security orientation briefing♦ june 15, 2015: mostafa ahmed awward was convicted for attempted...

7927 Jones Branch Drive, Suite 600W McLean, VA 22102 P (703) 749-3040 F (703) 563-6102 www.sri-hq.com

2017 Strategic Resources, Inc. Information contained herein is proprietary and confidential to SRI. ...Creating Powerful Solutions

Security

Orientation Briefing

As required by the National Industrial Security Program Operating Manual

Change 2, May 18, 2016

(NISPOM) 3-107

http://www.sri-hq.com/





Table of Contents

2

Administrative Items 3

Introduction to the Industrial Security Program 4

Threat Awareness 5-8

Defensive Security 11-12

Overview of the Security Classification System 13

Reporting Obligations and Requirements 14

The Non-Disclosure Agreement (NDA) 15

Company Security and Related Programs 16-18

FSO Contact Information – Questions 19

Briefing Completion Certificate 20

Insider Threat Awareness 9-10






Administrative Items

♦ All cleared staff are required to review and certify that they have read and

understand the contents of this Initial Security Briefing. Each person is

required to complete a refresher briefing on an annual basis.

♦ In compliance with DoD 5220.22-M Change 2 of the National Industrial

Security Program Operating Manual (NISPOM), SRI established an insider

threat awareness program to protect personnel, facilities, and automated

systems from insider threats. An Insider Threat Program Senior Official

(ITPSO) was appointed by SRI’s President and CEO, responsible for daily

operations, management, and ensuring compliance with the requirements.

♦ A record of completion will be maintained by the Facility Security Officer

(FSO) and available for review by Defense Security Service (DSS).

3






Introduction to the National

Industrial Security Program

(NISP)

♦ The NISP was established by Executive Order (E.O.) 12829, 6 Jan 93, for

the protection of information classified pursuant to E.O. 12356, 2 Apr 82,

“National Security Information”, or its successor or predecessor orders, and

the Atomic Energy Act of 1954, as amended.

♦ The National Security Council is responsible for providing overall policy

direction for the NISP. (http://www.whitehouse.gov/nsc/)

♦ The Secretary of Defense is the Executive Agent for the NISP appointed by

the President.

♦ The Director of Defense Security Service (DSS) administers the NISP on

behalf of the Secretary of Defense and 31 other Federal Agencies.

♦ DoD, DoE, NRC and CIA are signatories to the NISP.

4






Threat Awareness

♦ Foreign governments’ continued ability to acquire state-of- the-art U.S.

technology at little or no expense has undermined U.S. national security by

enabling foreign firms to push aside U.S. businesses in the marketplace

and by eroding the U.S. military lead.

♦ A clear line must be drawn to protect information that is:

• Classified

• Subject to export control because it concerns military critical technologies

• Any information that could become classified

♦ June 15, 2015: Mostafa Ahmed Awward was convicted for attempted

espionage and was sentenced to a 11 year prison term. Mostafa was a civil

engineer at the Norfolk Naval Shipyard. He agreed to conduct clandestine

communications with an undercover FBI agent who posed as an Egyptian

Intelligence Officer.

5






Threat Awareness

♦ Who is Doing It?

Due to foreign policy considerations and the need to protect sources, the U.S.

Government does not publicly disclose the countries that are most active in conducting

espionage against the United States. However, it is a common practice of national

intelligence services to collect economic intelligence to benefit their industries at the

expense of foreign competition. Considerable information on this subject is available in

public sources and an unclassified Targeting US Technologies Trends Analysis is

available from DSS.

♦ What Are They After?

