POPULARITY
Send us a text descriptionNISPOM Compliance Consulting and FSO Services: https://www.thriveanalysis.comNISPOM Books and Training Resources https://www.nispomcentral.comContact Jeff: jeff.bennett@nispomcentral.comImplementing an Effective Insider Threat Program for NISPOM ComplianceJeff Bennett from Thrive Analysis Group discusses the importance of implementing an aggressive insider threat program to ensure NISPOM compliance. He explains how such a program can protect sensitive information within clear defense contractors, commercial entities, institutions, and nonprofits. The video outlines the identification of sensitive assets, developing countermeasures, and training employees to recognize and report suspicious behavior as focal points of a robust insider threat program. Continuous evaluation, education on adverse information reporting, and practical steps for effective insider threat management are also covered.00:00 Introduction to Jeff Bennett and Thrive Analysis Group00:25 Understanding Insider Threat Programs01:52 Identifying Insider Threat Behaviors03:28 Implementing a Robust Insider Threat Program05:27 Continuous Evaluation and Reporting09:55 Training Employees on Insider Threats12:36 Conclusion and Contact InformationNISPOM CentralProviding security clearance books, training, and resources for cleared defense contractors.Clearance, NISPOM, and FSO ConsultingThrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showFSO Consulting:https://thriveanalysis.com/nisp/NISPOM Compliancehttps://www.nispomcentral.comWe provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
Send us a textJeff Bennett, owner of Thrive Analysis Group and NISPOM Central, explains the significance of security training for uncleared employees in defense contracting companies. The video details compliance with the National Industrial Security Program Operating Manual (NISPOM) and covers mandated topics such as threat awareness, counterintelligence, and cybersecurity. Bennett emphasizes the importance of including uncleared employees in security training to prevent unauthorized access to classified information. He also highlights the need for regular training and self-inspection processes, suggesting outsourcing as a solution for overwhelmed FSOs.00:00 Introduction to Thrive Analysis Group00:28 Understanding the Role of FSOs01:05 Outsourcing FSO Tasks01:22 Developing a Sustainable Security Program01:57 Today's Training Topic: Security Training for Uncleared Employees02:09 NISPOM Training Requirements03:34 Benefits of Training Uncleared Employees04:49 Handling Classified Information06:51 Training Tips for FSOs09:14 Self-Inspection and Training Resources10:29 Conclusion and Additional Resourcesvisit https://www.nispomcentral.comNISPOM CentralProviding security clearance books, training, and resources for cleared defense contractors.Clearance, NISPOM, and FSO ConsultingThrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showFSO Consulting:https://thriveanalysis.com/nisp/NISPOM Compliancehttps://www.nispomcentral.comWe provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
Send us a textConsulting: https://www.thriveanalysis.comBooks, Training and Resources: https://www.nispomcentral.comWhat's Next After Getting Your Facility Security Clearance?Join Jeff Bennett, President of Thrive Analysis Group, as he guides you through the steps to take after obtaining your facility security clearance. In this video, Jeff discusses the responsibilities of facility security officers, how to manage security programs, delegation of tasks, compliance with NISPOM, and preparing for self-inspections. Ideal for companies new to security clearances and those needing assistance in building and maintaining a security-conscious infrastructure.00:00 Introduction to Thrive Analysis Group00:20 Understanding Facility Security Clearances01:10 Roles and Responsibilities of Security Officers02:00 Guidance for New Facility Security Officers03:04 Building and Managing a Security Program04:01 Delegating Tasks and Using Resources06:14 Developing Security Policies and Procedures07:11 Handling Classified Information On-Site11:18 Conducting Self-Inspections12:33 Conclusion and Next StepsNISPOM CentralProviding security clearance books, training, and resources for cleared defense contractors.Clearance, NISPOM, and FSO ConsultingThrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showFSO Consulting:https://thriveanalysis.com/nisp/NISPOM Compliancehttps://www.nispomcentral.comWe provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
The 11th episode of "Are We All Clear? Facilitating Security Clearances" explores the role of outside directors and proxy holders within the National Industrial Security Program Operating Manual (NISPOM) framework and their significance in insulating a cleared company from its foreign owners. Host Molly O'Casey and International Trade attorney Antonia Tzinova discuss practical approaches to the selection, employment and accountability of these positions, as well as delve into the broader context of Foreign Ownership, Control or Influence (FOCI) mitigation to protect U.S. national security interests.Their conversation covers a myriad of topics (and acronyms!), including recent developments in FOCI, facility security clearance (FSC), NISPOM, Defense Counterintelligence and Security Agency (DCSA), Special Security Agreements (SSA), Security Control Agreements (SCA) and the Government Security Committee (GSC).
Send us a Text Message.Get the TrainingSecurity Training; It's That Important NISPOM requires that every cleared employee receives the initial training and the annual refresher training The rational for initial and refresher is because new employees are introduced to sensitive and classified government information and they should learn the fundamentals. Here are some great topics; just so happens to be addressed in NISPOM: The nature of classified material and how to protect it. Notice of their responsibilities to protect classified information and the consequences of unauthorized disclosure Recognizing and protecting U.S. and foreign government classified material Criteria for authorizing access to classified information Responding to classified information released to the public Security chain of command and support structure for addressing security incidents and violations Cleared employees on foreign travel For example, the newly cleared employee may not understand how to dial a combination or determine who to allow access to classified material. Without proper training, the newly cleared employees may make honest mistakes leading to security violations.Access Commander by MathCraftWe support the mission of FSOs, CSOs and other security professionals. SIMS SoftwareSIMS suite provides features/functionality you need to run automated industrial security programs. Security Defense LawyerIf you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyClearance, NISPOM, and FSO ConsultingThrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.NISPOM CentralProviding security clearance books, training, and resources for cleared defense contractors.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the Show.FSO Consulting:https://thriveanalysis.com/nisp/NISPOM Compliancehttps://www.nispomcentral.comWe provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
For some, the FSO designation is a career track with potential growth. For others, it's an undesired appointment, part of doing business and just another additional duty.However, this responsibility should be taken very seriously as classified contracts depend on success. Regardless of whether desired or appointed, the FSO is key to managing classified contracts.Why not let Thrive Analysis Group Inc manage your FSO requirements while you focus on your core capabilities. We are uniquely positioned to equip your organization with FSO solutions and services.While you may be appointed as FSO, you should delegate FSO responsibilities to us. We provide a wide range of managed solutions. Leave FSO tasks to a trusted partner.FSO Solutionshttps://thriveanalysis.com/nisp/https://www.redbikepublishing.com/insiderthreatprogram/Online security clearance webinars and coaching. Providing security training and resources.Most organizations attack the problem with either an employee tracking or online activity reporting goal.After asking the above questions, we recommend a different solution. Of course the employee reporting and activity tracking solutions are important and part of the solution, but they should not be the end goal.This book recommends a different application that can easily be implemented to both resolve insider threat issues and demonstrate compliance.Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyRed Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Clearance, NISPOM, and FSO Consulting Thrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showFSO Consulting:https://thriveanalysis.com/nisp/We provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
