While Facility Security Officers, government and military employees do an incredible job at training employees, implementing and directing security programs to protect classified information, a more menacing threat is still left unchecked.
The security industry spends terrific amounts of money fortifying and constructing buildings based on best practices and not entirely on a risk assessment. The NISPOM and other regulations advise on focusing protection and reducing costs. However, without a proper risk assessment, they may fall short of meeting legitimate threats. The current practice makes it very difficult for someone to break in and steal secrets. In light of addressing best practices, the main threat should not be overlooked or neglected. For example, when was the last time you read of buildings being broken into and safes blasted open or being cracked to obtain our nation's secrets? Facility security officers and industrial security professionals should develop measures to safeguard classified information at the highest level indicated. Employees should be trained to perform on these contracts based on NISPOM Guidance. This training includes:
Non Disclosure Agreement (SF 312)
Security Awareness Initial and Annual Refresher
Insider Threat
A buzz is sweeping the security community since the industry has been notified of the recent updates to DoD's CUI program based on the presidential memorandum with the subject, Designation and sharing of Controlled Unclassified Information (CUI). This memorandum implements a program designed to encourage the speedy sharing of information to those authorized and to better protect the information, privacy and legal rights of Americans. The CUI program is designed to promote proper safeguarding and dissemination of unclassified information.
Many readers may be familiar with the program CUI has replaced. Sensitive But Unclassified (SBU) information had enjoyed protection to a certain level but was not conducive to the necessary information sharing. Controlled Unclassified Information (CUI) directives provide procedures for a more appropriate Information Sharing Environment.
Security Defense Lawyer