Post on 23-Jan-2022
2020Annual SecurityRefresher Training
Objectives of 2020 Annual Security Refresher Training
• Threat Awareness Briefing• Counterintelligence Security Briefing• Overview of the Security Classification System• Insider Threat Awareness and Employee
Reporting• Security Procedures and Responsibilities• Unauthorized Disclosure of Security Information• Penalties for Compromising Classified
Information
2
National Industrial Security Program (NISP) Overview
• Designed to safeguard classified information given to industry
in conjunction with government contracts.
• Provides uniform rules for all contractors and each must
comply with its provisions.
• Corporate Facility Security Clearances are reviewed and
audited by DCSA annually.
3
Threat Awareness Briefing
• Over 200 countries have participated in economic espionage operations against the US – adversarial as well as allied countries.
• New targets – research & development, technology, and trade secrets.
• Spies – visiting the US on scientific/student exchanges, business tours, or with on-site inspection teams.
4
Counterintelligence Awareness Briefing
Employees need to be alert if they become a target or if they see someone being targeted by an adversary. Elicitation: A strategy used by both foreign and non-foreign adversaries to subtly gather information about you, your work, and your colleagues. This technique is used to gather protected information on classified or unclassified government projects, or proprietary company information. Any amount of information is valuable; similar to a puzzle, once all the information is put together a full picture is revealed.
Recruitment: An adversary will recruit their target who has access or can obtain access to proprietary, classified or unclassified information. This stage occurs after the elicitation and when the adversary creates a relationship with their target.
5
Counterintelligence Awareness Briefing - Elicitation
Elicitation is subtle and difficult to recognize. Adversaries are well trained on how to gather information in a manner where the target does not recognize the attempt to elicit information. Some techniques of elicitation are:• False statement: Where the adversary purposely makes a false statement
in hopes to be corrected. Example: “I can’t believe that device has an effective range of 5,000 meters.” Target’s Response: “No, actually the range is closer to 9,000 meters.”
• Instinct to Complain: When an adversary incites the target to complain, they may provide more information on a particular topic. Example: “Is everything OK? You appear to be pretty stressed out today. Boss working you too hard?” Target’s Response: “My boss is a jerk. He is all bent out of shape because we are preparing to deploy….”
• Disbelief: The adversary expresses a level of doubt concerning a targeted subject. Example: “I can’t believe the US military is able to keep track of all those tanks and vehicles in Iraq and Afghanistan.” Target’s Response: “It’s really pretty easy, we use a sophisticated…”
6
Counterintelligence Awareness Briefing - Recruitment
A recruiter can be an adversary or a fellow employee who is working with an adversary. Once the recruiter has established a relationship with their target and has assessed their vulnerabilities, they will recruit the target to work with them as an agent. The recruiter may use money or appeal to the target’s ideology, ego, retaliation, or blackmail the target.
Decrease your vulnerabilities and exploitable behaviors by adjusting your lifestyle to close gaps that could be exploited. Be aware of your surroundings and conversations with others. Remember providing protected information is illegal, and espionage against the U.S. government is a serious crime punishable by imprisonment, fines, or death.
7
Counterintelligence Awareness Briefing
Employees need to be alert to the following:
• Foreign representatives attending training or fact-finding visits, trade shows, scientific meetings, and military exchanges.
• Foreign governments establishing joint venture companies with Americans or purchasing American companies with government contracts.
• Individuals conducting market research, sending surveys or resumes from abroad, phone calls or other attempts to acquire classified or proprietary information.
8
Counterintelligence Awareness Briefing
Most effective methods of espionage:
• Blackmailing vulnerable employees,
• Establishing an inside “mole,”
• Bribing employees to steal classified or proprietary information,
• Hiring consultants to spy on competitors,
• Bugging offices or tampering with companies’ electronics, and
• Compromising company computer networks (i.e.“hacking” into a network).
9
CDSE Case Study10
Levels of Classified Information
Confidential – the lowest level applied to information whose unauthorized disclosure could be expected to cause damage to the national security of the United States.
11
Levels of Classified Information
Secret – the classification level whose unauthorized disclosure could be expected to cause serious damage to the national security of the United States.
12
Levels of Classified Information
Top Secret – the highest level applied to information whose unauthorized disclosure could be expected to cause exceptionally grave damage to the national security of the United States.
13
BSNCInsider Threat Program
An insider threat is someone within the organization who wittingly or unwittingly, uses their access to do harm to the security of the United States through espionage, terrorism, unauthorized disclosure of national security information, or loss/degradation of resources or capabilities. They may be acting on behalf of a foreign entity or themselves.
Be aware of your surroundings and report any suspicious behavior to the BSNC Ethics Hotline, the BSNC FSO or the DoD Hotline.