In this episode of All Things Investigations, host Tom Fox and Kevin Carroll discuss the alarming revelation that former President Trump allegedly shared sensitive information about nuclear submarines with an Australian civilian, as well as a peculiar court hearing involving a limited gag order on Trump. They explore the gravity of the information shared, its implications on national security, and the potential legal repercussions. Kevin is a partner in the Washington, D.C., and New York offices of Hughes Hubbard & Reed in the White Collar & Regulatory Defense and Anti-Corruption & Internal Investigations practice groups. He also helps counsel businesses on CFIUS/FIRRMA, cyber security and data privacy, EAR/ITAR, FARA, FCPA, FISA, FMS, NISPOM, and OFAC compliance. You'll hear Tom and Kevin discuss: President Trump allegedly discussed secrets about nuclear submarines with an Australian civilian, Anthony Pratt. Kevin emphasizes the seriousness of this revelation, highlighting the crucial role submarines play in national security, including preserving Taiwan's independence and intelligence collection. Strategic missile submarines (boomers) are the ultimate nuclear guarantee, capable of retaliatory strikes against adversaries, and their secrecy is paramount. Kevin is surprised that additional charges were not laid against Trump for willfully communicating classified information to an uncleared foreign national. The disclosure of classified information poses a risk to national security, as adversaries may adapt their tactics and enhance technology based on shared information. There is no remedy once sensitive information is released; the damage caused may be irreversible. The intelligence relationship between the United States and Australia is one of the closest, with both countries part of the Five Eyes alliance. A limited gag order was imposed on President Trump after an unusual hearing related to a motion brought by Special Counsel Jack Smith. Kevin criticizes the defense lawyers' aggressive approach and disrespectful behavior toward the federal judge during the hearing. The judge's decision to impose a limited gag order is a necessary step to prevent potential harm to individuals targeted by Trump's remarks. The broader societal implications of such unchecked criticisms from a public figure like Trump, with a significant following, are emphasized. Judges may consider escalating fines as a deterrent to gain Trump's attention and prevent further damage and incitement of violence. Trump's potential strategy may be to use incarceration as a political narrative, portraying himself as a victim. Kevin believes fines would be a more effective deterrent and expresses hope that financial penalties would capture Trump's attention. Repeated violations of the gag order is a strategy Trump may use to attempt to poison the jury pool. Such efforts might have more impact in Florida and Georgia. Venue selection in high-profile cases is crucial to ensure a fair trial. Lawyers have the responsibility to weed out jurors with preconceived notions, regardless of the case's profile. However, in some cases, it's impossible to find a jury unaffected by public awareness. Resources Hughes Hubbard & Reed website Kevin Carroll on LinkedIn
This is a collaborative effort with Clearancejobs.com and an interview from my newest book, Establish and Insider Threat Program Under NISPOMFSOs have a huge responsibility to protect contractor information. One important job is to start with an insider threat program.Most people make the mistake of relying on tracking employees and looking for suspicious behavior. That's not a good way to start.I've got a better solution. It's here in the video as well as my new book:Establish an Insider threat program under NISPOM. Tools, templates and procedures you can download. https://www.redbikepublishing.com/insiderthreatprogram/Jeff is available for speaking and consultinghttps://jeffreywbennett.comOnline security clearance webinars and coaching. Providing security trainRed Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Clearance, NISPOM, and FSO Consulting Thrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showFSO Consulting:https://www.redbikepublishing.com/fso-consulting/https://jeffreywbennett.comWe provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
Jeff is available for speaking and consultinghttps://jeffreywbennett.comhttps://jeffreywbennett.thinkific.comFSOs have a huge responsibility to protect contractor information. One important job is to start with an insider threat program.Most people make the mistake of relying on tracking employees and looking for suspicious behavior. That's not a good way to start.I've got a better solution. It's here in the video as well as my new book:Establish an Insider threat program under NISPOM. https://www.redbikepublishing.com/books/https://www.redbikepublishing.com/insiderthreatprogram/Online security clearance webinars and coaching. Providing security training and resources.It also answers the question that so many people have asked,If we have the NISPOM, why do we need an insider threat program?If the NISPOM is so thorough, what would an additional insider threat program look like?Most organizations attack the problem with either an employee tracking or online activity reporting goal.After asking the above questions, we recommend a different solution. Of course the employee reporting and activity tracking solutions are important and part of the solution, but they should not be the end goal.This book recommends a different application that can easily be implemented to both resolve insider threat issues and demonstrate compliance.Establishing an Insider Threat Program Under NISPOM is writJeff's Website Jeff is available for speaking and consultingSIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Clearance, NISPOM, and FSO Consulting Thrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showFSO Consulting:https://www.redbikepublishing.com/fso-consulting/https://jeffreywbennett.comWe provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
Free security clearance seminarehttps://www.redbikepublishing.com/securityclearanceseminar/NISPOM Fundamentals https://www.bennettinstitute.comStay tuned for more information about our upcoming book. In the meantime, if you need to provide Insider Threat Training, you can download and present your very own to your employees NISPOM requires Derivative Classification Training and Record keeping Guidance. This guidance states that the cleared contractor provide cleared personnel with initial Derivative Classification Training and follow up and at least once every 2 years. No time to write training?You can find training here https://www.redbikepublishing.com/derivative/See more in oMission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Clearance, NISPOM, and FSO Consulting Thrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showFSO Consulting:https://www.redbikepublishing.com/fso-consulting/https://jeffreywbennett.comWe provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
We are having a security clearance webinar. FInd more information here:https://www.redbikepublishing.com/securityclearanceseminar/This podcast is based on information from our NISPOM fundamentals course at https://www.bennettinstitute.comPodcast discusses:Holding a security clearance is a privilege. The awardee is able to perform on classified contracts where they would not otherwise be able. However, some defense contractors mistakenly assume that they can request a Facility Security Clearance (FCL) for business development purposes or to better position themselves future classified contract opportunities. Though that is not how FCLs are awarded, there is a process and methodology to justify the FCL. The FSO has marching orders to develop and implement security programs to protect classified information. But, how effective is security policy if it is written by security and posted Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Clearance, NISPOM, and FSO Consulting Thrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the showFSO Consulting:https://www.redbikepublishing.com/fso-consulting/https://jeffreywbennett.comWe provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
We are having a security clearance webinar. FInd more information here:https://www.redbikepublishing.com/securityclearanceseminar/This podcast is based on information from our NISPOM fundamentals course at https://www.bennettinstitute.comPodcast discusses:Facility Security Clearances (for businesses)Personnel Security Clearances (for people)Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Support the showFSO Consulting:https://www.redbikepublishing.com/fso-consulting/We provide facility security clearance, personnel security clearance, FSO consulting and NISPOM consulting. Personnel Security Clearances How to get a clearance What to expect once you get a clearance What you can do to prepare for a clearance Facility Security Clearance ✓Become a CDC Contractor ✓Determine security requirements for SECRET, TOP SECRET and SCI Clearances ✓Establish a security team to protect classified information ✓Develop and provide required security training ✓Prepare for government inspections ✓Interpret Contract specifications ✓Fight Insider threat ✓Learn Security clearance levels ✓Process Classified information ✓Prepare Derivative Classification ✓Provide required Security Training ✓Appointing a Facility Security Officer ✓Prepare for Government Audits Security Clearance and NISPOM consulting
Red Bike Publishing, LLC is a Service Disabled Veteran Owned Small Business. We have sold thousands of books and training materials to individual customers. However, we would like to provide our manuals books and training to government offices to pass down to employees and contractors. These books are available for credit card purchase from our website and amazon.com.Our products include training, books and services:Reminder magnets for security containers and safes.DODM 5200.01 V 1-3 and study guides for SPeD SFPC certificationNISPOM and study guides for ISP CertificationNISPOM Required TrainingFSO Services (facility and personnel security clearances)DoD and NISP Security Certification 3 day course, perfect for employees and contractorsIn depth study of and testing tipsTailored NISP required trainingeditor@redbikepublishing.comCAGE: 53JF5 NAICS: 511130, 541690, 611430 Cleared employees are trained how to properly mark, store and disseminate classified information, but not taught how to effectively communicate without inadvertently disclosing sensitive information. Develop security program based on numbers 1-3. Include the risk and develop countermeasures and implement those countermeasures as well as regulated NISPOM and other requirements. Identify the threat, determine the risk of threat, and document impact and countermeasure costs.For more information on conducting risk analysis and creating countermeasures, see our book How to Get U.S. Government Contracts and Classified Work.The term Cleared Defense Contractor,might conjure images of large complexes, with a healthy security staff, plenty of closed areas, labs and conference rooms. For example, the risk model may identify that there is a low crime rate. Classified information can be properly stored in a GSA approved security container locked in a central office. If you need assistance with FSO tasks, OPSEC, risk assessments, or security training please contact me or visit my consulting site Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Clearance, NISPOM, and FSO Consulting Thrive Analysis Group Inc is your resource for security clearance, NISPOM, and FSO consulting.Support the show
