/" target="_blank"><br />guidance and training </a>on how to introduce classified information into your organization.</span></div><div style="text-align: left;"><span style="font-family: georgia; font-size: large;"><br /></span></div></div><br /><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800268";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "a971dc77eb8a04056358705d353aac1c";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "0981620655";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "f3ab1b378e68213aadc85169ed028732";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800896";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "a5eadc934252ba99d260f05455f1e2ce";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-61784196944439929652021-01-22T12:08:00.001-06:002021-01-22T12:08:14.048-06:00NISPOM Codifying, Guidance, Cleared Defense Contractors, and all those CFRs<p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: georgia; font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg2OfdHTfbvRHAm_X7nZjcXWkSkNXJgzklxZCPhoC383PSEYN91gwUk6YsqKt82a6HKq4G6QcOIsdKhTWQPq0UuUeEAnnOs01fcwGFzIvkidEU4_mSRA7kI5PNa4GB7gFGmdZC7yNFJw/s3872/AdobeStock_101424931.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2592" data-original-width="3872" height="428" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg2OfdHTfbvRHAm_X7nZjcXWkSkNXJgzklxZCPhoC383PSEYN91gwUk6YsqKt82a6HKq4G6QcOIsdKhTWQPq0UuUeEAnnOs01fcwGFzIvkidEU4_mSRA7kI5PNa4GB7gFGmdZC7yNFJw/w640-h428/AdobeStock_101424931.jpg" width="640" /></a></span></div><span style="font-family: georgia; font-size: large;"><br />The latest industry buzz is the “release of the new National Industrial Security Program Operating Manual (NISPOM)”. I’m putting air quotes in there, because an actual NISPOM has not been rewritten or re-released. There is no re-release of NISPOM, only a reorganization of the CFRs that duplicate National Industrial Security Program requirements. If you are expecting the release of a “new NISPOM”, such as a Change 3 or a total re-write, that has not occurred.</span><p></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">I encourage you to read further.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">The genesis of all this buzz of a “new NISPOM” is listed here: <a href="https://www.govinfo.gov/content/pkg/FR-2020-12-21/pdf/2020-27698.pdf" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">https://www.govinfo.gov/content/pkg/FR-2020-12-21/pdf/2020-27698.pdf</a></span></p><h2 style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.9); line-height: 1.33333; margin: 2.8rem 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Straight to the point</span></span></h2><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 0px 0px 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Conclusion: No new NISPOM (just a few additions)</span></p><ul style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><li style="background: transparent; border: 0px; box-sizing: inherit; margin: 2.4rem 0px 2.4rem 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> 32 CFR part 117 and 32 CFR part 2004 are redundant requirements</span></li><li style="background: transparent; border: 0px; box-sizing: inherit; margin: 2.4rem 0px 2.4rem 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">DoD will no longer publish the DoD Manual 5220.22, NISPOM as a DoD policy issuance in 32 CFR part 117.</span></li><li style="background: transparent; border: 0px; box-sizing: inherit; margin: 2.4rem 0px 2.4rem 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> 32 CFR part 2004, “National Industrial Security Program” is now the standing CFR</span></li><li style="background: transparent; border: 0px; box-sizing: inherit; margin: 2.4rem 0px 2.4rem 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">NISPOM Change 2 is still a requirement that Cleared Defense Contractor (CDC) must follow</span></li></ul><h3 style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.9); line-height: 1.4; margin: 2.4rem 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Background</span></span></h3><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 0px 0px 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">A quick read will review that there actually is no new <a href="https://www.redbikepublishing.com/nispom/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM</a>. This information just codifies (fancy legal term for: arrange (laws or rules) into a systematic code.) So, this is just a reorganization of laws to remove duplication and increase efficiency. What is unclear is that while the contractors are still required to follow the latest NISPOM, how the government communicates the NISPOM Change 2 requirement, when DoD Manual 5222.22 will no longer be published in its current form.</span></p><h3 style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.9); line-height: 1.4; margin: 2.4rem 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Streamlining requirements and one of the changes</span></span></h3><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 0px 0px 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">I’ll focus on one of the most relevant and seemingly logical changes based on NISPOM roles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">You might know that the Director of National Intelligence (DNI) has had a large role in developing NISPOM. Primarily DNI oversees the protection of National Intelligence Information in the hands of the <a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">cleared defense contractors</a>. Additionally, DNI has had executive roles In relation to the 2008 publication of E.O. 13467, “Reforming Processes Related to Suitability for Government Employment, Fitness for Contractor Employees, and Eligibility for Access to Classified National Security Information.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">DNI then became Security Executive Agent (SecEA), for the development, implementation, and oversight of effective, efficient, and uniform policies and procedures governing the conduct of investigations and adjudications for eligibility for access to classified information and eligibility to hold a sensitive position.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Later in December 2016, DNI issued Security Executive Agent Directive (SEAD) 3, “Reporting Requirements for Personnel with Access to Classified Information or Who Hold a Sensitive Position, to executive branch agencies or covered individuals with an effective date of June 12, 2017.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">The SEAD 3 intent is to promote consistency in personnel security reporting requirements for all covered individuals. This ties in well to the DNI role in the NISPOM as well as the intent to strengthen the safeguarding of national security equities, such as national security information, personnel, facilities, and technologies.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">In logical flow, it would just make sense that the NISPOM would include additional SEAD 3 requirements. </span></p><h3 style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.9); line-height: 1.4; margin: 2.4rem 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Biggest Impact: Reporting based on 13 Adjudicative Criteria, SF-86, and SEAD 3 </span></span></h3><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 0px 0px 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">SEAD 3 identifies required reporting of data elements that are contained in the Standard Form-86, “Questionnaire for National Security Positions” used in requesting <a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">security clearance</a> requests. In other words, the guidance issued requires that cleared employees under NISP report information reflective of concerns in the 13 Adjudicative Criteria and other items listed in the SF-86. This has always been a NISPOM requirement. However, SEAD 3 requires these elements to be reported PRIOR to participation in such activities or otherwise as soon as possible following the start of their involvement. This doesn’t seem to be a new requirement, but an emphasis as many FSOs have been providing this requirement in <a href="https://www.redbikepublishing.com/securityawareness/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">security awareness training</a>.</span></p><h3 style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.9); line-height: 1.4; margin: 2.4rem 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Now this may be an attention grabber</span></span></h3><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 0px 0px 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">There is a strong argument that this requirement will raise the level of report in some benign situations such as foreign travel. Travel is usually a notification residing with the cleared defense contractor organization, but now may be a formal report to the cognizant security office or Defense Counterintelligence and Security Agency (DCSA). The SEAD 3 highlights that cleared employees obtain prior agency approval BEFORE conducting unofficial foreign travel.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">This will require training, enforcement, and an actual reporting process from the cleared employee to DCSA. For example, DCSA should provide guidance for what should happen if a cleared employee plans a family cruise to Mexico and the Bahamas. How far in advance should the traveler request this approval, how do they request the approval, and how is the approval provided back to the CDC?