03/21/2013. Security Incident Requirements. Information Security Webinar. Administrative Announcements. Security Incident Requirements



Similar documents
Defense Security Service (DSS)

There are many examples of sensitive information falling into the wrong hands. What s the worst that can happen? The worst has already happened.

Introduction. Derivative Classification Training JOB AID

Department of Commerce Office of Security. Initial Information Security Briefing

Outside Director and Proxy Holder Training: Module 1: Intro to DSS and Foreign Ownership, Control, or Influence (FOCI) Defense Security Service

DSS Monthly Newsletter

Annual DoD Security Refresher Training

Department of Defense INSTRUCTION

Standard No MOTOR VEHICLE HISTORY CHECK. Purpose and Applicability

DISTRIBUTION: ASSISTANT G-1 FOR CIVILIAN PERSONNEL POLICY, DEPARTMENT OF THE ARMY DIRECTOR, PLANS, PROGRAMS, AND DIVERSITY, DEPARTMENT OF THE NAVY

Commanding Officer and Executive Officer. Information and Personnel Security Reference Handbook

Department of Defense MANUAL. DoD Information Security Program: Overview, Classification, and Declassification

2015 Cybersecurity Awareness

Department of Defense DIRECTIVE

Department of Defense DIRECTIVE

TRAINING PRODUCTS & RESOURCES

NOTICE OF THE NATHAN ADELSON HOSPICE PRIVACY PRACTICES

Privacy and Data Security Update for Defense Contractors

Army Regulation Security. Department of the Army. Information Security Program. Headquarters. Washington, DC 29 September 2000 UNCLASSIFIED

Department of Defense MANUAL

Security and Emergency Services Community of Interest 0080-Information/Personnel Security Administration Career Road Map

Standard: Information Security Incident Management

Who Should Know This Policy 2 Definitions 2 Contacts 3 Procedures 3 Forms 5 Related Documents 5 Revision History 5 FAQs 5

Unauthorized Use of the GPC Page 1 of 29 Welcome to Unauthorized Use of the GPC

CONSOLIDATED RECORDS MANAGEMENT SYSTEM (CRMS) USER AGREEMENT

R345, Information Technology Resource Security 1

Department of Defense MANUAL

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO

JOB AID. Derivative Classification Training U N I T E D A M E R I C A S TAT E S O F. Center for Development of Security Excellence (CDSE)

Office of Security Management (213)

COMPLIANCE WITH THIS PUBLICATION IS MANDATORY

COMMUNITY RELATIONS 4411 Page 1 of 5

United States Department of Agriculture Office of Inspector General

Outside Director and Proxy Holder Training: Module 2: Managing Foreign Ownership, Control, or Influence (FOCI) Mitigation Defense Security Service

COUNTERINTELLIGENCE VULNERABILITY ASSESSMENT FOR CORPORATE AMERICA

National Home Health Care HIPAA Notice of Privacy Practices

Department of Homeland Security DHS Directives System Directive Number: Revision Number: 00 Issue Date: SPECIAL ACCESS PROGRAM MANAGEMENT

Privacy Notice Document (HIPAA)

ALMS TERMS OF USE / TERMS OF SERVICE Last Updated: 19 July 2013

Security-in-Depth 4/26/2013. Physical Security Webinar. DCO Meeting Room Navigation. Host: Danny Jennings

COMPLIANCE ALERT 10-12

Public Law th Congress An Act

HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N

This directive establishes the Department of Homeland Security (DHS) Security Education, Training, and Awareness (SETA) Program.

What Personally Identifiable Information does EducationDynamics collect?

Department of Defense DIRECTIVE. SUBJECT: United States Security Authority for North Atlantic Treaty Organization Affairs (USSAN)

This directive applies to all DHS organizational elements with access to information designated Sensitive Compartmented Information.