Link to YouTube presentation https://youtu.be/SNTlRrZvr-EFSOs have a huge responsibility to protect contractor information. Just like an Olympic team may protect their athlete and performance details, the FSO should determine who is on the team, and which team members have access to information. The FSO should not stop work, but facility contract requirements without jamming up the employees with unobtainable security procedures. This is a presentation of how to be a world class FSOFrom How to Get U.S. Government Contracts and Classified WorkInfluence at all levelsIntegrate security at all levelsBe fiscally responsible Be flexible, but knowledgeableIf you need assistance with FSO or security training please contact me or visit my consulting site www.jeffreywbennett.com.Additionally, we have NISPOM fundamentals training perfect for studying and applying to your CDC facility. https://bennettinstitute.com/course/nispomfundamentals/The purposeful execution of Foreign travel pre-briefings-When employees travel to a foreign country, they may be targeted to provide sensitive information. A threat and/or defensive briefing should be provided to all cleared employees per NISPOM. (NISPOM Training). The briefings should be documented with signatures, dates and contents of briefings for presentation to Defense Security Services (DSS) industrial security representatives.There is a lot of debate about professional certification. Currently, the drive and motivation for facility security officers (FSO) and security specialists to become Industrial Security Professional (ISP) certified is still self-motivation and not yet a requirement.Jeff's WebsiteJeff is available for speaking and consultingSIMS SoftwareSIMS suite provides features/functionality you need to run automated industrial security programs.Access Commander by MathCraftWe support the mission of FSOs, CSOs and other security professionals.Bennett InstituteOnline security clearance webinars and coaching. Providing security training and resources.Mission Driven Research, IncMission Driven Research, Inc is a growing company providing technical services to the US government.Support the show (https://www.patreon.com/redbike)Support the show
If you are a new FSO, there is no reason to travel your journey alone. You may recruit fellow employees to assist with the tasks. Additionally, there are many resources available to assist with FSO responsibilities to include DCSA, NISPOM, professional organizations, consultants, books and training are available just for this purpose.Lately, contract language requires the contractor to conduct tasks in support of Program Protection Planning (PPP), Supply Chain Risk Management (SCRM), Criticality Analyses (CA), and providing Program Protection Plan Implementation Plans (PPIP). These requirements include language that requires developing PPIPs, protecting critical components, developing SCRM plans, quantifying risk to the supply chain, vetting vendors and so much more. The ISP and ISOC Master exam prep for NISPOM 32 CFR Part 117 is now available. If you plan to test in winter 2022 or later, make this version part of your study plans.Check it out. While this may not be an organic capability for most organizations, there are many small companies that can step up and provide the necessary guidance or share in the workload. Classified information should only be reproduced in response to a contractual requirement such as in the performance of a deliverable. Reproduction should not be made as a matter of convenience as it puts classified information at unnecessary risk and it requires dedicated resources. The FSO can enforce resource discipline with:1. Creating processes and procedures identifying reproduction only as necessary and using only approved equipment 2. Ensuring only trained and authorized personnel are able to reproduce classified information. 3. Identifying office equipment, copy machines, scanners and other reproduction equipment for classified information reproduction. All other enterprise equipment should be off limits to classified reproduction.Link to NISPOM and cleared contractor security books.Link to NISPOM required trainingRed Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Support the show
Here are the top reasons for marking classified information: Warn and inform a user that an item is indeed classified or sensitiveConveys what exactly needs protection Identifies levels of classification or sensitivityProvides vital information and instruction on when to downgrade or declassify the materialGives sources and reason for classifying the itemWarns of special access, control, dissemination or safeguarding requirements Find out more in How to Get U.S. Government Contracts and Classified WorkBe sure to visit Red Bike Publishing for books and training.If you need assistance with FSO or security training please contact me or visit my consulting site www.jeffreywbennett.com.DCSA ReviewPrior to each inspection, the FSO and cleared contractor leadership should present DCSA with a state of security briefing to introduce and go over the company security policy. Similarly, the DCSA special agent may provide an out-briefing detailing the results of the inspection. This out briefing and soon to follow documentation of the inspection provides further data toward building an excellent security program.Pay attention to the results and apply them to make your security program to protect classified information even more effective.TrainingFSOs should conduct initial and refresher training and file reports as required by the NISPOM. Instead of conducting NISPOM training with compliance as the end goal, the training can be performed as an effective relationship building opportunity. NISPOM required training that you can download and present is here: https://www.redbikepublishing.com/training/Additionally, we have NISPOM fundamentals training perfect for studying and applying to your CDC facility. https://bennettinstitute.com/course/nispomfundamentals/Becoming a cleared defense contractorThe facility clearance is required to be in place prior to the contractor performing on classified work. After the GCA or prime contractor submits the sponsorship letter, the company can begin the process of applying for the clearance. A contractor has to meet five requMission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Jeff's Website Jeff is available for speaking and consultingSupport the show
On todays episode I'm joined by Greg Linares and John Wetzel to discuss insider threats, what you should look for and how to help mitigate them. We also discuss some of the tactics, techniques and procedures (TTPs) employed by the Lapsus$ Group over the last few months to help you build your insider threat hunting program. The general consensus seems to be no data loss prevention (DLP) system gets you where you need to be in securing your data. Greg Linares' professional career in cybersecurity began in 2006, when he joined eEye Digital Security as a Security Researcher. During his tenure, he was accredited with the discovery of several vulnerabilities in major vendors such as Microsoft, CA, Yahoo, Bitdefender and AFLAC, as well as doing development on the Retina Network Security Scanner. Over the next several years he performed many lead roles in reverse engineering, penetration testing, malware analysis, threat intelligence, and security software development. Currently he is a heading up a security team at a Venture Capital firm in CA and has a passion for helping and supporting others at all stages in their cybersecurity career. John Wetzel is currently the Director of Intelligence Solutions at Recorded Future. John is an experienced security intelligence leader building strategic, global teams. Hands-on technical leader passionately merging technical, business, product knowledge to achieve strategic business outcomes. Strong communicator for boards of directors and C-suite to practitioners. Previously DOD counterintelligence and compliance officer (NISPOM, ITAR, EAR) with strong relationships to federal law enforcement. Writer and speaker on cyber threat intelligence applications, insider threat programs at SANS CTI Summit, Kaspersky SAS 2019, Predict host and trainer 2016-2020. Co-author, The Security Intelligence Handbook (available on Amazon). This episode is available on YouTube: https://youtu.be/N4frDXTusBU Greg Linares https://twitter.com/laughing_mantis https://www.youtube.com/channel/UCSnNQ4Rah04sokjkLI8NAJg John Wetzel https://www.linkedin.com/in/johnawetzel https://twitter.com/johnwetzel https://recordedfuture.com Shiva Maharaj https://www.linkedin.com/in/shivamaharaj https://twitter.com/kontinuummsp https://www.kontinuum.com/ --- Support this podcast: https://anchor.fm/amplifiedandintensified/support
