Annual Security Refresher Briefing. Brett Moore Facility Security Officer McLane Advanced Technologies Temple, Texas

Transcription

1 Annual Security Refresher Briefing Brett Moore Facility Security Officer McLane Advanced Technologies Temple, Texas

2 Annual Security Refresher Briefing The annual security refresher briefing is all about reminders. Reminding you of things you already know but maybe haven t thought about in a while.

3 Remember the Initial Employee Security Brief. We talked about awareness, defensive security, classifications, reporting, job duties and procedures. They haven t changed, but we have.

4 It s about remembering Maybe you haven t been in a secure closed room in awhile, or haven t checked out a classified document in a few months. Could be you ve not attended a classified meeting or worked a classified project this year, but that is no reason to become complacent in your security posture.

5 The intention This refresher briefing is to bring back to the forefront of your mind SECURITY our national security and your personal role in it.

6 Security violations Could be as simple as just didn t think about it and pinning a classified document to your cubicle wall in plan sight for all to see

7 Security violations Violations could be worse, like leaving a classified security container open and unattended

8 Security violations Or even worse yet, actual acts of espionage..

9 Remember. As a defense contractor employee you are a target for espionage, foreign and domestic. Military and economic espionage are the games and the players want to know what you know or have access to.

10 They want. Company proprietary information to gain a competitive advantage in the market place; they want military technology to gain the advantage on the battlefield. Our company has both and the adversary will target you because you are an employee here.

11 OPSEC Operations Security (OPSEC) is concerned with identifying, controlling, and protecting the generally unclassified evidence that is associated with sensitive operation and activities. OPSEC denies the adversaries information.

12 OPSEC The most important characteristic is that it is a process that can be applied to every day activities and not a collection of specific rules or instructions. OPSEC can be view in a simple flow: identify critical information, analysis of threats and vulnerabilities to that information and select an appropriate course of action to protect that information (at work and at home).

13 OPSEC The OPSEC plan can be as complex as Command and Control Warfare (C2W) or as simple as shredding your monthly credit card statement at home and not just tossing it in the trash. The idea is: don t give the adversary any information they can compile in small pieces to see the bigger picture. Don t give them anything to work with. Deny them any opportunity to gain the advantage.

14 Remember. Company photo ID badges have reason. The ID badge is not just a key to unlock a door, its much, much, more.

15 ID Badges Our company badge system is designed to facilitate employee identification, to provide a security clearance crosscheck, to identify visitors and, by the absence of the required badge, to identify unauthorized personnel on company premises.

16 ID Badges Also, remember employees and visitors will wear the badge in a conspicuous place clearly visible at or above the waist, at all times, while on company premises. All employees entering or leaving the facility are reminded to badge in or badge out each time they enter or exit the facility. And challenge any person tailgating (person not badging in but instead enters behind another who has)

17 ID Badges All employees shall challenge any person who is not displaying a ID badge while within the facility. If a person is not in possession of a valid ID badge, DO NOT attempt to physically restrain the individual. Report it immediately to the security office by dialing 6142 on a company desk phone or contact the front lobby receptionist.

18 Remember. Removing company material without authorization, regardless of value, can result in disciplinary action, including dismissal. This is especially critical for classified or company proprietary materials.

19 Classified information or materials are the property of the U.S. Government and is always handled in accordance to specific procedures. Whether working on a classified document, processing on a classified computer system or discussing classified in a meeting with others, it is always controlled and safeguarded according to DoD guidelines.

20 Simple guidelines like; Covering a document when unauthorized persons approach you or closing a door and pulling the window blinds down before turning on a classified computer system. Each classified activity has guidance. If you re unsure, ask.

21 Remember. Classified materials are specifically marked and easily identified. And this for the sole reason is to remind you what you have and to safeguard it appropriately.

22 Remember. Classified materials in your possession are your responsibility to protect from unauthorized disclosure. The U.S. Government is depending on you. This is the primary reason you received a security clearance. Based on your character and integrity, the government granted you the privilege of working with our National Secrets.