Notification and Federal Employee Antidiscrimination and Retaliation (No FEAR) Act Training

Department of Defense INSTRUCTION

Suggested Contractor File Folder Headings

Department of Defense DIRECTIVE

USES AND DISCLOSURES OF HEALTH INFORMATION

ADMINISTRATIVE POLICY # (2014) Information Security Roles and Responsibilities

Home Trust & Savings Bank

Issue 1.0. UoG/ILS/IS 001. Information Security and Assurance Policy. Information Security and Compliance Manager

DUUS Information Technology (IT) Incident Management Standard

( U ) T H I S P A G E I N T E N T I O N A L LY L E F T B L A N K DODIG ii

COMPUTER USE POLICY. 1.0 Purpose and Summary

SECURITY CLEARANCE DENIED: THE MOST COMMON PITFALLS FOR SECURITY CLEARANCE APPLICATIONS

ACCG Identity Theft Prevention Program. ACCG 50 Hurt Plaza, Suite 1000 Atlanta, Georgia (404) (404)

Information Security: Roles, Responsibilities, and Data Classification. Technology Services 1/4/2013

STANDARD ADMINISTRATIVE PROCEDURE

DoD Whistleblower Protection

ADMINISTRATIVE REGULATION EFFECTIVE DATE: 1/1/2016

1 LAWS of MINNESOTA 2015 Ch 67, s 2. CHAPTER 67--S.F.No. 86 BE IT ENACTED BY THE LEGISLATURE OF THE STATE OF MINNESOTA:

WORKPLACE VIOLENCE POLICY

Consultant Annual DoD Security Refresher

Data Security Incident Response Plan. [Insert Organization Name]

HIPAA Data Breaches: Managing Them Internally and in Response to Civil/Criminal Investigations

SUMMARY OF CHANGES This revision aligns the instruction with AFPD 36-1, General Civilian Personnel Provisions and Authorities.

Department of Defense MANUAL

INSIDER TRADING POLICY AND GUIDELINES

Tampa Bay Catastrophic Plan ANNEX L: HURRICANE PHOENIX EXERCISE

Using Technology Control Plans in Export Compliance. Mary Beran, Georgia Tech David Brady, Virginia Tech

Self-Inspection Handbook for NISP Contractors TABLE OF CONTENTS

ISO IEC ( ) TRANSLATED INTO PLAIN ENGLISH

Harris County - Texas HIPAA Notice of Privacy Practices

COURSES AND. Courses & Products LEARN. PERFORM. PROTECT. CENTER FOR DEVELOPMENT OF SECURITY EXCELLENCE REVISED AS OF MARCH 2015 PRODUCTS

DEALERSHIP IDENTITY THEFT RED FLAGS AND NOTICES OF ADDRESS DISCREPANCY POLICY

Department of Defense MANUAL. DoD Information Security Program: Protection of Classified Information

Rowan University Data Governance Policy

AP 417 Information and Communication Services

PRIVACY NOTICE. In certain situations, we may also disclose patient information to another provider or health plan for their health care operations.

HIPAA Notice of Privacy Practices

HIPAA NOTICE TO PATIENTS

Transcription:

Security Incident Requirements Information Security Webinar Security Incident Requirements Host: Lisa Rainey, SAPPC Information Security Curriculum Manager, DSS - CDSE Distinguished career-security professional Security Asset Protection Professional Certification (SAPPC) Retired US Army Security Manager/Antiterrorism Officer Physical Security Program management Personnel Security Program management Mobilization/Readiness management 03/21/2013 OPSEC Officer Contracting Officers Representative Administrative Announcements Use the Q & A box to ask questions. These slides can be downloaded. Select the file in the File Share box below. Enclosure 6 of Volume 3 DoD Manual 5200.01 is also provided in the File Share box. This webinar will present poll questions. 1

Poll 1 DoDM 5200.01, Vol 3, Encl. 6 Personnel have a responsibility to: Promptly report security incidents Ensure incidents are properly investigated Minimize adverse effects of unauthorized disclosure Preclude recurrence through education Common Sense Approach If no adverse effect on national security, resolve at lowest appropriate level. Any incident involving classified information must involve an inquiry and/or investigation. 2

