Security Executive Blog

Facility Security Officers (FSOs) the security managers for cleared defense contractors, implement and direct security programs to protect classified information . As an FSO or a supporting security professional in this role, have you ever wondered how the classified information you protect gets its designation? We can find the answer in Presidential Executive Order 13292. You may have heard and read reports of how over-classification results in unnecessary costs. You might also understand from similar reports of how under-classification can lead to compromise of sensitive information. To better prevent unauthorized disclosure and ensure that classification is assigned to only that information needing protection, the President has issued special guidelines. In cases where items may be assigned an original classification, four conditions must be met:      An original classification authority (OCA) is classifying the information; Specifically, only the President a...

I receive a lot of emails from people who wonder how to get into the security field.  Many are looking for a career change and are curious about what kind of education and experience is needed to work as a security specialist in the defense and contractor industry.   Others are just starting out in life and looking for a job with challenges and opportunities the security field offers.   There are plenty of great opportunities in with large and small contractor companies providing the venue.  Here is what I have discovered about our industry and some of you may have other experiences and advice you can pass to those who ask about a career in security.       Industrial security is an outstanding field for someone with all ranges of experience to enter into.  Some have been hired at an entry level job and have received promotions and additional responsibilities.  Others have transferred full time to security after enjoying se...

A few times I've had a similar conversation with a few leaders in the security industry. They had been experiencing the same reaction from their enterprize leadership and were frustrated to the point of looking for another job. Their joint frustration revolved around a lack of support for their security vision. They could not seem to get past the barriers in perception that they did much more than request and manage security clearances and facilities. This may be a common issue facing many FSOs throughout the National Industrial Security Program cleared defense contractor base.  These issues could stem from from three possible challenges facing cleared defense contractor companies. The first is that the FSO has not developed a reputation of a corporate leader with effective strategies to ensure the organization is prepared to compete, win, and maintain classified contracts. The second is the cause of the first in that that the company has grown, and the original FSO may not posses...

I’ve recently fielded questions to some cleared employees. The intent was to generate discussion and get an assessment of how well they understood the National Industrial Security Program (NISPOM) . I’ve received a variety of answers. The responses were intelligent, well thought out, but inaccurate. They demonstrated a lack of understanding based on popular culture and word of mouth.  Keep in mind that out of all possible respondents less than a handful replied to each question. Additionally, the survey was in no way scientific. It was just a simple fielding of questions and not intended to be a representation of the industry in general. However, they do provide a sound training solution. How can one use such data to train the force? Well, thanks for asking. Readers of this newsletter can use the same questions while conducting walk around security or otherwise conducting a security survey. Field these questions to your teams. If they respond correctly give loud and public praise. ...

Let’s test your knowledge of international operations. The following situation is pure fiction, but is based on issues facing businesses everyday. This situation is tricky enough with unclassified contracts, but the addition of possible classified work may complicate the issue. Try to answer the following question: As the security manager of a classified facility, you have many responsibilities including approving classified visits. Not a problems since most visit requests are handled through agency approved data bases . Besides, you have a very large staff and the process is pretty much routine until…. A program manager enters your office and informs you that her foreign customer wants to send an employee to work onsite on a classified program for six months. The program manager wants you to give her a visit request form that the foreign company can use to submit a visit request. You think about this for a moment and realize that though the situation is unusual, it should be a worka...

A few years ago I facilitated a short but very rewarding eight hour seminar on the International Traffic In Arms Regulation (ITAR) Overview. I am grateful to the staff at the University of Alabama in Huntsville and the North Alabama Trade Association for both sponsoring the event and allowing me to present. I found the course rewarding as I presented to a mixed audience of 30 professionals ranging from shipping and receiving specialists to executive vice presidents. The mix also consisted of professionals with various degrees of know-how as consultants, attorneys, technology control officers and those brand new to the field shared experiences and learned from one another. As a compliance officer in various disciplines, I have had the privilege of leading security and compliance teams and seminars on multiple topics Though this was my first of hopefully many export regulations seminars, I noticed the similar need in the compliance field. Regardless of the discipline, compliance works b...