</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">There are several other changes that don’t impact the majority of CDCs. There is clarification for those who are responsible TOP SECRET accountability, proscribed information, classified document retention, and those falling under FOCI. However, for the most part, these include clarifications and are potentially already being applied appropriately.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">For more information on SEAD 3, check this out: <a href="https://www.dni.gov/files/NCSC/documents/Regulations/SEAD-3-awareness-briefing.pdf" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">https://www.dni.gov/files/NCSC/documents/Regulations/SEAD-3-awareness-briefing.pdf</a></span></p><h3 style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.9); line-height: 1.4; margin: 2.4rem 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: inherit; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">What to do and not to do</span></span></h3><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 0px 0px 3.2rem; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Don’t wait for a new version of NISPOM…yet. While there is no “new NISPOM”, there are some clarifying comments. I recommend reviewing the clarifications included below to assess any changes that you might need to make in your security program to protect classified information.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">I also recommend using current NISPOM for <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">security training</a> and <a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP® and ISOC certification</a>. Nothing has been changed, just “codified”.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Continue to apply the current NISPOM. As stated in the source CFA, contractors are expected to comply with Change 2 requirements. Eventually, there will either be a re-release or republishing of the NISPOM under a new title or an acceptance of the current publication.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">************************************************************************</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Additional reading: Clarifications of NISPOM requirements include the following:</span></span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">§ 117.8: Reporting Requirements. § 117.8(a) General includes that contractors must submit reports pursuant to this rule, SEAD 3 and CSA guidance to supplement unique CSA mission requirements. SEAD 3 reporting establishes a single nationwide implementation plan for covered individuals, which for this rule provides reporting by contractors and their employees eligible for access to classified information. SEAD 3 requirements will be implemented for all contractor cleared personnel to report specific activities that may adversely impact their continued national security eligibility. Contractor cleared personnel must be aware of risks associated with foreign intelligence operations and/or possible terrorist activities directed against them in the United States and abroad, and have a responsibility to recognize and avoid personal behaviors and activities that adversely affect their national security eligibility. NISP CSAs shall conduct an analysis of such reported activities, such as foreign travel or foreign contacts, to determine whether they pose a potential threat to national security and take appropriate action. Contractors will be responsible for collecting the foreign travel data from cleared employees, providing pre- and post-travel briefings to those cleared employees when necessary, and tracking and reporting those foreign travel activities of its cleared employees through the CSA designated system of record for personnel security clearance data.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">§ 117.9(m) Limited entity eligibility determination (Non-FOCI) and, § 117.11(e) Limited entity eligibility determination due to FOCI. In accordance with 32 CFR part 2004, “NISP Directive,” provisions for granting two new types of limited entity facility clearance eligibility determinations (FCLs) to meet government requirements for narrowly scoped requirements for a companies to access classified information.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> § 117.11(d)(2)(iii)(A) Requirement for National Interest Determinations (NIDs): This paragraph provides for the implementation of the provisions of Section 842 of Public Law 115-232, which was effective on October 1, 2020, and eliminates requirements for a covered NTIB entity operating under an SSA to obtain a NID for access to proscribed information: Top Secret, Special Access Program, Communications Security, Sensitive Compartmented Information, and Restricted Data. This provision will allow covered NTIB entities to begin performing on contracts that require access to proscribed information without having to wait on a NID, and thus removing costly contract performance delays.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> § 117.15(e)(2) TOP SECRET Information: Permits specific determinations by a CSA with respect to requirements for TOP SECRET accountability (e.g., the CSA can determine that TOP SECRET material stored in an electronic format on an authorized classified information system does not need to be individually numbered in series provided the contractor has in place controls in place to address accountability, need to know and retention). As stated in this paragraph: “. . . Contractors will establish controls for TOP SECRET information and material to validate procedures are in place to address accountability, need to know and retention, e.g., demonstrating that TOP SECRET material stored in an electronic format on an authorized classified information system does not need to be individually numbered in series. These controls are in addition to the information management system and must be applied, unless otherwise directed by the applicable CSA, regardless of the media of the TOP SECRET information, to include information processed and stored on authorized information systems. Unless otherwise directed by the applicable CSA, the contractor will establish the following additional controls . . .”</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">§ 117.15(d)(4) Installation: Clarifies that an Intrusion Detection System (IDS) shall be installed by a Nationally Recognized Testing Laboratory (NRTL)-approved entity to make it clear that any NRTL-approved entity may do such</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Start Printed Page 83305</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">installations. “The IDS will be installed by a NRTL-approved entity or by an entity approved in writing by the CSA . . .”</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> § 117.7(b)(2) Senior Management Official: Clarifies responsibilities of the Senior Management Official of each cleared entity to better reflect the critical role and accountability of this position for entity compliance with the NISPOM. This change further emphasizes the essential role of the Senior Management Official with the entity's security staff to ensure NISPOM compliance.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">§ 117.13(d)(5) Clarifies to the contractor that upon completion of a classified contract, the “contractor must return all government provided or deliverable information to the custody of the government. Such clarification ensures the contractor is not retaining official government records without specific authorization from the government customer. “(i) If the GCA does not advise to the contrary, the contractor may retain copies of the government material for a period of 2 years following the completion of the contract. The contract security classification specification, or equivalent, will continue in effect for this 2-year period. (ii) If the GCA determines the contractor has a continuing need for the copies of the government material beyond the 2-year period, the GCA will issue a final contract security classification specification, or equivalent, for the classified contract and will include disposition instructions for the copies</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"><br /></span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-13146438246490950202021-01-02T12:56:00.003-06:002021-01-02T12:57:41.683-06:00Protecting classified security container combinations<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifGywP6KoxS6FB8YSyM-ICswxYGqIClV9DW5U1tvhS9a6mk1uSN6Ino9u6D2yGf4O2N93kCSDUtKxMimkA-yLWpHRiH-UZkZe0PgJ3VbX7e5Ami0IuyvLT_uhuWow6nl28jOcCkTr6Zw/s3873/AdobeStock_71376692.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3873" data-original-width="3873" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifGywP6KoxS6FB8YSyM-ICswxYGqIClV9DW5U1tvhS9a6mk1uSN6Ino9u6D2yGf4O2N93kCSDUtKxMimkA-yLWpHRiH-UZkZe0PgJ3VbX7e5Ami0IuyvLT_uhuWow6nl28jOcCkTr6Zw/w400-h400/AdobeStock_71376692.jpeg" width="400" /></a></div><br /><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"><br /></p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"><br /></p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"> Here's an interesting scenario. Imagine you are walking the floor and talking to employees when you approach a security container and employees who controlled its access. As part of your inspection, you wanted to verify all documents were properly marked and stored appropriately. After asking for the custodian to open the container, he pulled out his cell phone and began scrolling. you asked what he had been looking for and he stated: "I can't remember the combination, but I'm sure that it's in here somewhere."