Compromise vs. Loss COMPROMISE Security Incident (Violation) Unauthorized Disclosure LOSS Missing Classified Information/Equipment Chat Question When would a security incident require an investigation? Enter your responses in the chat box. Security Violation Unauthorized Disclosure Misclassification Continue or discontinue a SAP Anything else outside of Manual requirements Requires an inquiry, investigation, or both Actual or Potential loss or compromise of classified information Administrative in Nature Negligent Willful Knowing 3

Security Infraction Failure to comply with DoDM 5200.01 or other policy Does not result in loss, suspected compromise, or compromise May be unintentional or inadvertent Does not require an in-depth investigation If the incident does not fit under the violation categories below, it is an infraction. Administrative in Nature Negligent Willful Knowing Inquiry Identifies the facts Determines infraction or violation Identifies possible causes and person(s) responsible Reports corrective actions Makes recommendations for further action or investigation Investigation Conduct an investigation if the inquiry does not resolve all issues. 4

Security Tips Dangerous practices: Recycling box next to copier Burn bags next to unclassified trash containers Personal business during hand-carrying Failing to change security container combinations Poll 2 Consequences of Compromise After a compromise occurs: Regain custody of compromised material Identify source and reason Take remedial action 5

Reporting and Notifications Must be safeguarded Notify, using secure communications If necessary, report to authorities at next higher level. Reporting Notify Director of Security, OUSD(I) of: Espionage UD to public media Establishment or continuance of a SAP Compromise likely to cause significant damage Con t Reporting, con t Also report violations involving: Knowing, willful, or negligent unauthorized disclosure Potential for attracting significant attention Large amounts of information Potential weakness in classification policies 6

Classification of Reports At minimum, designate reports FOUO Classify commensurate with level of compromised material If disseminated outside of DoD, use an expanded marking Inquiries and Investigations Suspicion of Criminal Activity If criminal activity is suspected: Inquiry and investigation ceases Begin coordination with cognizant DCIO or Defense CI component Continue inquiry or investigation if jurisdiction is declined 7

Coordination with OCA If it is determined that a compromise occurred: The originator (OCA) is notified. If the OCA no longer exists, or the inheriting activities cannot be determined, the DoD Component of the OCA shall be notified. The notification should not be delayed pending further investigation or resolution. Security Inquiries Inquiry actions: Complete an inquiry in fewer than 10 duty days Report findings to activity head, activity security manager, and others as appropriate Request extension, if needed Security Inquiries, con t Inquiry Report: Punitive action not recommended Prevention actions documented Discipline is the responsibility of appropriate military commander or management official. 8

Security Investigations Conduct an investigation if the inquiry does not resolve all of the issues. The Investigator Is a disinterested person Has appropriate clearance and access Has the ability to conduct an effective investigation Information Appearing in the Public Media DoD personnel must not: Confirm or verify information Discuss with anyone who does not have appropriate clearance Neither confirm nor deny Workforce may need to be reminded of actions to be taken or not taken in response to the disclosure. Results of Inquiries and Investigations Compromise Occurred Responsible security official issues revised guidance as necessary. If there are defects in the procedures and requirements of the Manual, report to Director of Security, OUSD(I). Compromise did not Occur Responsible security official takes action as appropriate to resolve incident and/or failures to comply with procedures. Notification to OCAs will not be delayed pending completion of additional investigations. 9

Poll 3 Compromises involving more than one Agency Affected activities are responsible for coordinating their efforts in assessing damage. Debriefing in Cases of Unauthorized Access The activity head shall determine if a debriefing is warranted. A nondisclosure agreement (SF 312) may be executed. 10

Reporting and Oversight Mechanisms Timely and efficient reporting and oversight Eliminate the probability of further incidents Simple disciplinary action is not an acceptable response to a security incident. Contacts and Resources Slides and frequently asked questions from this webinar will be posted at http://www.cdse.edu/catalog/webinars/informationsecurity/security-incident-requirements.html Email information security training related questions to DSS at informationsecurity.training@dss.mil 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information