Though defense contractors don't assign classification levels, it helps to understand why information gets classified and how the government identifies the classified information. The cleared contractor works with the classified information and protects it according to the markings.From How to Get U.S. Government Contracts and Classified WorkInfluence at all levelsIntegrate security at all levelsBe fiscally responsible Be flexible, but knowledgeableIf you need assistance with FSO or security training please contact me or visit my consulting site www.jeffreywbennett.com. Additionally, we have NISPOM fundamentals training perfect for studying and applying to your CDC facility. https://bennettinstitute.com/course/nispomfundamentals/The purposeful execution of Foreign travel pre-briefings-When employees travel to a foreign country, they may be targeted to provide sensitive information. A threat and/or defensive briefing should be provided to all cleared employees per NISPOM. (NISPOM Training). The briefings should be documented with signatures, dates and contents of briefings for presentation to Defense Security Services (DSS) industrial security representatives.There is a lot of debate about professional certification. Currently, the drive and motivation for facility security officers (FSO) and security specialists to become Industrial Security Professional (ISP) certified is still self-motivation and not yet a requirement.Jeff's WebsiteJeff is available for speaking and consultingSIMS SoftwareSIMS suite provides features/functionality you need to run automated industrial security programs.Access Commander by MathCraftWe support the mission of FSOs, CSOs and other security professionals.Bennett InstituteOnline security clearance webinars and coaching. Providing security training and resources.Mission Driven Research, IncMission Driven Research, Inc is a growing company providing technical services to the US government.Security Defense LawyerIf you have had an event that could put your security clearance in jeopardy. contact Ron immediatelySupport the show (https://www.patreon.com/redbike)Support the show (https://www.patreon.com/redbike)
There are many contractual reasons to transfer classified information from one location to another. Meetings, working groups, and deliverable requirements are just a few. In the receiving organization, the FSO should ensure all arriving classified information is inspected and received into accountability. From How to Get U.S. Government Contracts and Classified WorkThe FSO should ensure that all classified deliveries are inspected prior to bringing them into accountability. Such checks are necessary to ensure items were sent properly, were not tampered with in transit, contain correct items and are authorized for storage in the classified holdingsBe sure to visit Red Bike Publishing for books and training.If you have questions, visit Jeff's website: jeffreywbennett.comWhen performing Derivative Classification tasks, it's sometimes necessary to produce, reproduce, copy, or print classified information for work products, briefings and demonstrations. When doing so, the derived item should bear the appropriate classification.Classification markings are applied to the top and bottom, front and back of classified items. Markings are also found in internal pages, paragraphs and other locations inside documents, books, manuals and other paper based products.e have NISPOM fundamentals training perfect for studying and applying to your CDC facility. https://bennettinstitute.com/course/nispomfundamentals/ FSO trains and treats ALL employees as security “force multipliers”. With security ingrained in the performance and actions of employees, the organization has a united front and all employees exist to protect classified information. For example, even employees without security clearances can help protect classified information by learning to recognize classification markings reporting suspicious behavior or contacts.The corporate culture of successful organizations is published organization wide and employees are well versed. Each employee should understand how they fit into the company mission and the importance of their contribution toward tJeff's Website Jeff is available for speaking and consultingSIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelySupport the show (https://www.patreon.com/redbike)
When Defense Counterintelligence and Security Agency (DCSA) conduct reviews of cleared defense contractor facilities, they go with a purpose. Their first priority may be to conduct a risk assessment of classified information in the contractor's possession. However, they are also looking at above and beyond metrics that demonstrate the commitment to national security. These above and beyond attributes are often recorded and rewarded. Here are some ideas Facility Security Officers can employ to demonstrate above and beyond NISPOM application. You might even consider inviting an Industrial Security Professional (ISP) or Industrial Security Oversight (ISOC) certified guest speaker.Additionally, many vendors offer already developed online NISPOM training perfect for sending to your employees.Be sure to create an index or catalog of where brochures, posters or other training items are located so that you can keep them updated, monitor use and make improvements. Most of all, it's important to document and demonstrate how you use these items to improve your security posture. Become an expert for your training and show DSS how you are making a difference.For those defense contractors who what to perform on classified contracts, there are a few considerations to address. Under the National Industrial Security Program (NISP), a cleared contractor should appoint an FSO to take on this responsibility of directing a security program to protect our classified information. This FSO is the link between the government contractor and the cognizant security agency (CSA).The FSO has a tough task that they can't possibly do alone (for training resources visit our website).More tips can be found in the book “How to Get U.S. Government Contracts and Classified Work”If you need assistance with FSO or security training please contact me or visit my consulting site www.jeffreywbennett.com. Additionally, we have NISPOM fundamentals training perfect for studying and applying to your CDC facility. Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyMission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Jeff's Website Jeff is available for speaking and consultingSupport the show (https://www.patreon.com/redbike)
Though not as sinister and espionage riddled as most savvy spy novels, export compliance is an issue that will get defense contractors in trouble. Violating State Department regulations will bring the weight of the US Government on the offending company. According to the International Traffic In Arms Regulation, ITAR, “Any person who engages in the United States in the business of either manufacturing or exporting defense articles or furnishing defense services is required to register”. Security clearances should be kept to the minimum amount necessary to perform the classified work, access to that classified information must be kept to only those with a valid need to perform on the government work. Security clearance verification cannot provide need to know. Just because one has a clearance doesn't mean they should be authorized access. Need to know is based on a contractual or work performance basis.A leader can form an HPT from all business units. Since the FSO is responsible for creating a security program to protect classified information, they may either suggest or take the lead and form the group. Once in the group, the individuals begin to discuss the vision, norms and etc. Such topics to tackle might include policy, security violations, refresher training, emergency operations planning, and communication for starters. A multi organizational HPT can bring depth and breadth to a stagnant security program.Only those working in the National Industrial Security Program for at least 5 years are edible for the ISP Certification and anyone holding the SFPC qualifies for ISOC. Five years experience should make the professional more than capable of passing the exam. However, understanding how to study will make a difference in their success.Podcast links:Free NISPOM and ISP Trainingwww.bennettinstitute.com/coursesMy consulting site www.jeffreywbennett.com. NISPOM fundamentals training perfect for studying and applying to your CDC facility. https://bennettinstitute.com/course/nispomfundamentals/ How to Get U.S. Government Contracts and Classified Work.ITAR https://www.redbikepublishing.com/itar/NISPOM https://www.redbikepublishing.com/nispom/Certification: https://www.redbikepublishing.com/ispcertification/Government Security Training https://www.cdse.edu/Support the show (https://www.redbikepublishing.com/insidersguide/)