</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">Whoa! Hold the presses. You immediately changed the combination, filed the necessary report, and investigated whether or not classified information was compromised (not necessarily in that order). You also provided a clear policy and training agenda and that problem disappeared. The story may be true or a similar situation may be familiar. </p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">But here's the question: Do your employees really understand how to protect classified information? Some novice cleared defense contractors and their employees may require extra and unrelenting training and diligence to make sure such situations never happen. More successful programs include <a href="https://www.redbikepublishing.com/fsocertification/" style="box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank">security training</a> conducted by managers and supervisors as they apply to the employee specific duties.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">So who has access to your security containers? Do you limit it to only security personnel or do cleared program employees have it as well. This access depends on your program. Regardless of who has access, authorized employees having access to combinations or keys should be kept to the bare minimum amount necessary.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">Agencies and contractors maintain administrative records and tight control for a sound security system designed to protect the classified information and to demonstrate effectiveness during security inspections. The security specialists also maintain a log of those with knowledge of combinations, change combinations, and fill out the Security Container Information Form, Standard Form 700. Combinations are meant to be memorized and not written down or stored in computers, phones or Personal Data Assistant devices. The combination is protected at that same level of the contents in the security container. If the contents are CONFIDENTIAL, then so is the combination. To ease in memorization, many who assign combinations use a six letter word or the first six letters of a longer word. </p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">Instead of memorizing a long six digit number, they create a word and use a phone for the corresponding numbers. Many have <a href="https://www.redbikepublishing.com/magnet/">magnetic combinations reminders </a>similar to telephone touch pads. For example the number 2 corresponds with ABC, three with DEF, etc. If the memorized word is CORKIE, then the combination is 26-75-43. When persons have access to multiple safes, they may commit security violations by writing the combinations down. Using combination word clues and providing an administrative security container helps reduce the risk of such violations.</p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"><br style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;" /></p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">So, see if you can answer this question.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">How often should you change combinations according to the NISPOM?</p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;">The answer: Change combinations upon initial use, change in status of authorized users, compromise or suspected compromise of container or combination, when safe is left open or when required by FSO or CSA. Did anyone say "annually"? If so, better check the NISPOM.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;"><br style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;" /></p> W. Bennett, ISP is the owner of Red Bike Publishing <a href="http://www.redbikepublishing.com" target="_new">Red Bike Publishing </a>.
He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures.
He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".<div><br /></div><div><br /></div><div>
<iframe frameborder="0" marginheight="0" marginwidth="0" scrolling="no" src="//ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=wwwjeffreywbe-20&language=en_US&marketplace=amazon&region=US&placement=1936800268&asins=1936800268&linkId=dcc3cdd92e41a20590e16384fc658289&show_border=true&link_opens_in_new_window=true" style="height: 240px; width: 120px;"></iframe></div><div><br /></div><div>
<iframe frameborder="0" marginheight="0" marginwidth="0" scrolling="no" src="//ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=wwwjeffreywbe-20&language=en_US&marketplace=amazon&region=US&placement=1936800896&asins=1936800896&linkId=e343499a24e13215777291e90120fc65&show_border=true&link_opens_in_new_window=true" style="height: 240px; width: 120px;"></iframe></div><div><br /></div><div>
<iframe frameborder="0" marginheight="0" marginwidth="0" scrolling="no" src="//ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=US&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=wwwjeffreywbe-20&language=en_US&marketplace=amazon&region=US&placement=0981620655&asins=0981620655&linkId=ae5cbd035d10a0ca5199bf481d32fe57&show_border=true&link_opens_in_new_window=true" style="height: 240px; width: 120px;"></iframe></div>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-83754160259772106482021-01-02T12:43:00.003-06:002021-01-12T13:37:18.463-06:00Security education, training and certification<div><br /></div><div><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;"> </span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgObjiJFclq67cW9lvGYJ4ehThdRxY3f2firj8W9NEyyXlLu2QWXw-3d65yGv6AoBVYg8KEvvBnk3_SoJRxlrJ15ijPzecxgM4kPWpLJgeQ6tULe0lVKi3dXUXG7ff2HhK_QMToOLOZfQ/s4679/AdobeStock_213594025.jpeg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2172" data-original-width="4679" height="298" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgObjiJFclq67cW9lvGYJ4ehThdRxY3f2firj8W9NEyyXlLu2QWXw-3d65yGv6AoBVYg8KEvvBnk3_SoJRxlrJ15ijPzecxgM4kPWpLJgeQ6tULe0lVKi3dXUXG7ff2HhK_QMToOLOZfQ/w640-h298/AdobeStock_213594025.jpeg" width="640" /></a></div><span style="font-family: georgia; font-size: large;"><br /> Have you taken the next step to being competitive in the government contracts arena? If not, this article will provide information and tips based on a proven method of studying for and passing the exam. </span><p></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: georgia; font-size: large; padding-bottom: 0px; padding-top: 0px;">Why earn a certification? </span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: georgia; font-size: large; padding-bottom: 0px; padding-top: 0px;">There are several reasons to achieve certification. One of which allows cleared defense contractor owners and employees to take advantage of opportunities offered in the recent Presidential Executive Order: National Security Professional Development. The Executive order states: "In order to enhance the national security of the United States...it is the policy of the United States to promote the education, training, and experience of current and future professionals in national security positions (security professionals)..."</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: georgia; font-size: large; padding-bottom: 0px; padding-top: 0px;">The National Strategy identified in the Executive Order provides a plan to give security professionals access to education, training to increase their professional experience in efforts to increase their skill level and ability to protect our nation's secrets.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"><span style="box-sizing: border-box; padding-top: 0px;">The </span><a href="https://www.redbikepublishing.com/ispcertification/" style="background-color: transparent; box-sizing: border-box; color: #333333; pointer-events: none;" target="_blank">ISP Certification </a><span style="box-sizing: border-box;">is sponsored by NCMS (Society for Industrial Security) a professional organization specializing in protecting classified information. The ISP holder demonstrates a high level of knowledge in this area. The certification is based on the </span><a href="https://www.redbikepublishing.com/nispom/" style="background-color: transparent; box-sizing: border-box; color: #333333; pointer-events: none;" target="_blank">National Industrial Security Professional Operating Manual (NISPOM) </a><span style="box-sizing: border-box; padding-bottom: 0px;">but also covers electives such as: COMSEC, OPSEC, and other topics.</span></span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="font-family: georgia; font-size: large;"><a href="https://www.redbikepublishing.com/ispcertification/" style="background-color: transparent; box-sizing: border-box; color: #333333; padding-top: 0px; pointer-events: none;" target="_blank">Industrial Security Oversight Certification (</a><a href="https://www.redbikepublishing.com/ispcertification/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; pointer-events: none;" target="_blank">ISOC)</a><span style="box-sizing: border-box;"> is sponsored by the Department of Defense and information can be accessed at </span><a href="https://www.cdse.edu/certification/" style="background-color: transparent; box-sizing: border-box; color: #333333; padding-bottom: 0px; pointer-events: none;" target="_blank">https://www.cdse.edu/certification/</a></span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: georgia; font-size: large; padding-bottom: 0px; padding-top: 0px;">Both certifications are based on NISPOM requirements. The NISPOM is the government contractor's guidance from DoD on how to receive, process and distribute classified information. It covers how to mark, document, store, disseminate and destroy classified as well as how to set up classified computing. If you have worked with contractors or plan to work with contractors, you should be familiar with the NISPOM. Chances are that you are already familiar with the processes from your military and government experiences.