BSNC Ethics Hotline: www.beringstraits.alertline.com(877) 206-0664
BSNC Security: Laura Lancaster, FSO (907) 334-8381security@beringstraits.com
Insider Threat Program Senior Official(ITPSO):
Krystal Nelson, COO (907) 563-3788knelson@beringstraits.com
DoD Hotline: (800) 424-9098 or hotline@dodig.mil
14
Reportable BehaviorsBe aware of the following behaviors, regardless of nationality, that you are required to report:• Refusing to report adverse information.• Storing classified materials in unauthorized locations.• Attempting to access sensitive information without authorization.• Obtaining access to sensitive information without the need to know.• Using a non-secure channel to discuss classified materials.• Removing classification markings from documents.• Working outside normal duty hours.• Sudden or unexplainable affluence.• Frequent foreign travel, and/or attempting to conceal foreign travel.• Attempts of elicitation, unusual conversations or encounters.
15
Employee Assistance ProgramPlease keep in mind that BSNC and its subsidiaries offer a 24/7 Employee Assistance Program through the Cigna Life Assistance Program
• Call 800-538-3543• Visit www.cignalap.com
• Depression, stress, grief• Marriage or Parenting problems• Finding assistance for senior, child, and pet care• Alcohol or Substance Abuse• Legal and Financial Consultations - Receive a free 30-minute
consultation• Anyone in your household can access
16
17
Reporting RequirementsCleared Personnel are required to report the following to the FSO:• Changes in your status – name, marital status, citizenship,
residence, etc.• Your personal or professional foreign travel, before you travel.• Adverse Information on yourself or another cleared individual• Loss, compromise or suspected compromise of classified data.• Your personal financial problems, such as bankruptcy, collection
actions, or lawsuits.
If you see or know of a reportable behavior, do not assume it has already been reported! It is best practice to report all
known reportable behaviors and incidents.
18
Foreign TravelIt is company procedure that all cleared personnel report foreign travels to the Corporate Security Department 20 days prior to departure.
A foreign travel brief will be conducted before the employee(s) depart, and a debrief will be conducted upon the employee(s) return.
For more information regarding foreign travel contact the Security Department.
19
Adverse InformationPlease watch the
Adverse Information Reporting Short by clicking on the link below:
https://www.cdse.edu/multimedia/shorts/adverse/story_html5.html
If you are unable to open the short with the direct link above, please follow this link, scroll down to Adverse Information
Reporting and select go>> to view the short:https://www.cdse.edu/shorts/personnel-security.html#
Short created by the Center for Development of Security Excellence (CDSE)
20
Adverse Information• Employees must report any Adverse Information that comes to
their attention regarding themselves or another cleared person.
• Self-reporting Adverse Information is an expectation and responsibility if you hold any level clearance.
• Reports may be submitted to: • The BSNC Security Department:
• Laura Lancaster, FSO at (907) 334-8381• Isabel Natividad, AFSO at (907) 334-8356• For both send to security@beringstraits.com
• The DoD Hotline (800) 424-9098 or hotline@dodig.mil
21
Examples of Adverse Information
• Arrests, charges, or convictions for any criminal, drug or
alcohol offenses.
• Any traffic fine involving drug or alcohol use and/or traffic
fines over $150.
• Illegal use of drugs or drug activity.
• Drug or alcohol related treatment or counseling.
22
Examples of Adverse Information
• Bankruptcy, wage garnishment, property repossession, liens
against property, judgments made against you.
• Financial delinquencies over 180 days.
• Any public record civil court actions.
• Consultation with a mental health provider for reasons
other than grief counseling or adjustments from service in a
military combat environment.
23
Continuous EvaluationWhat it is: A personnel security investigative process to review the background of a covered individual who has been determined to be eligible for access to classified information or to hold a sensitive position at any time during the period of eligibility. Continuous Evaluation (CE) leverages a set of automated records checks and business rules, to assist in the ongoing assessment of an individual’s continuing eligibility.
In June 2018, a memo was issued by the Director of National Intelligence and the Director of the Office of Personnel Management, implementing measures to mitigate the backlog of background investigations. Incoming periodic reinvestigations are screened using a risk management approach that permits deferment of reinvestigations where screening results are favorable and mitigation activities are in place; enrolling them into CE.
24
Continuous EvaluationAutomated records checks are conducted to identify adjudicative, relevant information to assist in assessing the continued eligibility of a covered individual at any time during the period of eligibility. The automated records checks will include checks of commercial databases, U.S. Government (USG) databases, and other information lawfully available to security officials at any time during the period of eligibility.
Note: 1/4 to 1/3 of all covered personnel are under CE at any time. For this reason timely self-reporting is more important than ever!