A cleared contractor can help reduce expenses with by preparing ahead of time. This is where an experience FSO can anticipate expenses, perform risk assessment while implementing NISPOM and advise on ways to reduce costs while being compliant. The more money saved on overhead expenses, the greater the overall company profit. The earlier into the process the assessment is conducted the better the company performs overall.It's a common practice to allow employees to use enterprise computers outside of the enterprise. This has become more common where employees are increasingly working at home. Though a common practice, these occurrences are not always best practices. Anytime an employee leaves work with a company computer, the expectation is that all information is vulnerable. Protecting classified material – The proper receipt, accountability, storage, dissemination and destruction of classified material. Link to CDSE training https://www.cdse.edu/Required training – This instruction helps the FSO establish an ongoing training program designed to create an environment of security conscious cleared employees.Personnel security clearances – The FSO gains an understanding of the personnel security clearance request procedure, briefing techniques and maintenance of personnel clearances.You can find study recommendations, practice questions and NISPOM links at https://www.redbikepublishing.com/ispcertification/ and https://bennettinstitute.com/course/ispisoctipis/If you need assistance with FSO or security training please contact me or visit my consulting site www.jeffreywbennett.com. Additionally, we have NISPOM fundamentals training perfect for studying and applying to your CDC facility. https://bennettinstitute.com/course/nispomfundamentals/Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyJeff's Website Jeff is available for speaking and consultingRed Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Support the show (https://www.redbikepublishing.com/insidersguide/)
On todays episode we're joined by John Wetzel the Director of Intelligence Solutions at Recorded Future and we discuss: Technology and gear left in Afghanistan, ARM chips and more. John is an experienced security intelligence leader building strategic, global teams. Hands-on technical leader passionately merging technical, business, product knowledge to achieve strategic business outcomes. Strong communicator for boards of directors and C-suite to practitioners. Previously DOD counterintelligence and compliance officer (NISPOM, ITAR, EAR) with strong relationships to federal law enforcement. Writer and speaker on cyber threat intelligence applications, insider threat programs at SANS CTI Summit, Kaspersky SAS 2019, Predict host and trainer 2016-2020. Co-author, The Security Intelligence Handbook (available on Amazon). John Wetzel https://www.linkedin.com/in/johnawetzel https://recordedfuture.com https://twitter.com/johnwetzel Eric Taylor https://www.linkedin.com/in/ransomware/ https://twitter.com/barricadecyber https://www.barricadecyber.com Shiva Maharaj https://www.linkedin.com/in/shivamaharaj https://twitter.com/kontinuummsp https://www.kontinuum.com/ If you are interested in CrowdStrike and/or Dark Cubed or just want to have a conversation, please feel free to get in touch with us. Buy Eric a Coffee Eric Taylor is Educating folks around cyber security Buy Shiva a Coffee IT support that's actually supportive. --- Support this podcast: https://anchor.fm/amplifiedandintensified/support
John Wetzel is currently the Director of Intelligence Solutions at Recorded Future. John is an experienced security intelligence leader building strategic, global teams. Hands-on technical leader passionately merging technical, business, product knowledge to achieve strategic business outcomes. Strong communicator for boards of directors and C-suite to practitioners. Previously DOD counterintelligence and compliance officer (NISPOM, ITAR, EAR) with strong relationships to federal law enforcement. Writer and speaker on cyber threat intelligence applications, insider threat programs at SANS CTI Summit, Kaspersky SAS 2019, Predict host and trainer 2016-2020. Co-author, The Security Intelligence Handbook (available on Amazon). John Wetzel https://www.linkedin.com/in/johnawetzel https://recordedfuture.com https://twitter.com/johnwetzel Eric Taylor https://www.linkedin.com/in/ransomware/ https://twitter.com/barricadecyber https://www.barricadecyber.com Shiva Maharaj https://www.linkedin.com/in/shivamaharaj https://twitter.com/kontinuummsp https://www.kontinuum.com/ If you are interested in CrowdStrike and/or Dark Cubed or just want to have a conversation, please feel free to get in touch with us. Buy Eric a Coffee Eric Taylor is Educating folks around cyber security. Buy Shiva a Coffee IT support that's actually supportive. --- Support this podcast: https://anchor.fm/amplifiedandintensified/support
Red Bike Publishing is pleased to announce the new NISPOM. National Industrial Security Program Operating Manual 32 CFR Part 117. An FSO has readily available data to determine and communicate the effectiveness of the security program. Gathering available information, creating a detailed database and performing solid analysis will determine the program's success.End of day checks serve as a precaution against leaving classified information unattended.Feel free to contact us for information on how to promote your business through our newsletter. NISPOM Training Topics:Insider ThreatInitial / Annual Security AwarenessDerivative ClassifierNon Disclosure AgreementIf you need assistance with FSO or security training please contact me or visit my consulting site www.jeffreywbennett.com. Additionally, we have NISPOM fundamentals training perfect for studying and applying to your CDC facility. https://bennettinstitute.com/course/nispomfundamentals/Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Jeff's Website Jeff is available for speaking and consultingSIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyMission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Support the show (https://www.redbikepublishing.com/insidersguide/)
Red Bike Publishing is pleased to announce the addition of training. We have created a training program that includes an Initial Security Training/Annual Awareness Training presentation and much more required by NISPOM. Instead of designing your own, just download and present these. You can even modify them (which we recommend) or tailor to your CDC business. Feel free to contact us for information on how to promote your business through our newsletter. Jeff has made an online recorded version of the course NISPOM Fundamentals that he formerly taught at the University of Alabama Huntsville. He is available teach similar courses at your companies. Send an email to editor@redbikepublishing.com. Red Bike Publishing offers generous royalties and are able to reach over 30,000 people through various magazines, Amazon.com, and other bookstores. Red Bike Publishing uses professional printing and distribute through Ingram, Baker and Taylor, Barnes and Noble and much more.Sometimes life imitates art. Just like in the thrillers that we watch or read, the evil doers seem to either be or think they are smarter than the good guys. They find loopholes that protect their crimes and there isn't a thing the good guys can do about it. Finally, at the last climatic moments, the good guys find the evidence they need to make a prosecution stick. Just like in the movies.A similar thriller plays out in a courtroom according to a January 22, 2010 Washington Examiner article called "Defense Official's Mom Introduces Him to Chinese Spy". According to the Article, James Wilbur Fondren provided three papers to a Taiwanese businessman who paid a consulting fee. Unbeknownst to Mr. Fondren, the Taiwanese businessman was a Chinese Spy. NISPOM Training Topics:Insider ThreatInitial / Annual Security AwarenessDerivative ClassifierNon Disclosure AgreementIf youSecurity Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyJeff's Website Jeff is available for speaking and consultingBennett Institute Online security clearance webinars and coaching. Providing security training and resources.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs. Support the show (https://www.redbikepublishing.com/insidersguide/)
Contact/newsletter:redbikepublishing.com/contactThe National Industrial Security Program NISPOM is THE guidance for Cleared Defense Contractors (CDC) performing on classified contracts. However, it doesn’t always answer some questions these FSOs might have about protecting classified information. For example, suppose a defense contractor company has a contract requiring the storage of classified information at the SECRET level. Do they need an alarm?You might recall in earlier articles that I’ve emphasized the importance of finding out what the threats to classified information are to your particular organization. Be aware of NISPOM vs. Best Practices, vs. Risk Assessment before committing resources that may or may not be required. Industry standards and common practices may almost seem like requirements, but can be expensive endeavors if not necessary to implement. To some, it may be unheard of not to have alarms, cameras or access control systems (door magnets and card readers). However, these are not required in NISPOM (except for intrusion detection systems as identified in certain situations and not in all situations).Prior to travel, a cleared employee should have a good understanding of their responsibilities to protect national security. A Defensive Security Briefing is for those who travel overseas and may be vulnerable to foreign entity recruiting methods. They should be constructed to make the cleared traveler aware of their responsibilities to protect employees, product, customers and those with which they do business. Topics of the defense security briefing should include threat recognition, how to assess and how to respond when approached for recruitment.The Facility Security Officer’s successful program depends on developing relationships with employees, managers and executives to facilitate execution of company policies and adherence to NISPOM. This includes security awareness training, participation in continuous evaluation, and tracking changes of status, and proactive action toward expired, existing and future classified coSupport the show (https://www.redbikepublishing.com/insidersguide/)Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyRed Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Jeff's Website Jeff is available for speaking and consultingMission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.SIMS Software SIMS suite provides features/functionality you need to run automated industrial security programs.