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: georgia; font-size: large; padding-bottom: 0px; padding-top: 0px;">This certified professional communicates to supervisors, the promotion board, and others that they are committed to the business, the industry and the protection of national interests. It equips the security manager with the knowledge and skills to perform critical tasks as well as relate well to what civilian counterpart requirements. Most of all, it gives the bearer confidence in their ability to apply their knowledge. As this certification program evolves, more and more employers will require the certification. </span></p><p style="background-color: white; box-sizing: border-box; color: #333333; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: georgia; font-size: large; padding-bottom: 0px; padding-top: 0px;">What can you do to increase your experience and skills? Professional certification is a great move for security managers. Whether or not you will make security a career, you will find this certification a career enhancer. With the advent of the new Executive Order, certifications may become requirements in the civilian sector and perhaps even in government security positions. Also, consider joining a professional security organization.</span></p></div><div><span style="font-family: georgia; font-size: large;"><br /></span></div><span style="font-family: georgia; font-size: large;
<p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;">Join our <a href="https://www.redbikepublishing.com/contact/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">reader list</a> for more articles.</span></p><p style="background: rgb(255, 255, 255); border: 0px; box-sizing: inherit; color: rgba(0, 0, 0, 0.75); line-height: 3.2rem; margin: 3.2rem 0px; padding: 0px; vertical-align: baseline;"><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="https://www.blogger.com/blog/post/edit/5239474422425503931/1314643824649095020#" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Red Bike Publishing </a>. He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "<a href="https://www.redbikepublishing.com/insidersguide/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">Insider's Guide to Security Clearances</a>" and "<a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">How to Get U.S. Government Contracts and Classified Work</a>", "<a href="https://www.redbikepublishing.com/ispcertification/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">ISP(R) and ISOC Master Exam Pre</a>p", and <a href="https://www.bennettinstitute.com/" rel="nofollow noopener" style="background: transparent; border: 0px; box-sizing: inherit; font-weight: 600; margin: 0px; overflow-wrap: break-word; padding: 0px; text-decoration-line: none; touch-action: manipulation; vertical-align: baseline;" target="_blank">NISPOM/FSO Training</a>".</span></p>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-18261458215629453312021-01-02T12:25:00.000-06:002021-01-02T12:25:00.011-06:00Frequently Asked Security Clearance Questions<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjF4TCunUpBGrVhgViOrS_2WXDBbrqhT6KNJfMnOlsM5lTD4FUV0_rGySePxoqgYTkdWpi1WkUxHzfuyibdZqNfNOhYUwkLrzpMyGneU5Sr8B6Yoq3HL52cLSyRzaEPjOOX85i-NRPSnA/s9000/AdobeStock_225508219.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2600" data-original-width="9000" height="185" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjF4TCunUpBGrVhgViOrS_2WXDBbrqhT6KNJfMnOlsM5lTD4FUV0_rGySePxoqgYTkdWpi1WkUxHzfuyibdZqNfNOhYUwkLrzpMyGneU5Sr8B6Yoq3HL52cLSyRzaEPjOOX85i-NRPSnA/w640-h185/AdobeStock_225508219.jpeg" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><br /></div><h2 style="background-color: white; box-sizing: border-box; color: #333333; counter-reset: list-1 0 list-2 0 list-3 0 list-4 0 list-5 0 list-6 0 list-7 0 list-8 0 list-9 0; font-family: sans-serif; font-size: 24px; margin: 0px; padding-top: 10px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">By: Jeffrey W. Bennett, SAPPC, SFPC, ISOC, ISP</span></h2><div><br /></div><div><br /></div><div><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> In our various roles as industrial security managers, we often field tough security questions. Good questions provide the opportunity to address security clearance and awareness issues that may not arise during formal annual training sessions. These questions usually come up as I walk around the facilities or speak with folks informally. Here are just a few:</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><br style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;" /></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;">1. </span><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; font-weight: bolder; padding-bottom: 0px;"><u style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;">Is everyone who asks guaranteed a security clearance?</u></span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;"> No, having a security clearance is not one of our inalienable rights. A </span><a href="https://www.redbikepublishing.com/insidersguide/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; font-family: Georgia, sans-serif; font-size: 18px; pointer-events: none;" target="_blank">security clearance</a><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px;"> is a determination of trustworthiness based upon an extensive background check conducted by some very professional and persistent investigators. The background checks help answer a person's ability to protect classified information based on the following criteria:</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Allegiance to the United States</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Foreign influence</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Foreign preference</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Sexual behavior </span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> • Personal conduct</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Financial considerations</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Alcohol consumption</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Drug involvement</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Psychological conditions</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Criminal conduct</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Handling protected information</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Outside activities</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Use of Information Technology Systems</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><br style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;" /></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;">2.</span><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; font-weight: bolder; padding-bottom: 0px;"><u style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;"> Is it true that the Government can deny a security clearance for something as simple as filing bankruptcy?</u></span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;"> Yes, a security clearance can be denied for many reasons uncovered during the investigation reflecting the 13 criteria mentioned above. Remember, a clearance determination is based on whether or not an employee is trustworthy. Events or actions that may subject someone to release classified material to unauthorized persons or prevent them from </span><a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; font-family: Georgia, sans-serif; font-size: 18px; pointer-events: none;" target="_blank">protecting it properly </a><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px;">could lead to a security clearance denial.</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> </span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;">3. </span><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; font-weight: bolder; padding-bottom: 0px;"><u style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;">Why should I earn a certification?</u></span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> Try using your favorite search engine to find a job in industrial security. You’ll find that employers are now looking for prospects with education and certification.</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> </span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;"> 4. </span><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; font-weight: bolder; padding-bottom: 0px;"><u style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;">What certifications are available?</u></span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> NCMS (Society of Industrial Security Professionals) offers the Industrial Security Professional (ISP) Certification to those who work with and protect classified material. </span></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">Job descriptions include:</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Facility Security Officer</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Security Specialist</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Document Custodian</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><br style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;" /></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">ASIS International Offers the CPP and other certifications. Also certifications include: CISSP, OPSEC, etc. </span></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">DoD also offers the SAPPC, SFPC, ISOC and many other security certifications.