Security Education: Mandatory Briefings and Training for Accessing Classified Information, Schemes and Mind Maps of Design

The importance of security education in ensuring individuals have the necessary skills, knowledge, and information to handle classified information securely. It outlines the required briefings and training for DOD personnel and industry contractors, including initial, refresher, insider threat, and termination briefings. It also covers the goals of security education and the consequences of non-compliance.

Typology: Schemes and Mind Maps

2021/2022

Uploaded on 08/05/2022

dirk88
dirk88 🇧🇪

4.4

(222)

3.1K documents

1 / 64

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
GS104.06
Developing a Security Education and Training Program
Student Guide
Developing a Security Education and Training Program
Introduction
Course Overview
Working with classified information carries significant responsibilities. Organizations and
individuals who handle classified information are charged with keeping it safe from accidental or
intentional compromise.
As an employee responsible for managing a security program, you have a special duty to ensure
that every individual in your organization is aware of their responsibilities in safeguarding
classified information.
Welcome to the Developing a Security Education and Training Program course. In this course
you will learn not only the policy requirements for a security education program, but also some
best practices for developing and implementing such a program and a variety of instructional
strategies and methods you can use to do so.
Course Objectives
Here are the course objectives. Take a moment to review them.
Course Objectives:
State the purpose of a security education and training program.
Identify security education and training policy requirements for DOD and Industry
personnel.
Describe and define the types of required security briefings for all cleared personnel.
Identify the various audiences of a security program.
Discuss the training requirements for Industry and the DOD.
Identify and define the types of briefings and other training required for specific
roles/activities.
Identify the various types of special briefings and recognize when they are required.
Identify the characteristics of a successful security education program.
Identify how each of the components of the ADDIE model help in selecting and
developing appropriate instructional methods.
Identify potential roadblocks to implementing a successful security education program
and strategies for overcoming those roadblocks.
Identify the components and purpose of program evaluation and oversight.
CDSE
Page 1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40

Partial preview of the text

Download Security Education: Mandatory Briefings and Training for Accessing Classified Information and more Schemes and Mind Maps Design in PDF only on Docsity!

Student Guide

Developing a Security Education and Training Program

Introduction

Course Overview

Working with classified information carries significant responsibilities. Organizations and individuals who handle classified information are charged with keeping it safe from accidental or intentional compromise.

As an employee responsible for managing a security program, you have a special duty to ensure that every individual in your organization is aware of their responsibilities in safeguarding classified information.

Welcome to the Developing a Security Education and Training Program course. In this course you will learn not only the policy requirements for a security education program, but also some best practices for developing and implementing such a program and a variety of instructional strategies and methods you can use to do so.

Course Objectives

Here are the course objectives. Take a moment to review them.

Course Objectives:

  • State the purpose of a security education and training program.
  • Identify security education and training policy requirements for DOD and Industry personnel.
  • Describe and define the types of required security briefings for all cleared personnel.
  • Identify the various audiences of a security program.
  • Discuss the training requirements for Industry and the DOD.
  • Identify and define the types of briefings and other training required for specific roles/activities.
  • Identify the various types of special briefings and recognize when they are required.
  • Identify the characteristics of a successful security education program.
  • Identify how each of the components of the ADDIE model help in selecting and developing appropriate instructional methods.
  • Identify potential roadblocks to implementing a successful security education program and strategies for overcoming those roadblocks.
  • Identify the components and purpose of program evaluation and oversight.

Student Guide

Course Structure

This course is organized into the lessons listed here.

Lessons:

  • Course Introduction
  • Introduction to Security Education and Training Requirements
  • Basic Security Briefing Requirements
  • Special Briefings and Other Training
  • Developing an Effective Security Education Program
  • Course Conclusion

Student Guide

What Is Security Education?

In order to develop an effective security education and training program, it is essential to have a strong understanding of what security education is and what it should achieve. There are, of course, regulatory requirements that outline what must be covered in such a program, and we will cover those requirements throughout this course. But it is also a valuable exercise for individuals responsible for providing security education and training to reflect on its purpose.

Security education is any activity undertaken to ensure that people have the skills, knowledge, and information to enable quality performance of security functions and responsibilities, understand security program policies and requirements, and maintain continued awareness of security requirements and intelligence threats.

An effective security education and training program enables cleared personnel to protect classified national security information and meet their security responsibilities. The success of such a program depends on four components: training, which instructs personnel in their specific security responsibilities; education, which informs personnel about underlying rationale and the importance of those responsibilities; and awareness, which ensures personnel remain continuously alert to security threats and vulnerabilities. Underlying all these components is motivation, or what instills in personnel a desire and commitment to be proactive in the execution of their security responsibilities.