While Facility Security Officers, government and military employees do an incredible job at training employees, implementing and directing security programs to protect classified information, a more menacing threat is still left unchecked. The security industry spends terrific amounts of money fortifying and constructing buildings based on best practices and not entirely on a risk assessment. The NISPOM and other regulations advise on focusing protection and reducing costs. However, without a proper risk assessment, they may fall short of meeting legitimate threats. The current practice makes it very difficult for someone to break in and steal secrets. In light of addressing best practices, the main threat should not be overlooked or neglected. For example, when was the last time you read of buildings being broken into and safes blasted open or being cracked to obtain our nation's secrets? Facility security officers and industrial security professionals should develop measures to safeguard classified information at the highest level indicated. Employees should be trained to perform on these contracts based on NISPOM Guidance. This training includes:Non Disclosure Agreement (SF 312)Derivative ClassifierSecurity Awareness Initial and Annual RefresherInsider Threat A buzz is sweeping the security community since the industry has been notified of the recent updates to DoD's CUI program based on the presidential memorandum with the subject, Designation and sharing of Controlled Unclassified Information (CUI). This memorandum implements a program designed to encourage the speedy sharing of information to those authorized and to better protect the information, privacy and legal rights of Americans. The CUI program is designed to promote proper safeguarding and dissemination of unclassified information. Many readers may be familiar with the program CUI has replaced. Sensitive But Unclassified (SBU) information had enjoyed protection to a certain level but was not conducive to the necessary information sharing. Controlled Unclassified Information (CUI) directives provide procedures for a more appropSupport the show (https://www.redbikepublishing.com/insidersguide/)Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelySIMS Softwar SIMS suite provides features/functionality you need to run automated industrial security programs. Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. SIMS Softwar SIMS suite provides features/functionality you need to run automated industrial security programs. Jeff's Website Jeff is available for speaking and consulting
NISPOM Seminar https://www.redbikepublishing.com/nispom-seminar/Study NISPOM Fundamentals in Four hour sessionWe excited to offer two live NISPOM Seminar events:• 23 March 4-8 Pm CST• 30 March 4-8 Pm CSTPrepare for the Industrial Security Professional ISP Certification (ISP) and the DoD’s SPeD Industrial Security Oversight Certification (ISOC). Those and several similar motivational publications stress that everyone has the same amount of time in a day. What we do during that time helps us either make or goals or fail before we even get started. As leaders, FSOs can help cleared defense contractor employees understand how to create incredible security programs. Focusing on training, interaction with other cleared employees, self-improvement and institutional education should be part of professional development. FSOs and managers who write evaluations for direct reports have an excellent opportunity to help them establish goals to become better at their jobs, more impactful in their careers and hopefully, groomed to become FSO’s themselves. Challenging employees and team members to achieve personal and professional goals breeds success.Security certifications such as ISP Certification and ISOC certification are goals cleared employees could take as a goal as well as encourage employees to achieve. The employee gains from such education and a prestigious career milestone. The organization also benefits from what the security employee learns and applies on the job. When employees study for the ISP Certification, they learn: how to read and apply the NISPOM, the importance of forming professional relationships with cleared employees, how the cleared contractor and the DSS representatives interact, and much more. A leader also creates pride in the organization and employee by making them more competitive in their career and providing basis for professional pride. When employees are challenged with the goal, the manager can help by providing or allowing education as found on the DCSA, professional organization or vendor websites. Studies on NISPOM topics are available on the internet as well as on site. If your team is large enough, consider helping them start a study group. Here are 2 good training ideas:1. If the cleared contractor facility has multiple security employees, provide an opportunity to cross train. Security employees who work personnel security issues could work with document control and etc. Also, consider allowing security employees from one discipline inspect anther security section during the annual self inspectioSupport the show (https://www.redbikepublishing.com/insidersguide/)Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediately
So let’s talk professional goals, the NCMS’ ISP Certification and CDSE's ISOC are great ones to strive for.1. Begin at the NCMS, ISP Certification information website @ http://www.ncms-isp.org/ISP_Certification/index.asp. If your goal is ISOC certification, begin at the CDSE website. 2. Understand the application process. There are minimum experience requirements that applicants must meet as well as administrative tasks built into the process.3. Understand the requirements and get a feel of where you are professionally and any gaps you need to breach to bring your knowledge of NISPOM and ISP or ISOC Certification categories to where it needs to be. It’s not necessary to be an expert in all areas or to be able to quote regulations and requirements. 4. The following are some things that you can do to prepare to fill those knowledge gaps:a. Study the NISPOM and other reference document structure and understand where to find topic related information. Also, become familiar with key industry standard words found in the source documents. b. Join a study group. There you can study their material, ask questions and get feedback.c. Find a mentor. 5. Set a date. Join our reader list for more articles. Resources:How to Get U.S. Government Contracts and Classified Work.Insider's Guide to Security Clearancessecurity training NISPOM ISP® and ISOC certification. CDSE websiteNCMSNISPOM/FSO TrainingSecurity Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyRed Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Access Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Support the show (https://www.redbikepublishing.com/insidersguide/)
In the course of performing on classified defense contracts, exchange of classified information is inevitable. While, the movement of classified information outside of a secure environment is to be kept to a minimum, there are times it must be moved in fulfillment of requirements.As the senior industrial security manager in CDCs, the FSO leads the security program designed to protect classified information and prevent unauthorized disclosure. While working in the secure environment, contractors protect classified information under their control and cleared employees protect classified information entrusted to them. Classified Meetings:Prior to the start of a classified meeting either the government sponsor or the contractor representative should provide a security briefing notifying attendees of the classification of information to be discussed, whether or not taking notes is permitted and if so, how they will be controlled. For example, when classified notes are permitted, they will have to be properly marked, introduced into accountability and prepared for dissemination (hand carry with the attendee or mailed at a later date). The presentation is controlled to prevent the inadvertent and unauthorized release. Each attendee should also be reminded to remove any cell phones or other electronic devices.In the National Industrial Security Program Operating Manual (NISPOM), we have a similar package "reveal". Security specialists, document control professionals, facility security officers and others in possessing facilities may receive classified information, depending on the contract. Part of the receipt is the critical inspection of the package during the integration process. As they unwrap the package, the inspector is orienting themselves to better understand what they should be receiving. This begins by inspecting the package physically, then comparing the contents with the receipt. They are also searching for evidence of tampering or to otherwise to inspect that there has been no compromise of classified material since leaving the sender’s organization. I also recommend using current NISPOM for security training and ISP® and ISOC certification. Resources:How to Get U.S. Government Contracts and Classified Work.Insider's Guide to Security Clearances