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">Job descriptions include:</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Facility Security Officer</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Security Specialist</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">• Document Custodian</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> </span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;">5. </span><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; font-weight: bolder; padding-bottom: 0px;"><u style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;">Why are so many people being arrested for stealing “secrets”?</u></span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> In recent news, contractors and government employees have been arrested for taking classified material from the workplace, releasing it to unauthorized persons, and conducting export violations.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;">In some cases, the employees did not have ill intent, but lacked training. More seasoned veterans of classified work have become “immune” to security procedures. For the most part, they have committed violations and infractions, but have not been arrested.</span></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;">A few have conducted espionage. It is important that security managers review security violations and look for patterns and include the information as part of the security awareness training. Such information is an integral of </span><a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; font-family: Georgia, sans-serif; font-size: 18px; pointer-events: none;" target="_blank">developing a good security system designed to protect employee</a><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px;">, corporate and national security.</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><br style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;" /></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-top: 0px;">6. </span><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; font-weight: bolder; padding-bottom: 0px;"><u style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;">My friend has a SECRET clearance just like me. However, she won’t talk with me about her SECRET stuff. What’s up with that?</u></span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> You may recall in your security awareness training that classified conversations are conducted in approved areas. Dinner dates, car pools, movie theaters, etc are not approved areas. Also, just because you have a security clearance doesn’t automatically make you able to access classified material. You also have to have a valid need to know.</span></p><p class="paragraph-spacing-none" style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"><span style="box-sizing: border-box; font-family: Georgia, sans-serif; font-size: 18px; padding-bottom: 0px; padding-top: 0px;"> Develop relationships within your security professional network. Look for opportunities to help other professionals. Equally important are developing a positive relationship with those with whom you have security oversight. Be approachable so that they will trust you enough to ask the tough questions. Who knows, you may help prevent security violations.</span></p></div><div><br /></div> W. Bennett, ISP is the owner of Red Bike Publishing <a href="http://www.redbikepublishing.com" target="_new">Red Bike Publishing </a>.
He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures.
He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".<div class="separator" style="clear: both; text-align: center;"><br /></div><br /><div class="separator" style="clear: both; text-align: center;"><br /></div><br />jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-55142017979782607142020-12-04T14:49:00.004-06:002020-12-04T14:50:47.726-06:00Why Facility Security Officers and Security Specialists Protect Classified Material.<div><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 0px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"></span></span></p><div class="separator" style="clear: both; text-align: center;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZNMgnOAsBy08bcwC7_iuYJh5TphOyq10stkdNJ9UZZbcaxS5rgR4axXTwfKgtXbTQNl1xh0FHVS3f9Y1GC_b6LqOmoX1S1um-CudCaIhloviFcdOS1UI4Gxkrrts7paJBjYJxlDJCpQ/s7922/AdobeStock_271715382.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="4000" data-original-width="7922" height="324" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZNMgnOAsBy08bcwC7_iuYJh5TphOyq10stkdNJ9UZZbcaxS5rgR4axXTwfKgtXbTQNl1xh0FHVS3f9Y1GC_b6LqOmoX1S1um-CudCaIhloviFcdOS1UI4Gxkrrts7paJBjYJxlDJCpQ/w640-h324/AdobeStock_271715382.jpeg" width="640" /></a></span></span></div><span style="color: black;"><span style="font-family: georgia; font-size: large;"><br />Facility Security Officers (FSOs) the security managers for cleared defense contractors, implement and direct security programs to <a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" target="_blank">protect classified information</a>. As an FSO or a supporting security professional in this role, have you ever wondered how the classified information you protect gets its designation? We can find the answer in Presidential Executive Order 13292.</span></span><p></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;">You may have heard and read reports of how over-classification results in unnecessary costs. You might also understand from similar reports of how under-classification can lead to compromise of sensitive information. To better prevent unauthorized disclosure and ensure that classification is assigned to only that information needing protection, the President has issued special guidelines. In cases where items may be assigned an original classification, four conditions must be met:</span></span></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"> An original classification authority (OCA) is classifying the information; Specifically, only the President and in certain circumstances the Vice President, agency heads designated by the President in the Federal Register, and appointed U.S. Government Officials can serve as OCA's. Agency heads are responsible for ensuring that only the minimum amount of subordinate officials are delegated original classification authority. It is these Government checks and balances that ensure responsibility and accountability.</span></span></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"> The President, Vice President, agency heads, and officials designated by the President can delegate TOP SECRET original classification authority. SECRET and CONFIDENTIAL original classification authority also may be given to senior agency officials who are designated by agency heads in writing. The authority may not be automatically re-delegated.</span></span></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"> The original classification authorities attend training as identified in the executive order and other directives. The education is similar to annual security awareness training the FSOs are required to offer employees with <a href="https://www.redbikepublishing.com/insidersguide/" target="_blank">security clearances</a>. For example, they learn how to protect classified information, how to mark it, and how to handle dissemination in addition to learning how to determine the classification level.</span></span></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"> An original classification authority may determine a classification on anything that is owned, produced or controlled by the U.S. Government. For example, the Government contracts a company to make a product important to national security. As part of the contract, the government will require that the company construct and assemble items that must be safeguarded at the SECRET level of classification. They will work with the contractor and provide direction and means for production, protection measures in addition to the stipulations of the contract. The company is then contracted to make defense articles or provide services that the Government owns.</span></span></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"> The information to be classified should fall into one of the following categories: Military plans, weapons systems or operations; Foreign government information; Intelligence activities, sources or methods or cryptology; Foreign relations or activities of the United States including confidential sources; Scientific, technological, or economic matters relating to national security, including defense against transnational terrorism; U.S. programs for safeguarding nuclear materials or facilities; Vulnerabilities of systems, installations, infrastructures, projects, plans or protection services related to national security including terrorism; Weapons of mass destruction.</span></span></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"> The OCA also should determine that the unauthorized disclosure of the information reasonably could be expected to result in damage national security, which includes defense against transnational terrorism, and they are able to identify or describe the damage. This is the fourth and final requirement that must be met before an original classification authority can assign a classification level. Classification levels are designed to implement the proper level of protection. It is part of the risk management component of security. The consequence of loss of the information is part of the categorization process.</span></span></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"> The impact of disclosure is categorized from reasonably causing "damage" for CONFIDENTIAL information through "serious damage" for SECRET information to "seriously grave damage" for TOP SECRET information. The EO 13292 states that the impact of loss or compromise of the information must be at one of the three defined levels in order to be assigned a classification. The other part is that the classifier should be able to describe or identify the damage. This measure again informs the user that the information is to be safeguarded at a necessary level and also to prevent the original classification authority from assigning a classification level needlessly.</span></span></p><p style="background-color: white; color: #333333; margin-bottom: 0px; margin-top: 16px;"><span style="color: black;"><span style="font-family: georgia; font-size: large;"> Cleared Defense Contractors protect information classified by the OCA's. Understanding the reasoning behind the classification is not critical, but it may give a better comprehension of the <a href="https://www.redbikepublishing.com/nispom/" target="_blank">National Industrial Security Program</a>. Such information could lead to better security measures or heightened awareness of the sensitive nature of classified information. </span></span></p></div><div><span style="font-family: georgia; font-size: large;">
