Security Executive Blog

When Facility Security Officers and security specialist build security programs, we tend to use tools to remind employees of their responsibilities. We use security training to get the information out, enforce clean desk policies and post reminders of classified information in progress. Each tool notifies the holder of classified information that they are in possession of classified information, to protect that information and properly dispose of it when they are done. They can also be used to protect proprietary data, intellectual property and personnel information. But sometimes even tools become mundane, no longer giving the impact they once did. Sometimes tools are misused, never giving the impact they were  originally  designed to give. Let's look at a few tools from a risk management perspective with some "out of the box suggestions. What unique ways can you employee traditional security methods. Security training- Cleared employees performing on classifi...

Several years ago I became aware of a situation where a defense contractor’s export compliance officer was approached by a business development manager about an opportunity. The business manager stated that the company was pursuing a contract with a foreign country to sell them an export regulated material. Though the material was clearly designed for military use, the business manager rationalized that the application was for civil and not military use. She rationalized that since the transaction would not be for defense application, the company should not need to seek an export license. Though there is guidance for what and how to export, many export issues are unique and may not be fully understood, until the export compliance officer asks the right questions and gets the full story. It’s not the intent of the transaction, but the technology, product or item being transferred. Recently a company was fined for violating an export law by shipping a controlled chemical. In an...

Engage your company with an aggressive insider threat countermeasures that the government and contractors apply to ensure a good security program. One of the best applications is the continuous evaluation program used by cleared contractors and their cleared employees. Though applied to those with government security clearances, it can be adopted to benefit other enterprises as well. Of course you will have to consider legal guidance and protection of personal information. Here’s how it works in the defense contractor community.  An employer determines an employee requires a security clearance based on a defense contract requirement . Once the contractor submits a security clearance request, the employee is subject to a rigorous background investigation and adjudication process. If results are favorable, the employee is granted a security clearance .  So, why not continue this process through the cleared employee’s employment? Responsibilities don’t stop with g...