• Classified, sensitive, or export restricted basic and applied research

• Developing defense or dual–use technologies from university research students

and professors (academic solicitation)

• Proprietary information, business strategy, financial, human resources, email,

and product data

• Electronics; command, control, communication, and computers (C4), and

aeronautic systems were the top three most targeted technologies according to

DSS 2015 trend analysis

6






Threat Awareness

♦ Methods of Operation to collect our sensitive and classified

information include:

• Academic Solicitation - through scientific boards review of academic papers or

presentations, or applications for admission in to academic institutions,

departments, or programs

• Attempted Acquisition of Technology – through agency of front companies or third

party countries or direct purchase of firms

• Criminal Activities – via theft attempts to acquire protected information without

any pretense of legitimate acquisition

• Exploitation of Relationships – through established connections such as joint

ventures, official agreements, business arrangements, or cultural commonality

• Foreign Visit – through visits to cleared contractor facilities that are either pre-

arranged by foreign contingents or unannounced

• Request for Information – Via phone , or email, to collect protected information

under the guise of price quotes, or marketing surveys

• Seeking Employment – Via resume submission, applications, and references to

introduce persons wittingly or unwittingly to gain access to protected information

7






Threat Awareness

♦ Let us not forget who we support

Information concerning troop rotations, locations, equipment,

and technology is classified for a reason. Unauthorized

release of this information can have a detrimental effect on

the Warfighters’ survivability

8






Insider Threat

♦ A insider is anyone with authorized access to protected information who

may use it intentionally or unintentionally to compromise or potentially

compromise the security of SRI, our customers, or national security.

Insiders have caused far reaching damage to our national security than

external sources.

♦ The increasing value of technology and trade secrets in the global and

domestic marketplace, and the temporary nature of many high-tech jobs,

have increased both the opportunities and the incentives for economic

espionage.

♦ The rapid expansion in foreign trade, travel, and personal relationships of

all kinds, now make it easer for insiders to establish contact with potential

buyers of classified material and other protected information.

9






Insider Threat Indicators

♦ Working late and odd hours

♦ Repeated security violations

♦ Unannounced foreign travel

♦ Dual citizenship

♦ Gambling

Insider Threat Indicators

♦ Disgruntlement

♦ Financial influence

♦ Financial hardships

♦ Excessive time off

♦ Exploitable behavior

Insider Threat

10






Defensive Security

♦ Classified Information:

• Must never be left unattended.

• Must never be discussed in public places.

• Must be discussed on secure telephones or sent via secure faxes.

• Must be under the control of an authorized person.

• Must be stored in an approved storage container.

• Must never be processed on a computer that is not a U.S. Government approved

classified system.

♦ Discussing Classified Information:

• It is your personal responsibility to know that the person you are dealing with is

both properly cleared and has a need to know.

• You must never reveal or discuss classified information with anyone other than

those that are properly cleared and have a need to know.

• To prevent solicitation from a party seeking to illegally attain US Secrets a good

practice is to avoid revealing that you have a clearance or that you have any

involvement with classified material unless absolutely necessary for work.

11






Defensive Security

♦ When traveling on company business or for personal reasons, plan and

prepare. Complete Foreign Travel Report form found within the Security

section of the QMS.

♦ It is recommended to develop a personal travel plan and give it to your

office and family.

♦ Learn about the culture, customs and laws of countries you visit.

♦ Visit the Department of State website for threat Advisories.

♦ Coordinate with your FSO for overseas company travel.

PERSONNEL HOLDING TS/SCI MAY HAVE ADDITONAL

REPORTING REQUIREMENTS. CHECK WITH YOUR

GOVERNEMENT CLIENT OR FSO.

12






Overview of the Classification

System

♦ CONFIDENTIAL: Unauthorized disclosure reasonably could be expected

to cause DAMAGE to the national security.

♦ SECRET: Unauthorized disclosure reasonably could be expected to cause

SERIOUS DAMAGE to the national security.

♦ TOP SECRET: Unauthorized disclosure reasonably could be expected to

cause EXCEPTIONALLY GRAVE DAMAGE to the national security.

13






Report to your FSO: Adverse information including but

not limited to:

Insider Threat

14

• Loss, compromise, (or suspected loss

or compromise) of classified or

proprietary information

• Evidence of tampering with a container

used for storage of classified

information.

• Finding an unlocked security container

which is unguarded or one left

unlocked after-hours.