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "0981620655";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "6accf52952c1ee1dcc07c1b396bbf366";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800268";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "102083e6fa7f63b3b9e4dd4510620c67";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800896";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "fe7397dc1b0f4934a74976101d89be26";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<br /></span></div><span style="font-family: georgia; font-size: large;">Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="http://www.redbikepublishing.com" target="_new">Red Bike Publishing </a>.
He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures.
He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".</span>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-26390994454510028002020-12-04T14:41:00.004-06:002020-12-04T14:41:46.111-06:00A Career in Industrial Security-Charting the Course.<p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"></p><div class="separator" style="clear: both; text-align: left;"><a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" imageanchor="1" style="margin-left: 1em; margin-right: 1em;" target="_blank"><img border="0" data-original-height="1481" data-original-width="1000" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4gNbDu0KEB0XTBq6CFRew4lTmfNHxXBYBz3svqVPeqw3nTng5GRUZb_LmnFaSL3k5mQiG3Gq7iop04kWiyamMqVAVh9bOLnyOIl8FW00lllBNIZTMjsRDEGzZyQpNMH6FmyVAcRZf0w/w432-h640/SecurityClearancesFlat+copy.jpg" width="432" /></a></div><span style="font-family: georgia; font-size: large;">I receive a lot of emails from people who wonder how to get into the security field. Many are looking for a career change and are curious about what kind of education and experience is needed to work as a security specialist in the defense and contractor industry. Others are just starting out in life and looking for a job with challenges and opportunities the security field offers. There are plenty of great opportunities in with large and small contractor companies providing the venue. Here is what I have discovered about our industry and some of you may have other experiences and advice you can pass to those who ask about a career in security. </span><p></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"> <a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" target="_blank">Industrial security </a>is an outstanding field for someone with all ranges of experience to enter into. Some have been hired at an entry level job and have received promotions and additional responsibilities. Others have transferred full time to security after enjoying serving in an additional duty capacity. Career growth occurs as the contract and company expands or the employee takes on more responsibilities after hiring on with another company. Security managers can also move to higher level security positions as chief security officer or corporate security officer as experience meets opportunity.</span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"> Employees just entering the work force can benefit from entry level jobs. These opportunities are great for building skills and filling a critical need while filing receipts, wrapping packages, checking access rosters, applying information system security, or bringing classified information into an accountability system. Those skills combined with learning to implement programs designed to safeguard classified information provides a great foundations to build careers on. Additionally, many employees attend university and other adult education opportunities while serving full time in the security field. The experience, education, certification and security clearance gained while on the job prove very valuable.</span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"> Taking a look at want ads and job announcement, one can see that education and certification is beginning to be more of a requirement. Past listings for entry level and some FSO jobs required only the ability to get a security clearance and having a high school diploma or a GED. However, more and more job announcements require formal education to include college and a preference for security certification. The defense security industry still provides a good career field to gain entry level experience and move up quickly. Being well entrenched in a good career provides the perfect environment and opportunity for simultaneous education and certification. This will make the prepared ready for future positions and raises.</span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"> For those starting their careers in smaller enterprises have a keen opportunity to perform in various security disciplines. Some actually assume appointed FSO responsibilities as an extra duty and learn as they go. Many of the defense contractor organizations are small and may only have one person in the security role. The sole security manager may only work in one discipline such as personnel security. Others have a larger scope, working with a guard force, information security, and compliance issues such as exports. </span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"> Large Defense Contractors and Government agencies also provide entry level security jobs. The job title is often security specialist and job descriptions allow for many experiences. Some descriptions use words to the affect as the following: “The candidate must be eligible for a security clearance. Job responsibilities include receiving, cataloging, storing, and mailing classified information. Maintain access control to closed areas. Provide security support for classified information processing and destruction. Initiate security clearance requests and process requests for government and contract employees conducting classified visits. Implement security measures as outlined in <a href="https://www.redbikepublishing.com/nispom/" target="_blank">NISPOM</a>.” Administrative, military, guard, and other past job experience may provide transferrable skills to allow a person to apply for the job. Once hired, the new employee learns the technical skills, they can quickly advance applying their other experiences and education. </span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"> Our industry is still a great place to learn and grow. Career advancement and promotions are continually available for the prepared. Opportunities continue to exist in companies large enough to provide increasing challenges and rewards. Some may have to apply for jobs with other enterprises to reach their potential. Others may be satisfied performing their valuable functions in an organization where their skills are valued and rewarded. Be sure to recommend our <a href="https://www.redbikepublishing.com/ispcertification/" target="_blank">ISP Certification-The Industrial Security Professional Exam Manua</a>l to anyone you know who may be getting ready for a job interview. Our intensive NISPOM study will prepare anyone for the upcoming interview. Regardless of your professional goals, what are you doing to remaining competitive? </span></p>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "0981620604";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "3f43186c8d3bf791d2d51dd97233f8ae";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "0981620655";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "6accf52952c1ee1dcc07c1b396bbf366";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800268";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "102083e6fa7f63b3b9e4dd4510620c67";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"><br /></span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"><br /></span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"><br /></span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"><br /></span></p><p class="paragraph-spacing-none" style="margin-bottom: 0px; margin-top: 0px;"><span style="font-family: georgia; font-size: large;"><br style="background-color: white; color: #333333;" /></span></p><span style="font-family: georgia; font-size: large;"> Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="http://www.redbikepublishing.com" target="_new">Red Bike Publishing </a>.