Security Education and Training:

  • Enables quality performance of security functions and responsibilities
  • Provides understanding of security program policies and requirements
  • Ensures awareness of security requirements and intelligence threats
  • Establishes, enhances, and maintains quality security Basic Elements Pop-up:

Basic Elements - TEAM Model suggested by Carl A. Roper, Joseph A. Grau, and Dr. Lynn F. Fischer in their book, Security Education, Awareness and Training.

Goals Pop-up:

The goals of a security education and training program are many. The most important outcome of effective security education is that it safeguards national security and protects the warfighter by improving the quality of the security program. More specifically, security education and training make personnel aware of their responsibilities and of the penalties and consequences of noncompliance.

Security education should also communicate threats to classified and sensitive information, promote security best practices and security awareness and provide guidance on how to apply security requirements. Perhaps most overlooked, a truly successful security education program will also attempt to dispel any negative attitudes and debunk any myths personnel hold regarding security requirements.

Major Goals of Security Education and Training:

Student Guide

  • Safeguard national security
  • Protect the warfighter
  • Improve the quality of security programs
  • Inform personnel of their security responsibilities and promote quality performance
  • Inform personnel of the penalties and consequences of noncompliance
  • Communicate threats to classified and sensitive information
  • Promote security best practices
  • Promote security awareness
  • Provide guidance on how to apply security requirements
  • Dispel negative attitudes and perceptions

Nondisclosure of Classified Information

The overarching legal requirement for security education appears in three executive orders: Executive Order 13526, which prescribes the “uniform system for classifying, safeguarding, and declassifying national security information”; Executive Order 12968, Access to Classified Information, the national level policy that identifies the requirement for Employee Education and Assistance; and Executive Order 12829, upon which the National Industrial Security Program is based. Executive Order 13526 mandates that for individuals to gain access to classified information, they must meet three criteria:

First, the individual must have been granted a security eligibility at the level of classification of the information to be accessed. Second, the individual must sign a Standard Form 312, or SF- 312, also known as the Classified Information Nondisclosure Agreement. Third, the individual must have a need-to-know the information. Prior to signing SF-312, the individual must receive a security briefing on the nature and protection of classified information. This briefing may either occur during the individual’s initial briefing or upon receiving eligibility, as long as the form is signed prior to access to classified information. The Information Security Oversight Office, (ISOO), provides a Briefing booklet with the information that should be covered in this initial security indoctrination.

Security Education and Training Requirements

As you learned, there are three Executive Orders that provide the legal requirement for security education. Executive Order 13526 mandates that every person who receives a favorable determination of eligibility for access receive training on the proper safeguarding of classified information and the sanctions imposed on those who fail to appropriately protect such information.

Additionally, it authorizes the Director of the Information Security Oversight Office, under the direction of the Archivist and in consultation with the Assistant to the President for National Security Affairs, to establish standards for agency security education and training programs. The order also lays out the requirement for agency heads to designate senior agency officials to establish and maintain these programs.

Executive Order 12968, Access to Classified Information, requires that agency heads educate

Student Guide

will be discussed in detail later in this course. In addition to the basic briefings listed here, this course will also discuss security briefings required under special circumstances.

DD Form 441:

  • Contractual responsibility to develop an effective security program in accordance with the NISPOM NISPOM
  • Chapter 3: Security Training and Briefings o FSO Training o Insider Threat Training o Government-Provided Briefings o Initial Security Briefings o Refresher Training o Debriefings

Review Activity 1

Question (Multiple response)

Which of the following are goals of ongoing security education and training?

Select all that apply.

o Safeguard national security o Inform personnel of the penalties and consequences of non-compliance o Prevent personnel from learning of threats to classified information o Dispel negative attitudes and perceptions regarding security practices o Provide guidance on how to apply security requirements o Eliminate the need for formal security briefings

Answer: Of the items listed, Safeguarding national security; Dispelling negative attitudes and perceptions regarding security practices; Informing personnel of the penalties and consequences of non-compliance and; Providing guidance on how to apply security requirements are goals of ongoing security education and training.

Review Activity 2

Drag and Drop

Match each document to its description.

o DD FORM 441 o NISPOM o DODM 5200.01 Volumes 1- o DODM 5200.

