Security Executive Blog

Becoming a cleared defense contractor (CDC) demands more than just a defense contractor getting a security clearance and performing on  classified contracts . It's more to do with, what to do once the clearance is awarded; specifically, protecting classified information. This protection involves physical, classified processing, and information security. It's more than just buying safes, installing access controls and getting employees security clearances. Primarily, the CDC must appoint a Facility Security Officer (FSO) responsible for implementing a program to protect classified information. To better answer frequently asked questions, I've written several times on the topic of selecting the right Facility Security Officer (FSO) qualifications. According to the N ational Industrial Security Program Operating Manual (NISPOM) , the FSO must be a US Citizen and be cleared to the level of the facility (security) clearance (FCL); period. This provides a lot of room for a cleare...

A former engineer with Boeing Company has pleaded guilty to possessing classified information in an unauthorized location. Does anyone want to guess where? Yes, that’s right, his house. He thought he could take the information home with him and work on it there. You can read more about the information in the article  Boeing Engineer is found guilty.     While many security managers are focused on good training and may think that they have it all under control, don’t rest just yet. Chances are that the involved engineer is not the only one breaking the rules of safeguarding classified material. Those who work on  classified contracts  need to be reminded again and again how to do so while following the laws of our country.     Let’s break this case down. Engineer has access to computer processing. He then downloads the information to a data stick and brings it home with him. Though he probably meant no harm, his actions created tons ...

Cleared Defense Contractors use classified information during performance of contracts. The Department of Defense makes the rules and governs how the classified contractors protect classified material. The Federal Government has published a policy appropriately titled: The National Industrial Security Program Operating Manual ( NISPOM ). This page turner is sponsored by the Presidential Executive Order (E0)12829 for the protection of information classified under E.O. 12958, As Amended. Having poured over both publications and the updates, I can conf idently assure you that they take this business very seriously.     When specific work declares performance objectives on classified efforts, provisions of the applicable DD Form 254 and Security Classification Guide (SCG) shall govern. Both the DD 254 and SCG spell out what specific work a contractor can and cannot perform, what exactly is classified and how to protect it. Both of these documents not ...

A buzz is sweeping the security community since the industry has been notified of the recent updates to DoD's CUI program based on the presidential memorandum with the subject,  Designation and sharing of Controlled Unclassified Information (CUI) . This memorandum implements a program designed to encourage the speedy sharing of information to those authorized and to better protect the information, privacy and legal rights of Americans. The CUI program is designed to promote proper safeguarding and dissemination of unclassified information.       Many readers may be familiar with the program CUI has replaced. Sensitive But Unclassified (SBU) information had enjoyed protection to a certain level but was not conducive to the necessary information sharing. Controlled Unclassified Information (CUI) directives provide procedures for a more appropriate Information Sharing Environment.     CUI is a designation of unclassified informati...

Putting first things first. That has been a motto for many after reading books such as Franklin Covey’s 7 Habits of Highly Effective People or Reverend Rick Warren’s The Purpose Driven Life. Those and several similar motivational publications stress that everyone has the same amount of time in a day. What we do during that time helps us either make or goals or fail before we even get started.    As leaders, FSOs can help cleared defense contractor employees understand how to create incredible security programs. Focusing on training, interaction with other cleared employees, self-improvement and institutional education should be part of professional development. FSOs and managers who write evaluations for direct reports have an excellent opportunity to help them establish goals to become better at their jobs, more impactful in their careers and hopefully, groomed to become FSO’s themselves. Challenging employees and team members to achieve personal and professional goals b...