23 REPORTING REQUIREMENTS Cleared and uncleared personnel are responsible to report the following: Suspicious contacts Change in status which includes a name change, or change in citizenship A desire not to perform on classified work Loss, compromise, or suspected compromise of classified information Adverse information concerning yourself or another employee

24 REPORTING REQUIREMENTS Adverse information should be reported to your Facility Security Officer (FSO) Adverse information may include but is not limited to: Reflects unfavorable integrity or character of a person Severe financial problems Unexplained affluence Criminal conduct / suspicious persons hanging around Mental or emotional stress Alcohol and / or drug abuse Sexual misconduct / heavy gambling / unusual buying or selling Foreign connections - business or personal Subversive political activity

25 REPORTING REQUIREMENTS Adverse information should be reported to your Facility Security Officer MAT s FSO is John Hille at phone extension 6142 Industrial Security Letter #3 Report participation in rehab programs as -- Adverse Information

26 DSS Annual Facility Security Review Our Defense Security Service (DSS) Industrial Security Representative (IS Rep) will choose at random cleared employees and engage them in private interviews. IS Rep will evaluate: 1. The security program of the company 2. The companies security education and training program 3. Employee understanding of the National Security program 4. Employee understanding of their personal responsibilities 5. Employee daily activity involving classified information

27 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) What kind of work do you do? Answer: developer, FSR, tester, management, etc How long have you work here? Answer: forever actual years or date. Who is your FSO? (Facility Security Officer) Answer: John Hille do you know your FSO? What does the color on you ID Badge mean? Answer: Red means Cleared Employee, Green not cleared What level is your PCL? (Personnel Clearance Level) Answer: SECRET if you have a Red badge or None if a Green badge

28 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) How long have you held a security clearance? Answer: from my enlistment in the Army, other employment, since 1976, etc Do you reproduce classified? Answer: No not without specific instructions DERIVATIVE CLASSIFICATION Incorporating, paraphrasing, restating, or generating in new form, information that is already classified. Written authority is not needed Source material must be identified NOTE: We are User s of classified material unless written authority has been granted from the Original Classification Authority (OCA) to make a determination in classifying information. Marking Original and Derivative Classification decisions can be complicated, therefore, please contact your security staff for additional training or clarification.

29 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) Do you courier or transmit classified outside this facility? Answer: No not without specific instructions Must be designated in writing (Courier Letter) by the Facility Security Officer, Security Manager or Corporation Must have an authorized ID card with specific information on it Must be properly briefed on their responsibilities to safeguard classified information Do you mail or prepare classified for mailing? Answer: No not without specific instructions Classified material must be properly sealed (double wrapped in opaque/kraft paper) A receipt shall be enclosed Note: Depending on the classification level, classified material must be sent via the Defense Courier Service, U.S. Postal Express Mail / Registered Mail or other methods as directed in writing by the Government Contracting Agency.

30 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) How often do you access classified and what type? Answer: Daily activity, monthly meetings, when traveling to Government facilities I was told the contract requires you to hold a clearance because of job duties I don t access real documents, I work with a classified computer system. Types: TOP SECRET, SECRET or CONFIDENTIAL documents or computer systems FOUO For Official Use Only (can not be released to general public) SBU -Sensitive but Unclassified (I work with unclassified parts) CONOP --(location that I work requires it, I m exposed to classified) IT Sensitive --(over the shoulder work, I m exposed to classified)

31 DSS Annual Facility Security Review What can you as an employee expect during an interview? Types of questions typically asked are more or less event driven (conversation between IS-Rep and employee) When was your last security education training and what type? Answer: Annual brief by the FSO or as directed by the security office to review our company Intranet Security Power Points or Last months Newsletter article Do you know of any conditions that might jeopardize the safekeeping of classified materials here at this company? Answer:..(if YOU do; your FSO wants to know about it)

32 Thank You Questions? Concerns Remember to sign the attendance log to receive credit for this years briefing Or If you are viewing this on line, Remember to send an notice with date and time of completion to the Security Office at