Student Guide

o Executive Order 12968 o Standard Form SF-

Descriptions

  • Regulation mandating security education for DOD employees
  • Contractual agreement establishing Industry’s security responsibility
  • The manual that includes the security education requirements for Industry
  • The form all personnel must sign to access classified information
  • Regulation mandating training prior to access to classified information The overarching policy that mandates security education

Answers:

  • DODM 5200.02: Regulation mandating security education for DOD employees
  • DD Form 441: Contractual agreement establishing Industry’s security responsibility
  • NISPOM: The manual that includes the security education requirements for Industry
  • SF-312: The form all personnel must sign to access classified information
  • DODM 5200.01 Vol 1-3: Regulation mandating training prior to access to classified information
  • E.O. 12968: The overarching policy that mandates security education

Summary

In this lesson, you learned about the purpose and importance of security education. You also learned about the policy documents that mandate security education and the key goals for a security education program.

Security Education and Training:

  • Establishes, enhances, and maintains quality security program
  • Mandated by E.O. 13526 and E.O. 12968
  • Implemented in DODM 5200.01 Vol. 1–3 and DODM 5200.02 for DOD personnel
  • Implemented in the NISPOM for Industry through E.O. 12829
  • Required prior to signing of SF- Key Goals:
  • Safeguard national security
  • Protect the warfighter
  • Improve the quality of security programs
  • Communicate threats to classified and sensitive information
  • Promote security best practices
  • Promote security awareness
  • Provide guidance on how to apply security requirements
  • Dispel negative attitudes and perceptions

Student Guide

SF-312 Pop Up: Standard Form 312, Classified Information Nondisclosure Agreement

DOD Initial Briefings

The DOD has implemented the requirement for an initial security briefing in the following manuals: in Volume 3 of DODM 5200.01, the DOD Information Security Program, and in DODM 5200.02, Procedures for the DOD Personnel Security Program.

While the requirements laid out in the two manuals are similar in that both discuss the protection of classified information, they focus on different aspects of that important responsibility. The Initial Orientation mandated in the DODM 5200.01, Volume 3 outlines the classification system and establishes the policies that all employees must follow to protect classified information. The Initial Briefing mandated in the DODM 5200.02, on the other hand, focuses more on specific threats to classified information and job-specific actions to protect that information.

Information Security Initial Orientation:

DODM 5200.01 Volume 3 requires that all personnel in the organization, including DOD civilians, military members, and on-site support contractors, shall receive an initial orientation. The regulation suggests that the initial orientation should include the following: an explanation of security roles and responsibilities, such as the Senior Agency Official and Agency Security Personnel; a discussion of the elements of classifying and declassifying information, including a definition of the levels of classification, the process for declassification, and the procedures for challenging a classification status; and the elements of safeguarding, including proper safeguarding procedures, what constitutes compromise of classified information, and the procedures for transmitting classified information.

The DODM 5200.01, Volume 3 also requires an orientation briefing for personnel who are not eligible for access to classified information as they may inadvertently come into contact with classified information in their normal work environment. The initial briefing for uncleared personnel should include a brief explanation of the classification system and its importance and the steps they should take if they discover unsecured classified information or notice a security vulnerability.

Cleared Personnel:

  • Security roles and responsibilities
  • Elements of classifying and declassifying information
  • Elements of safeguarding Uncleared Personnel:
  • Always a possibility for inadvertent contact with classified information
  • Actions to take on discovery of unsecured classified information or a security vulnerability

Student Guide

More:

Security roles and responsibilities include the:

  • Senior Agency Official
  • Agency Security Personnel
  • Agency employees who create or handle classified information
  • Point of contact for questions or concerns about security matters Training should address the security responsibilities of each role and who should be contacted in case of questions.

The initial briefing should discuss elements of classifying and declassifying information, including:

  • Definition and importance of classification
  • Levels of classification and damage criteria associated with each level
  • Classification markings
  • General requirements for declassifying information
  • Procedures for challenging classification status The briefing should discuss elements of safeguarding, including:
  • Proper procedures
  • What constitutes compromise of classified information
  • General conditions and restrictions for access to classified information
  • Steps to take when standards have been violated
  • Steps to take in an emergency evacuation
  • Appropriate policies and procedures for transmission of classified information

Personnel Security Initial Briefing:

DODM 5200.02 requires training for all individuals cleared for access to classified information, as well as any individuals with duties requiring a trustworthiness determination. This training must include security requirements specific to their particular job, techniques employed by foreign intelligence entities to obtain classified information, employee responsibility for reporting those attempts, the prohibition against disclosure of classified information to unauthorized individuals, the responsibility for continuous evaluation of one’s own and others’ security activities, and the penalties that may be imposed for security violations.