Check out our podcast Some security training and briefings are very discouraging for the workforce. Many times, the training is the exact same video or presentation used year after year. This podcast and article discusses ways to improve training by making it applicable based on skill level. In other words, someone who has been working on classified contracts for five years or more already understands the three levels of classified information; so why not move on. So, if you go to my website www.redbikepublishing.com , you might find training and tests that do ask those types of questions. That’s because many of my books and training products are specifically for security managers and includes certification study guides. It’s appropriate for me to ask administrative types of questions. It’s unfair to provide that type of training to the workforce.  This topic is specifically about how to make your security training more effective for your work force. There are two types of training...

Cleared Defense Contractors , employees, and government workers review classified information, but may not understand how or why the markings are applied. Sure, it's obvious that the markings do warn of the classification level and how to protect it, but the markings also show so much more. Classification markings are applied by the Original Classification Authority and provided for many reasons to include, warning of classification level, determining what is classified, the length of the classification duration, and who made the classification decision. Marking classified material is a method of warning and informing of classification level, the exact information to be protected, of downgrading and declassification instructions, reasons for classification and sources of classification, and special access, control or safeguarding requirements.  In classified documents, the classification level is applied to the front and back covers, top and bottom of pages, paragraph...

https://bennettinstitute.com/course/ispisoctipis/ We have a free ISP and ISOC Certification study course.  Prepare For The DoD's SPeD Industrial Security Oversight Certification And The Industrial Security Professional Certification. This Training Contains Supplemental Study Information That Can Help You Pass The DoD / CDSE Security Professional Education Development (SPēD) SFPC, SAPPC And ISOC Certification Exams And The NCMS ISP Certification Exam. Some are reluctant to certify, but they just need the confidence earned through practice. Using practice tests to augment your certification exam preparation will help. This training is available for SPeD and ISP Certification  Isn't It Time You Earned Security Certification? “(Your Name Here), ISP, SFPC, SAPPC, ISOC"–Imagine What Certification Can Do For You Come visit: https://bennettinstitute.com/course/ispisoctipis/  

https://bennettinstitute.com/course/nispomchapter1free/ Bennett Institute has a new course and it's free. It's called introduction to the NISPOM. Come check it out. This course introduces the NISPOM so that the student can better grasp the elements of NISPOM. When finished, the student will have a better understanding of NISPOM and all the topics of Chapter 1.  This is great training for: Seasoned and new Facility Security Officers Newly Cleared Defense Contractors Cleared Employees  Studying for Industrial Security Professional (ISP) and Industrial Security Professional Oversight Certification (ISOC).  Come check us out. https://bennettinstitute.com/course/nispomchapter1free/  Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction bo...

https://www.redbikepublishing.com/fsocertification Excerpt from upcoming book featuring the topic of classified information systems. Since much of the work that Cleared Defense Contractors (CDC) perform is on automated systems, it is important to understand how to protect classified information that resides on information systems (IS). NISPOM Chapter 8 Classified IS discusses just how to do so. The intent of this writing is to demonstrate that the protective measures for classified IS are very similar to those that are described in other NISPOM chapters. This is our explanation of how classified information should be protected equally, no matter what form it takes. In other words, SECRET hardware should be afforded the same protective measures as SECRET software. I write this to demonstrate that a Facility Security Officer should not be intimidated by any IS security discussions; they are similar to protective measures employed for all forms of classified information. Some ...

https://www.bennettinstitute.com/courses NISPOM Fundamentals Webinar Red Bike Publishing is now hosting a webinar with multiple installations. We used to host it at Udemy, but are hosting our own training. Take NISPOM Classes one chapter at a time Currently we have each of the NISPOM Chapters 1-8 available. Each lesson is 1 to 2.5 hour long consisting of lectures, presentations and graded quizzes. Soon I'll be loading the rest, but you can start training now. Or all at once as we have bundled these courses. We now have the NISPOM Fundamentals course ready to go. This course combines chapters 1-8 and is updated regularly with additional chapters and content. Register now and have access to all updates. As we update, we will be charging more depending on the amount of content. However, if you register now, this registration will include all future updates at no additional cost. The fundamentals of NISPOM is $350.00. However, for the next few days, we offer them for th...