The latest industry buzz is the “release of the new National Industrial Security Program Operating Manual (NISPOM)”. I’m putting air quotes in there, because an actual NISPOM has not been rewritten or re-released. There is no re-release of NISPOM, only a reorganization of the CFRs that duplicate National Industrial Security Program requirements.Conclusion: No new NISPOM (just a few additions)· 32 CFR part 117 and 32 CFR part 2004 are redundant requirements· DoD will no longer publish the DoD Manual 5220.22, NISPOM as a DoD policy issuance in 32 CFR part 117.· 32 CFR part 2004, “National Industrial Security Program” is now the standing CFR· NISPOM Change 2 is still a requirement that Cleared Defense Contractor (CDC) must followBackgroundA quick read will review that there actually is no new NISPOM. This information just codifies (fancy legal term for: arrange (laws or rules) into a systematic code.).You might know that the Director of National Intelligence (DNI) has had a large role in developing NISPOM. Primarily DNI oversees the protection of National Intelligence Information in the hands of the cleared defense contractors. Additionally, DNI has had executive roles In relation to the 2008 publication of E.O. 13467, “Reforming Processes Related to Suitability for Government Employment, Fitness for Contractor Employees, and Eligibility for Access to Classified National Security Information.Biggest Impact: Reporting based on 13 Adjudicative Criteria, SF-86, and SEAD 3 SEAD 3 identifies required reporting of data elements that are contained in the Standard Form-86, “Questionnaire for National Security Positions” used in requesting security clearance requests. This doesn’t seem to be a new requirement, but an emphasis as many FSOs have been providing this requirement in security awareness training.For more information on SEAD 3, check this out: https://www.dni.gov/files/NCSC/documents/Regulations/SEAD-3-awareness-briefing.pdfDon’t wait for a new version of NISPOM…yet. While there is no “new NISPOM”, there are some clarifying comments. I also recommend using current NAccess Commander by MathCraft We support the mission of FSOs, CSOs and other security professionals. Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelySupport the show (https://www.redbikepublishing.com/insidersguide/)
We are pleased to present the newest podcast. In this issue, we address security certification and security training because; New Year's Resolutions. ISP® AND ISOC Master Exam Prep is now available here and at most online book stores.Also, we've provided real world security discussions and frequently asked questions. These occasions have proven to be good opportunities to clarify understanding of security policies and the reasons we do what we do. We would love to hear your stories as well. We hope you continue to learn and benefit from our newsletter and products. If you are, please refer us to a friend or forward this newsletter with our appreciation. Stop by our advertisers websites as well. You just might find what you are looking for. Have you taken the next step to being competitive in the government contracts arena? If not, this article will provide information and tips based on a proven method of studying for and passing the exam. Why earn a certification?There are several reasons to achieve certification. One of which allows cleared defense contractor owners and employees to take advantage of opportunities offered in the recent Presidential Executive Order: National Security Professional Development. The Executive order states: "In order to enhance the national security of the United States...it is the policy of the United States to promote the education, training, and experience of current and future professionals in national security positions (security professionals)..."The National Strategy identified in the Executive Order provides a plan to give security professionals access to education, training to increase their professional experience in efforts to increase their skill level and ability to protect our nation's secrets.The ISP Certification is sponsored by NCMS (Society for Industrial Security) a professional organization specializing in protecting classified information. The ISP holder demonstrates a high level of knowledge in this area. The certification is based on the National Industrial Security Professional Operating Manual (NISPOM) but also covers electives such as: COMSEC, OPSEC, and other topics.Industrial Security Oversight Certification (ISOC) is sponsored by the Department of Defense and information can be accessed at https://www.cdse.edu/certification/Guidance for protection classified information that can be applied for training and certification: How to Get U.S. Government Contracts and Classified Work | Red Bike Publishing Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyMission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Support the show (https://www.redbikepublishing.com/insidersguide/)
Careers in Cleared Defense Contractors:I receive a lot of emails from people who wonder how to get into the Cleared Defense Contractor field. Many are looking for a career change and are curious about what kind of education and experience is needed to work as a security specialist in the defense and contractor industry. Industrial security is an outstanding field for someone with all ranges of experience to enter into. Some have been hired at an entry level job and have received promotions and additional responsibilities. Others have transferred full time to security after enjoying serving in an additional duty capacity. Career growth occurs as the contract and company expands or the employee takes on more responsibilities after hiring on with another company. Security managers can also move to higher level security positions as chief security officer or corporate security officer as experience meets opportunity.Consulting: Consultants are hired by a company to fill a need the organization is not prepared to meet. The consultants share office furniture, the water cooler and are hopefully made to feel as part of the team. In spite of being a well respected contributor to the cause, consultants do not always enjoy the same benefits of a regular employee. However, this difference should occur when working on classified contracts the consultant has been hire to perform on. Simply stated, though a consultant is not a regular employee, the NISPOM considers them an employee of the company that they represent. The contractor is expected to maintain the consultant’s clearance and assign classified work as specified in a contract. One thing that I like about security professional organizations like American Society of Industrial Security Professionals International (ASIS) is their emphasis on giving to the community. The group sponsors scholarships, provides security services and training opportunities designed to help non-profit or not for profit organizations. Churches, charities, and students benefit from the generosity of local and national security professionals. In my own community I began to look at examples of how security professionals could contribute in a meaningful way. Volunteering: The best examples I can give are what we have done in my neighborhood. For one organization in particular, I arranged for an FBI agent to present a small presentation on cyber security. The audience consisted of interested parties representing the community and various demographics. We had teachers, children, baseball teams and senior citizens all together for breakfast and training on a fine Saturday morning. The presenter gave valuable information derived from real data. The audience was appreciative and provided positive comments. This, of course was a few yearBennett Institute Online security clearance webinars and coaching. Providing security training and resources.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelySupport the show (https://www.redbikepublishing.com/insidersguide/)
In this issue, we've provided real world security discussions. These occasions have proven to be good opportunities to clarify understanding of security policies and the reasons we do what we do. Preparing for growth involves the FSO not only training and hiring security employees, but accurately calculating classified inventory storage and work performance needs. Meeting legitimate growth is another area where an FSO should be injected into strategic planning. Classified contract opportunities present themselves in many variations. Potential security professionals should not only be U.S. citizens with security clearances, but demonstrate competence in the tasks they are asked to do and a desire to perform. They should also have the ability to grasp and teach concepts of security to help keep the security fresh in the corporate culture. During the certification training, the new employee can enroll in government provided on-line and residence training, lessons provided by company personnel and directly under their manager's supervision. The end of day security checklists play a critical role in protecting classified items as well as personal, proprietary and company sensitive material. The end of day checklist is a procedure required in the NISPOM and other federal agency regulations. However, they could be implemented in any situation where privileged or sensitive items prove vulnerable to theft or espionage. "What defines this room as approved for open storage?" I had asked while consulting on a project a few years ago. I had been in the middle of a deep security application discussion. The whole time I realized that the security employees I consulted understood their responsibilities, but did not know why the security measures were in place or where to find the guidance. Resources:How to Get U.S. Government Contracts and Classified Work.Insider's Guide to Security ClearancesSecurity Clearance and NISPOM TrainingSecurity Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelyBennett Institute Online security clearance webinars and coaching. Providing security training and resources.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Support the show (https://www.redbikepublishing.com/insidersguide/)