He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures.
He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".</span>jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-50246115677772928802020-10-10T12:39:00.001-05:002020-10-10T12:39:48.457-05:00Becoming an FSO of Influence. How to grow with a growing company.<div><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTSFz94yrjwvKXZZN142PfppnwkiaXq8v5L9XIibLBqBsc8sw8-in1ybSBwUDdT_1EhLHlh5MgVlEG7N6SNin64jUdXUER193kZv8df5H4MZB9h2xU4AzM2va-pMa7tpiWfgd36S1YEw/s5480/AdobeStock_303595939.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3653" data-original-width="5480" height="426" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTSFz94yrjwvKXZZN142PfppnwkiaXq8v5L9XIibLBqBsc8sw8-in1ybSBwUDdT_1EhLHlh5MgVlEG7N6SNin64jUdXUER193kZv8df5H4MZB9h2xU4AzM2va-pMa7tpiWfgd36S1YEw/w640-h426/AdobeStock_303595939.jpeg" width="640" /></a></div><br />A few times I've had a similar conversation with a few leaders in the security industry. They had been experiencing the same reaction from their enterprize leadership and were frustrated to the point of looking for another job. Their joint frustration revolved around a lack of support for their security vision. They could not seem to get past the barriers in perception that they did much more than request and manage security clearances and facilities. This may be a common issue facing many FSOs throughout the <a href="https://www.redbikepublishing.com/nispom/" style="box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank">National Industrial Security Program</a> cleared defense contractor base. <p></p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">These issues could stem from from three possible challenges facing cleared defense contractor companies. The first is that the FSO has not developed a reputation of a corporate leader with effective strategies to ensure the organization is prepared to compete, win, and maintain classified contracts. The second is the cause of the first in that that the company has grown, and the original FSO may not possess the leadership skills necessary to continue engage as necessary. Finally, the security manager is not considered an executive function and falls under a corporate executive and outside of those performing on classified work (a corporate executive vs. a program manager.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">Understanding how security fits into the organization is crucial. Security managers who over-react or use unsubstantiated scare tactics can lose credibility quickly. This could manifest through denial of requests for tools, resources, and capabilities that the workforce needs. Instead of considering workarounds, the FSO may naturally be inclined to say "no" instead of doing the hard and helpful work of performing a risk assessment and providing helpful solutions. Rather than assuming the role of "Dr. No" , the FSOs should possess the skill to develop policy that supports NISPOM requirements AND provides for the fulfillment of the classified contract's objectives, work products, and deliverables.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">I've witnessed FSOs often respond to requests with "DSS (DCSA) won't allow it," or the more popular "it violates the NISPOM", only to have industrious cleared employees find a workable solution approved by the government customer, while going around the FSO. Think about what that does to the FSO's credibility and influence? They may never be consulted again and could have their office be reduced to, "just get us our <a href="https://www.redbikepublishing.com/insidersguide/" style="box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank">security clearances</a> and we'll take care of the rest".</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">FSO's should also understand that the security program is there for the cleared employees and not the other way around. The cleared employees perform on the <a href="https://www.redbikepublishing.com/dodsecurityclearancesandcontracts/" style="box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank">classified contracts</a>; the work that brings revenue to the company. The FSO brings the resources, guidance, consultation and tools to facilitate the performance on classified contracts.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">For example, a security practitioners may present security requirements above and beyond the NISPOM when they are not necessary. When challenged to justify expenses or rationale for change in policy, the FSO's may defend their decisions by recalling conference or training events and may take such requests as personal challenges. The experienced FSO understands that security decisions are based on careful risk assessment, and not on general or best practices that may not fit a company's business model or culture. A more succinct example is the FSO requiring the organization to provide monitored surveillance and alarms for the protection of SECRET documents already adequately secured in a GSA approved security container.</p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"> </p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">The second problem addresses the level of the hired or appointed FSO and the company grows from 50 to 300 cleared employees. The FSO for the 50 person company may just need clerical and administrative skills to provide security assistance to the few cleared employees working one or two classified contracts. In this case the company grows to 300 cleared employees, with 15 contracts, and is managing growth problems and opportunities. The growth requires a sound strategy that go beyond clerical skills.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">In the third situation, the corporate office misunderstands the role of the FSO and assumes that they have limited leadership skills and roles. Suppose the FSO is experienced in leadership, but is buried under many levels of leadership and not able to influence decision making. They could make sensible recommendations based on threat assessment and NISPOM requirements. The program is presented professionally, but the management does not understand the role of the FSO as compliance officer and they are typically left underutilized. Perhaps they consider the FSO as a strictly administrative function. In these instances, the FSO has little input into the culture of the company and struggles to implement critical security measures.</p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"> </p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">Larger and very successful cleared defense contractors understand the needed balance. These companies have security managers, chief security officers and compliance officers that are able to address security, privacy, and sensitive company information. These officers usually hold positions and responsibilities at the executive level as well as possess management skills and graduate degrees.</p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"> </p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;">Influencing Change</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">So, how does the described security manager create influence and credibility that counts? First of all, they should address their professions as risk managers. They should factor the contractual requirements, NISPOM, government contracting activity, and potential growth. A growing security requirement is expensive and resources should be planned for and budgets presented based on quantified risk and not fear tactics.</p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"> </p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">Learn how the company earns money-Understand the acquisition and buying system and become an expert. When the security manager understands the contracts process, they can contribute and present the security program in such a way that everyone understands. Instant credibility is gained when management knows the security manager is on board with cost reduction and compliance.</p><p class="paragraph-spacing-none" style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 0px;"> </p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;">Presenting the security program does not have to be a frustrating event. If a security manager is in a position lacking credibility and influence, then they should do whatever it takes to move to the next step. Establishing credibility is a must and it involves making the transition from an administrative clerk to a risk analyzing and compliance professional. Learning to look and act like management and demonstrating an understanding of the business cycle is key to making that move toward excellence.</p><p style="box-sizing: border-box; margin: 0px; padding-bottom: 0px; padding-top: 16px;"><br style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;" />
Check out our book series: <a href="https://amzn.to/36YS106">Security Clearance and Defense Contractorsd</a>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800268";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "06404700c83a255528b4738f7878cd67";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "0981620655";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "f6f1ea1603277d825fb24c57a5c381dd";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "1936800292";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "922eac693992952591977eeecb43be6d";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
</p></div>Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="http://www.redbikepublishing.com" target="_new">Red Bike Publishing </a>.
