Security Executive Blog

Wow, these phishermen are really setting the bait waiting to lure us into the frying pan. But whatever you do, don’t succumb to the persuasion, cause you’ll find yourself in a nasty trap. One minute you’re enjoying the safety of a warm swimming experience through cyberspace, the next you’re hauled in, and prepped for dinner. There’s a reason the subject line and message are so compelling. They play on your hopes or your fears. Sometimes they play on your fears and give you hope, but almost always, they lead to destruction.  These scams do nothing more than at the most innocent level, collect personal information or lead you to a website they want you to visit. One of the most obvious ways to tell a scam is that the hyperlinks don’t lead where the wording says. In these examples, they claim to take you to the IRS. But just as a trophy bass strikes a lure hoping for a yummy meal, we are fooled the same. Check out the example from the "IRS": It's real cheek...

Here's the latest scam from some misguided individuals pretending to be Amazon.com. I've received two so far. Be on the lookout for these emails. Do yourself a favor, don't open them, just delete and forget it. Here's how you can tell it's a fake: 1.  Sent from a private email address, not an Amazon.com address 2.  The product delivery address is not mine. 3.  The hyperlinks don't go to amazon.com. Returns are easy. Visit our  Online Return Center . If you need any assistance with your order, please visit  Merchant Contact Form . We hope to see you again soon!  Amazon.com For your protection, I've disabled the hyperlink. However, if you receive a similar email and if you scroll your mouse over the hypelink you'll see something totally different:  http://earl2.jamesbeard.org/fhd42i3d.html I didn't bother clicking, because I may get a nasty surprise. So, scams are alive and well. Protect yourself and your employees by...

As I struggled through a neighborhood jog, my thoughts wandered to adding more distance. My jogging route includes a core distance of 2 miles. However to increase stamina and speed I have to add distance. So, I began adding more cul-de-sacs and side routes. At first my body responded to the request with “not another requirement, this run is perfectly fine as is.” However, my mind rationalized in reply, “If you ever want to get better, stronger and faster, you’ll have to accept more challenges.” Soon, I began to incorporate the added distance to my daily run and now my body expects three miles. Gone is the expectation of a two mile distance. The three miles is now the standard and “not just another added requirement.” Suddenly, I realized this conversation sounded very familiar. In fact, it reminded me of some recent conversations I’ve had as an FSO. You’ve heard it before, so let’s shout it out loud: “NOT ANOTHER SECURITY REQUIREMENT!” The annual security awar...

One way to be a world class Facility Security Officer at a cleared defense contractor facility is to provide value to the enterprise. The National Industrial Security Program Operating Manual (NISPOM) describes the FSO as responsible for developing and implementing a security program to protect classified information. But is that all FSOs are supposed to do? How about providing more value to the enterprise by assisting other business units based on skills FSOs develop and demonstrate beyond NISPOM . FSOs are highly trained through FSO and  NISPOM training. FSOs can better their bonefides with the Industrial Security Professional (ISP) Certification For example, in fortune 500 companies, the Chief Security Officer or other similar title is responsible for IT security, physical security, loss prevention and etc. So, are these roles covered adequately in your enterprise? It’s not so clear cut at defense contractor facilities. There is so much more that can be done and the ent...

Some defense contractors mistakenly assume that they can request a Facility Security Clearance (FCL) for business development purposes or to better position themselves future classified contract opportunities.  Though that is not how FCLs are awarded there is a process and methodology to justify the FCL.  The FCL justification is the trigger point for a Cognizant Security Agency like DSS to investigate a defense contractor for a security clearance. A well documented justification indicates that the contractor is or will be required to work on classified contracts .  The justification should include information regarding the nature of the classified work performance that requires the company to access classified information. Some examples are: 1.       A DD Form 254 – This lists exactly what a cleared company is expected to do and how they are to perform on the contract. It provides name of company, DSS covering organization, clearance ...