Topics covered:

  • Specific security requirements for particular job
  • Techniques employed by foreign intelligence entities
  • Employee responsibility to report
  • Prohibition against unauthorized disclosure of classified information
  • Responsibility for continuous evaluation
  • Penalties for security violations

Student Guide

More: In addition to the DCSA website, you may wish to access some of the following resources:

  • Military CI office: DCSA Counterintelligence (CI) professionals and CI Special Agents (or CISAs) work closely with military CI components and other agencies in an effort to help you recognize potential threats.
  • Local Federal Bureau of Investigation (FBI): Contact your local FBI office and arrange to sponsor or participate in an Awareness of National Security Issues and Response, or ANSIR, briefing, or a Domain Initiative and Infraguard briefing.
  • Defense Intelligence Agency (DIA)
  • Department of State (DoS)
  • Immigration and Custom Enforcement (ICE)
  • For Industry: DCSA Industrial Security Rep (ISR): Request assistance in obtaining threat information that is relevant and available for your company. If you have employees stationed or traveling overseas, or working with a specific country, contact your ISR for information on that country. DCSA CISA: Defense Counterintelligence and Security Agency Counterintelligence Special Agent

CI: Counterintelligence

Counterintelligence Awareness

The next topic included in the initial security briefing is counterintelligence awareness. The primary counterintelligence awareness tools are employee vigilance and awareness of threats. Cleared employees should be made aware that they may be targeted by foreign intelligence entities and must be sure to have the proper authority to release information to foreign nationals, if so required, prior to allowing them access.

Perhaps even more dangerous than external perpetrators of espionage are internal employees who have been compromised. There are several common warning signs of an insider threat, of which all employees should be aware. They include attempts to gain access to classified information without a valid need-to-know or without the required security eligibility, unauthorized reproduction or removal of classified material from the work area and deliberate destruction of documents, unexplained affluence, and foreign travel on a regular basis and without sufficient explanation.

Topics:

  • Employees must be: o Aware of the danger of espionage o Cautious when in contact with foreign nationals o Vigilant to internal and external threats
  • Warning signs: o Attempts to gain unauthorized access to classified or sensitive information

Student Guide

o Unauthorized reproduction or removal of classified material o Unexplained affluence o Foreign travel without sufficient explanation

Classification System

All employees must have a thorough understanding of the security classification system. The initial briefing should cover the difference between original and derivative classification, the three levels of classified information, the procedures for classifying and marking information, the importance of having and maintaining a system of control measures to ensure that classified information is available only to authorized individuals, the importance of appropriate controls and safeguards to protect classified information, prohibitions against the improper use of classified information and the abuse of the classification system, and procedures for challenging classification decisions. In addition, the initial briefing should also cover what Controlled Unclassified Information (CUI) is and the importance of protecting it.

Security Classification System Overview:

  • Original vs. derivative classification
  • Classification levels
  • Proper classification and marking
  • Maintaining a system of control measures, such as an information management system (IMS)
  • Control safeguards
  • Prohibitions against improper use and abuse of classification system
  • Procedures for challenging classification decisions
  • Importance of protecting CUI

CUI: Controlled Unclassified Information- As defined in the 32 CFR 2002.4(h), CUI is information the Government creates or possesses, or that an entity creates or possesses for or on behalf of the Government, that a law, regulation, or Government-wide policy requires or permits an agency to handle using safeguarding or dissemination controls. In accordance with DODI 5200.48, CUI does not include classified information or information a non- executive branch entity possesses and maintains in its own systems that did not come from, or was not created or possessed by or for, an executive branch agency or an entity acting for an agency.

Continuous Evaluation and Reporting

Any security program is based to a large extent on individual trust and responsibility, and employee evaluation and reporting requirements are critical elements in the program. As part of the initial briefing, you must inform employees of their individual responsibility for continuous evaluation, or CE, and reporting.

Student Guide

o Any loss, compromise, or suspected compromise of classified information in your possession or in the possession of another person o Receipt of classified material not related to a classified contract, project, or program for which no safeguarding or disposition instructions have been received o Any instances in which classified material is out of the control of the custodian or which cannot be readily located

  • Any adverse information related to oneself or another cleared individual to include information on: alcohol and drug abuse, criminal activity, relationships/friendships with foreign nationals, mental health problems, or financial difficulties, financial irresponsibility, or unexplained affluence
  • Change in name, residence, or marital status
  • Any instances, in which an employee desires not to perform on classified work, declines to accept security responsibility, or requests to terminate eligibility or eligibility processing

Cybersecurity Awareness

The Cybersecurity portion of the briefing should include the definition of cybersecurity, explain that it is authorized for all information system users, and covers some of the "dos" and "don’ts" of cybersecurity. Cybersecurity training and awareness products developed by DISA will be used to meet the baseline user awareness training.