25
Clearance ResponsibilitiesYour security clearance involves many responsibilities including;
• To be aware of basic security guidelines and safeguards.
• To report suspicious occurrences or behavior by individuals,
regardless of nationality.
• To report adverse information on yourself and/or other
cleared employees.
26
Protecting Classified InformationYou must limit access to authorized persons by verifying:
• Identification• Need to know• Clearance Level
*If an individual’s ability to protect information is in question, access should ALWAYS be limited*
27
SF 312 Non-Disclosure Agreement
All employees must sign an SF312 before access is granted
• Binding contract• Lifetime obligation• You obtain access, if
necessary• Government has your
commitment to protect classified information
28
Unauthorized Disclosure of Security Information
Types of Unauthorized Disclosure
• Security Infraction: occurs when classified information is not safeguarded but does not result in a compromise of material.
• Security Violation: occurs when classified information is not safeguarded and could result in a probable compromise of material.
• Compromise: an actual compromise of classified information, whether intentional or unintentional.
29
Unauthorized Disclosure of Classified Information
Title 50, USC, Sec. 783War & National Defense
It is unlawful to give classified information to an agent or representative of any foreign government that would result in harm to the National Security of the United States.
30
Penalties for CompromisingClassified Information
(E.O. 12958)
• Reprimand,
• Suspension without pay,
• Denial of access,
• Removal from premises,
• Termination of classification authority, and/or
• Others in accordance with applicable laws and regulations.
31
Crimes & Criminal Procedures
Title 18, USC, Sec. 794
Gathering or delivering defense information to aid of foreign
government
“…delivery of defense information with intent or reason to
believe that it is to be used to the injury of the United States or
to the advantage of a foreign nation,… shall be punished by
death or by imprisonment for any term or years or for life…”
32
Crimes & Criminal Procedures
Title 18, USC, Sec. 794
(d)(1) Any person convicted of a violation of this
section shall forfeit to the United States
irrespective of any provision of State law-
(A) Any property constituting, or deriver from, any
proceeds the person obtained, directly or
indirectly, as the result of such violation; and
(B) Any of the person’s property used, or intended
to be used, in any manner or part, to commit, or to
facilitate the commission of, such violation.
33
Disciplinary Actions
BSNC will enforce procedures that provide for appropriate administrative actions taken against employees who violate requirements of DoD 5200.22-M. The contractor shall apply a graduated scale of disciplinary actions in the event of employee violations or negligence when:
a. The violation involves a deliberate disregard of security requirements,
b. The violation involves gross negligence in the handling of classified material, or
c. The violation was not deliberate in nature but involves a pattern of negligence or carelessness.
34
Disciplinary Actions (continued)
The following is a general list of potential disciplinary actions. The list is non-
exhaustive and does not limit discretion in imposing discipline up to and
including termination of the at-will employment. All disciplinary actions must
be coordinated with Human Resources.
• Corrective Counseling
• Oral or Written Warning
• Oral or Written Reprimand
• Suspension with pay
• Suspension without pay
• Demotion
• Dismissal/Termination
35
Changing Times? Not Really.Please know that even though use and/or possession of marijuana has been legalized or decriminalized in certain states, it remains a Schedule 1 Narcotic as defined by the Drug Enforcement Agency (DEA) and the Department of Justice. As such use or possession can be litigated on the Federal level under the Controlled Substances Act (CFR Title 21). All marijuana, THC and CBD(derived from cannabis) use are relevant to Federal Personnel Security determinations and should be reported appropriately.
BSNC Drug Free Workplace Policy, Section 4.3 states, “Performing work on company property while under the influence of marijuana is strictly prohibited and considered a violation of this policy. Some states have passed laws to legally possess and consume recreational and/or medicinal marijuana. Federally, marijuana is a Schedule 1 drug, and therefore has no current acceptable medical or recreational use.”
36
Defense Hotline Number
The Department of Defense maintains a hotline to provide an unconstrained
avenue for government and contractor employees to report, without fear of
reprisal, known or suspected instances of serious security irregularities, fraud, or
other infractions.
Government and contractor personnel are encouraged to furnish information
through established agency or company channels. However, the Hotline may be
used as an alternate means to report this type of information when you consider it
prudent or necessary to do so.
Department of Defense: 1-800-424-9098 or hotline@dodig.mil
37
Training Certification
Please take the 2020 Annual Security Refresher Training Quiz,. You
must receive a score of 70% or higher to pass the quiz. Once you
complete the quiz, a certificate will be generated and sent to the
Security Department.
Any further questions relating to security should be directed to your
Facility Security Officer:
• Laura Lancaster, FSO (907) 334-8381
• Isabel Natividad, AFSO (907) 334-8356
• For both send to security@beringstraits.com
38