He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures.
He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0tag:blogger.com,1999:blog-5239474422425503931.post-87152899141083519472020-10-10T11:25:00.002-05:002020-10-10T12:39:31.864-05:00Security Through Walking Around-The Right Questions<div><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 0px; white-space: pre-wrap;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeXtg_of2kmBvt6zkAQ-GPDyFmJ_zS-NXEsn_7d8PMRfkdI2W8mEDsQpmqQ-IYngEmCCJLMzSM32zpbc-wKLkGm_9cgzLcuCjErFUmssZtAzbf7r-cVFYFaTW9Y7Oa3j9Za0w8lWLvJA/s12467/AdobeStock_325254689.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3825" data-original-width="12467" height="196" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeXtg_of2kmBvt6zkAQ-GPDyFmJ_zS-NXEsn_7d8PMRfkdI2W8mEDsQpmqQ-IYngEmCCJLMzSM32zpbc-wKLkGm_9cgzLcuCjErFUmssZtAzbf7r-cVFYFaTW9Y7Oa3j9Za0w8lWLvJA/w640-h196/AdobeStock_325254689.jpeg" width="640" /></a></div><br />I’ve recently fielded questions to some cleared employees. The intent was to generate discussion and get an assessment of how well they understood the <a href="https://www.redbikepublishing.com/securityawareness/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank">National Industrial Security Program (NISPOM)</a>. I’ve received a variety of answers. The responses were intelligent, well thought out, but inaccurate. They demonstrated a lack of understanding based on popular culture and word of mouth.<p></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"> Keep in mind that out of all possible respondents less than a handful replied to each question. Additionally, the survey was in no way scientific. It was just a simple fielding of questions and not intended to be a representation of the industry in general. However, they do provide a sound training solution. How can one use such data to train the force? Well, thanks for asking.</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">Readers of this newsletter can use the same questions while conducting walk around security or otherwise conducting a security survey. Field these questions to your teams. If they respond correctly give loud and public praise. If they answer incorrectly you have just created a <a href="https://www.redbikepublishing.com/fsocertification/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank">training opportunity</a>. Proceed with diplomacy. Use the data you collect as a foundation to design future training. These responses go a long way in identifying weaknesses in the overall understanding of the National Industrial Security Program. These weaknesses could prove a vulnerability to your security program if not addressed properly.</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">Another application is to use the answers I provide here to bring about discussion or add to your security education agenda. Again, no scientific study here. However, certain broad assumptions can be made about general knowledge of the National Industrial Security Program.</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"><br style="box-sizing: border-box; padding-bottom: 0px; padding-top: 0px;" /></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">Now, the questions and answers:</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"> 1. Will your security clearances or the way we protect classified material be impacted by a new President?</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">Answers:</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">a. "The President can de-classify any classified information."</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">b. "There should be some sort of "transition" in place for business that overlaps 4-year Admin tenures."</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">c. "I don't foresee any significant changes."</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">The reality: In recent history two sequential presidents have provided separate executive orders directing how to protect classified information. Presidents have issued policies directing what qualifies to receive a CONFIDENTIAL, SECRET or TOP SECRET classification. </p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">Contractors and government agencies protect classified information based on the guidance from the executive orders. When changes occur, they affect storage capacity, employee manpower and resources toward re-marking or improving security. These resources are funded through overhead and impact profits. Organizations can project requirements and put a proactive plan in place to make necessary transitions easier.</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">2. Is a defense contractor allowed to advertise their facility security clearance level or post about it on social media?</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">"It depends on what level you're advertising. You should be able to advertise clearance levels."</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">The reality:</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">According to the <a href="https://www.redbikepublishing.com/nispom/" style="background-color: transparent; box-sizing: border-box; color: #7f7f7f; padding-bottom: 0px; padding-top: 0px; pointer-events: none;" target="_blank">National Industrial Security Program Operating Manual (NISPOM</a> , the contractor cannot use their security clearance level to advertise for business.</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">NISPOM 2. General. An FCL is an administrative determination that a company is eligible for access to classified information or award of a classified contract.</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;"> A contractor shall not use its FCL for advertising or promotional purposes</p><p style="background-color: white; box-sizing: border-box; color: #333333; font-family: sans-serif; font-size: 16px; margin: 0px; padding-bottom: 0px; padding-top: 16px; white-space: pre-wrap;">As the lead security education provider, the Facility Security Officer has to break through perceptions. Those cleared employees should grasp a good understanding of their responsibilities to protect classified information. The FSO’s can ask simple questions to gage the effectiveness of the training and discover areas in which to conduct training.</p></div>
Check out our book series: <a href="https://amzn.to/36YS106">Security Clearance and Defense Contractorsd</a>
<script type="text/javascript">
amzn_assoc_tracking_id = "wwwjeffreywbe-20";
amzn_assoc_ad_mode = "manual";
amzn_assoc_ad_type = "smart";
amzn_assoc_marketplace = "amazon";
amzn_assoc_region = "US";
amzn_assoc_design = "enhanced_links";
amzn_assoc_asins = "0981620655";
amzn_assoc_placement = "adunit";
amzn_assoc_linkid = "f6f1ea1603277d825fb24c57a5c381dd";
</script>
<script src="//z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US"></script>
<div><br /></div>Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing <a href="http://www.redbikepublishing.com" target="_new">Red Bike Publishing </a>.
He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures.
He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".jeffhttp://www.blogger.com/profile/07813710516522583125noreply@blogger.com0