• Change in marital status, name,

Change in cohabitation (involving a

non-US citizen)

• No longer requiring access

• Citizenship changes

1. Changes in allegiance to the

United States

2. Foreign influence

3. Foreign preference

4. Sexual behavior

5. Emotional, Mental and

Personality Disorders (marital,

family, and grief counseling need

not be reported)

6. Personal conduct

7. Financial considerations

8. Alcohol consumption

9. Drug involvement

10. Criminal conduct

11. Security violations

12. Outside activities

13. Misuse of information technology

systems






Standard Form 312

The Non-Disclosure Agreement

15

A SPECIAL

TRUST IS

PLACED IN

YOU

LIFELONG

AGREEMENT

YOU MUST

PROTECT

FROM

UNAUTHORIZE

D DISCLOSURE

SERIOUS

CONSEQUEN

CES FOR

NON-

COMPLIANCE






SRI’s Security Program

What the Security Staff Does:

• Review DD254 to document security requirements per contract

• Initiate Personnel Security Applications (e-QIP) for employees requiring

clearances

• Submit Visit Authorizations for secured access

• Provide Orientation briefings and Annual Refresher Training

• Report Adverse Information

• Monitor JPAS (Joint Personnel Adjudication System) for Personnel Security

updates

16






Disciplinary Action

The disciplinary action to be taken for a specific security infraction or

violation will be decided upon by the President and the FSO meeting

together to discuss the infraction or violation. The disciplinary

actions that may be taken are:

• Retraining

• Verbal warning

• Verbal reprimand

• Written reprimand

• Suspension of security clearance -Suspension of a security clearance can be for

any length of time that is determined to be appropriate for the security incident

and will be determined by the President and the FSO with guidance from DSS.

Prior to the reinstatement of the security clearance a meeting to discuss the

individual’s suitability for a security clearance will be held and guidance from DSS

will be solicited.

• Termination of security clearance Any clearance suspension or termination will be

noted in the Department of Defense Joint Personnel Access System database.

This is the database of record for the U.S. Government that tracks all industrial

security clearances and actions.

• Criminal actions

• The action taken will be based upon the severity of each or subsequent

infraction(s) or violation(s) and may include none, any, or all of the actions listed.

17






Reporting HOTLINE

Information ♦ Federal Bureau of Investigation

The FBI has 56 field offices. The phone

number of the nearest office is listed

under United States Government in your

local phone book.

♦ Defense Department

1-800-424-9098, (703) 693-5080

♦ Defense Security Service (DSS)

(Defense contractors report suspect

incidents to local DSS industrial security

representative)

♦ Defense Intelligence Agency

(703) 907-1307

♦ National Security Agency

♦ (301) 688-6911

♦ Department of Army

♦ 1-800-CALLSPY

♦ Naval Criminal investigative Service

♦ 1-800-543-NAVY

♦ Air Force Office of Special

Investigations (202)767-5199

♦ Central Intelligence Agency Office of the

Inspector General (703) 874-2600

♦ Department of Energy (202) 586-1247

♦ U.S. Nuclear Regulatory Commission

Office of the Inspector General 1-800-233-

3497

♦ US Customs Service 1-800-BE-ALERT

(to report suspicious activities involving

export of high-technology, munitions

products, other commodities, narcotics,

intellectual property, and US currency)

♦ Department of Commerce/Office of

Export Enforcement (202) 482-1208 or 1-

800-424-2980 (to report suspicious

targeting of US export-controlled

commodities)

♦ Department of State Bureau of

Diplomatic Security (202) 663-0739When

traveling overseas, suspect incidents

should be reported to the Regional

Security Officer (RSO) or Post Security

Officer (PSO) at the nearest U.S.

diplomatic facility.

18






FSO Contact Information –

Questions?

♦ If you ever have a security related question do not

hesitate to contact the SRI Security Office.

♦ Joe Windham, Facility Security Officer

Strategic Resources, Inc.

7927 Jones Branch Drive, Suite 600W

McLean, VA 22101

T: 703-749-3040 F: 703-563-6102

E-mail: [email protected]

19




mailto:[email protected]





Orientation Security Briefing

Completion Certificate

I, _____________________________________, certify that on

this date,_____________, I read and now understand what

was contained in this Initial Security Briefing.

Signature:__________________________

Print name and date to this certificate and mail, fax, or print to a PDF and email to the SRI Security office

([email protected]).

20




security orientation briefing♦ june 15, 2015: mostafa ahmed awward was convicted for attempted...

Documents