Some security training and briefings are very discouraging for the work force. Many times, the training is the exact same video or presentation used year after year. So, if you go to my website www.redbikepublishing.com, you might find training and tests that do ask those types of questions. This topic is specifically about how to make your security training more effective for your work force. There are two types of training: for security professionals and for the workforce. So here are three problems I see with the current security training trend:1. Lack of training resourcesWhat is concrete is that there are various training topics required for cleared defense contractor employees, they include:· SF 312 Non-Disclosure Agreement briefing· Initial Security Awareness training· Annual Security Awareness Training· Derivative Classifier training· Insider Threat Training · other required training events and briefings2. One Size Fits allThere are many resources that busy security managers can draw upon to solve the problem of training the workforce. There are downloadable training topics available from vendors and government websites. The problem is, the training never grows up or ever requires growth from members of the cleared workforce. 3. Making a nation of Security ProfessionalsThe very resources we use to present to our cleared force comes from security professional targeted websites. Defense Counterintelligence and Security Agency trains security professionals and their courses are designed for that purposes. Because of problem statements 1 and 2, we are forced to use these canned presentations. In here the workforce is tested on their knowledge of security forms, how to conduct security investigations, and how to challenge classification. In fact they need to understand better that a cover sheet exists, how to recognize and report a violation, and what to do if something is over or under classified.The solution1. Begin with the Contract Security Classification Specification or DD Form 254. 2. &Bennett Institute Online security clearance webinars and coaching. Providing security training and resources.Red Bike Publishing Providing security clearance books, training, and resources for cleared defense contractors.Mission Driven Research, Inc Mission Driven Research, Inc is a growing company providing technical services to the US government.Security Defense Lawyer If you have had an event that could put your security clearance in jeopardy. contact Ron immediatelySupport the show (https://www.redbikepublishing.com/insidersguide/)
This blog continues the series describing what happens after the government grants you a security clearance. After receiving a job with a company or agency performing classified work, you’ll receive your onboarding training, which may have included the SF 312 Non-Disclosure Agreement, Initial Security Awareness, Derivative Classifier and other required training events and briefings. Even though the Facility Security Officer (FSO) brought you into the system, awarded your security clearance, and performed the required high-level training, there is still much more work to do to ensure you understand how to perform on classified contracts.The high-level training and onboarding is enough to get you “authorized” and prepared for the work. The rest of the preparation will come from other sources to include peers, supervisors and program managers. This training is usually provided on the job as you actually begin performing on the classified contract.This is how it might play out. The Government Contracting Agency (GCA) or program office flows down the classified work in the contract to the Cleared Defense Contractor (CDC). Part of the classified contract is the Contract Security Classification Specification or DD Form 254. According to the information on the DAMI website, the purpose of the DD Form 254 is to “…convey security requirements, classification guidance and provide handling procedures for classified material received and/or generated on a classified contract…” This DD Form 254 provides direct information to complete your training so that you can perform well. Keep in mind that if you will be working on multiple contracts, you should understand the contents for each contract.The DD Form 254 will explain the classification level that you will be working with. It is important to understand that this level will be at the same level or lower than your security clearance level. Therefore, you would need a Top Secret clearance to work on classified contracts at the Top Secret level or lower. The form may also state any additional classification concerns such as foreign government information, communications security (COMSEC) requirements, and more.The form also determines where you will perform the classified work. If the CDC facility has a possessing Facility Clearance (FCL), then you might perform work at that location. If the CDC facility has a non-possessing FCL, you will usually performed classified work at another location. For example, a cleared employee may not necessarily perform the classified portion of the work at their location based on guidance in the DD Form 254. As a result, any cleared employees have an office at their headquarters or company property, but perform classified work off-site at a government, research, or other cleared contractor location.While the FSO will provide the required NISPOM security training reflecting National Industrial Professional Operating Manual (NISPOM), your supervisor may give you more work specific training as you perform on the classified contract. Your supervisor will teach you how to write documents, assemble subsystems, collect raw data from sensors, or other specific work required by your contract. They will also teach you how to correctly mark, assemble, store and protect the classified work products.Websites Mentioned:www.bennettinstitute.comhttps://www.redbikepublishing.com/fsocertification/https://www.amazon.com/-/e/B002BM2LY8Support the show (https://www.redbikepublishing.com/insidersguide/)
Anchor points, counterintelligence, smart security, Defensive Information Countering Everything.Ray Semko is a security educator and a professional public speaker who is nationally known for his popular and motivating D*I*C*E security awareness briefings which he has been providing to American audiences for over twenty years.www.redbikepublishing.comSupport the show (http://www.redbikepublishing.com)
Over the years I've been asked the same question: "Can you help me get a security clearance? My answer is both yes and know. If the individual either owns a business and is competing for a classified contract or has a contractual need for a Facility Clearance, then they are eligible to pursue a security clearance. Likewise, if they work for a cleared defense contractor and require a security clearance to perform on classified work, then the answer is yes as well.Support the show (http://www.redbikepublishing.com)
Cleared defense contractors are required to integrate an insider threat program. The first step is to designate a “Senior Official” to establish and execute the insider threat programIn this episode we'll address: •Fundamentals of the Insider Threat Program (ITP)•Establishing an ITP•ITP Definitions•Insider Threat Impact on Industry•ITP Training RequirementSupport the show (http://www.redbikepublishing.com)
One of the best ways to protect proprietary, export controlled, or other sensitive information is through a communications strategy. Learn what a communication strategy is and how to apply it in today's podcast.Support the show (http://www.redbikepublishing.com)
Drug Involvement is one of the 13 adjudicative criteria which could lead to the denial or revocation of a security clearance. Even so, marijuana and opioids continue to be a concern for many applicants.While drug involvement can raise questions about loyalty, reliability, and ability to protect classified information for initial security clearance assessments, how do they validate drug use? Are drug tests required? How do you report drug usage?Support the show (http://www.redbikepublishing.com)
In this webinar, Randy Trzeciak, Technical Manager of the CERT Insider Threat Center, described the summary of new requirements mandated by NISPOM Change 2 and the impact it will have on DoD contracting organizations.
In today's podcast, we hear about an international take down of the Avalanche cybercrime ring. (Bravo, FBI…and others.) A vulnerability in AirDroid is reported—you can find the app in the Google Play Store. Russia says there's a plot afoot to hack its banks and spread financial panic. US Senators tell the White House they want to know more about Russian attempts to influence US elections. This week has seen more Mirai DDoS, a resurgence of Shamoon, and another round of WikiLeaks doxing. There are also changes to NISPOM and Rule 41 in the US, and Ben Yelin from the University of Maryland Center for Health and Homeland Security fills us in on that. Denim Group's John Dickson helps us understand what we might expect from the coming Trump presidency. In the UK the Snooper's Charter received Royal assent. And what do pacemakers and e-cigarettes have in common? Malware.