Topics:

  • Define cybersecurity
  • Authorized for all information system users
  • Dos" and "don’ts" of cybersecurity

Job-Specific Security Responsibilities

The last topic that needs to be covered in the initial briefing are job-specific security procedures and duties. These are security responsibilities that are tailored to specific job roles. For example, an administrative specialist would have very different concerns in protecting classified information than would an engineer.

For an engineer, you might stress procedures regarding scientific meetings where representatives of foreign countries will attend and the procedures pertaining to working papers. Remember that this briefing should be as specific and thorough as you can make it, with as much hands-on demonstration of security procedures as possible.

Job-Specific Security Responsibilities:

  • Tailored to specific job roles

Student Guide

Refresher Training & Continuing Education

The DODM 5200.01,Volume 3, DODM 5200.02, and the NISPOM all mandate that all cleared personnel attend refresher training at least annually. Refresher training must reinforce the information covered in the initial briefing and in any specialized training including security policies, principles, and procedures, and penalties for engaging in espionage and other security violations. This training must address new threats and foreign intelligence techniques and discuss any changes in security regulations. It should also address any issues or concerns identified during security inspections and self-inspections. The content and format of refresher briefings should be tailored to meet the needs of the audience of experienced personnel.

In addition to annual refresher training, the DODM 5200.01, Volume 3 requires continuous and ongoing education for all cleared personnel. This continuing education should supplement periodic briefings, training sessions, and formal presentations and may take the form of informational and promotional efforts or job performance aids. Maintaining records of attendance at refresher training sessions allows you to keep track of who has received the training. These records must include the topics covered in the session and the names of all attendees.

Refresher Training:

  • Performed at least annually
  • Reinforce contents of initial briefing, including: o Policies, principles, and procedures o Penalties for engaging in espionage
  • Address new threats and techniques and changes in security regulations
  • Address issues or concerns identified during self-inspections
  • Tailored to meet the needs of experienced personnel Continuing Education:
  • Supplement formal briefings
  • Informational and promotional efforts
  • Job performance aids More: Refresher training methods may include:
  • Group briefings
  • Interactive videos
  • Training sessions
  • Online courses
  • Job performance aids
  • Promotional efforts
  • Bulletins
  • Newsletters
  • Security awareness meetings

Student Guide

BASIC BRIEFING TYPES

Type References Briefing Notes DOD or Industry?

Initial NISPOM Topics: Industry Briefing (^) • Threat awareness

  • Counterintelligence awareness
  • Overview of the security classification system
  • Reporting obligations and requirements to include insider threat
  • Cybersecurity training
  • Security procedures and duties applicable to employee's job

Information Security Initial Orientation

DODM 5200.01, Vol. 1–

Focus: Classification system

  • Cleared Personnel o Roles and responsibilities o Elements of classifying and declassifying information o Elements of safeguarding
  • Uncleared Personnel o May come into inadvertent contact with classified information o Actions to take on discovery of unsecured classified information or a security vulnerability

DOD

Personnel DODM Focus: Threats to classified information and job- DOD Security 5200.02 12.1.c. specific actions to protect information Initial (^) • Specific security requirements for particular Briefing (^) job

  • Employee responsibility to report
  • Techniques employed by foreign intelligence entities
  • Prohibition against unauthorized disclosure of classified information
  • Responsibility for continuous evaluation
  • Penalties for security violations

Student Guide

Threat DODM Topics DOD and Awareness 5200. NISPOM

  • Define foreign intelligence threat and identify espionage techniques
  • Provide historical overview
  • Discuss new threats
  • Provide examples of famous espionage cases where classified information was compromised
  • Identify targeted information or technologies
  • Sources on current threat information

Industry

Counter- intelligence Awareness

DODM

NISPOM

Topics

  • Employees must be: o Aware of the danger of espionage o Cautious when in contact with foreign nationals o Vigilant to internal and external threats
  • Warning signs: o Attempts to gain unauthorized access to classified or sensitive information o Unauthorized reproduction or removal of classified material o Unexplained affluence o Unreported foreign travel

DOD and Industry

Continuous Evaluation and Reporting Obligations

DODM

NISPOM

Topics

  • Make sure employees understand the nature of continuous evaluation and reporting requirements o Self-reporting o Reporting on others
  • Goal: To protect the employee and counter possible intelligence threats
  • Roles and responsibilities in continuous evaluation
  • Types of required reports o Suspicious contacts o Security violations or infractions o Adverse information o Change in employee status o Sabotage, espionage, and any subversive or suspicious activity

DOD and Industry