Www.ispcert.com DEFENSIVE SECURITY BRIEFING. Employee Responsibilities While Traveling Threat Awareness and Defensive Information Methods.

www.ispcert.com

DEFENSIVE SECURITY BRIEFING

www.ispcert.com

Employee Responsibilities While Traveling

Threat Awareness and Defensive Information

Methods of Contact

Countermeasures

Test

CONTENTS

This briefing is designed to prepare you the “cleared employee” for overseas travel. You have responsibilities to protect our employees, product, customers and those we do business with while you are traveling

www.ispcert.com

Notify FSO of travel plans

Ensure proper travel documentation

Protect export controlled technology and classified information

Visit the State Department website for up to datetravel information www.state.gov

EMPLOYEE RESPONSIBILITIES

www.ispcert.com

Notification to FSO includes travel plans for Canada, Mexico and Caribbean Countries

The state department website informs you of necessary travel documentation. Familiarize yourself with the site and use it to become an informed international traveler www.state.gov

Exports Compliance: Technical data can be transferred by reading a note, viewing a computer screen, conducting seminars and etc. Make sure you are authorized with a license and or TAA before discussing technical data that falls under exports compliance.

EMPLOYEE RESPONSIBILITIES

www.ispcert.com

Maintain professional bearing

Remain in contact with host

Travel with others when possible

Display wealth as little as possible

Learn customs and courtesies of host country

EMPLOYEE RESPONSIBILITIES

www.ispcert.com

EMPLOYEE RESPONSIBILITIES

Conduct yourselves as professionals at all times. Pretend you are travelling with the CEO (or title of highest ranking officer) as you represent the company

Stick with your host-They will ensure your safety and refer you to reputable establishments

Travel in a group to make yourself as unattractive target of opportunity

www.ispcert.com

Protect Privileged Information (Classified, Proprietary, For Official Use Only and Sensitive Information) While Traveling

This information includes:Carryon baggageLaptop computersConversations

EMPLOYEE RESPONSIBILITY

www.ispcert.com

Company employees should bring a sanitized computer while on travel. You can almost guarantee that you will be separated from your laptop at some point during customs checks. A sanitized computer provides no threat of exports violations or theft of economic or corporate data.

Keep all information that could lead to export violations or the release of proprietary data close at hand.

Company employees cannot transport classified material across international borders.

EMPLOYEE RESPONSIBILITY

www.ispcert.com

Foreign ThreatEconomic Classified informationIntelligence

Conduct Risk AnalysisWho is targetingWhat do they wantHow do they get it

THREAT AWARENESS AND DEFENSE

www.ispcert.com

Economic Threat– theft of technology and commerce. Foreign entities may target classified or company sensitive information to gain a competitive edge. This costs millions of dollars in damage to U.S. business

Intelligence Threat-Collection efforts against the U.S. to increase for government power and competitive edge.

THREAT AWARENESS AND DEFENSE

www.ispcert.com

When conducting analysis of threat ask the following questions: What do we have?

What is our technology, defense or economic product

What do they want? The product the foreign entity or government have the most to gain

How can they get it? Where are we vulnerable

What efforts can we take to prevent unauthorized disclosure? Training

Recognizing the threat How to react to the threat

Reporting How and what to report

THREAT AWARENESS AND DEFENSE

www.ispcert.com

Could you be a target overseas? Who are you and what will you do?

Science conventionAir showsBusiness meetings

Conduct Risk Analysis

www.ispcert.com

Will you be speaking? Are you approved for a certain subject? Watch for the cancellation and topic change

For example, suppose you are approved to speak on the topic of a radar’s effects on bird migration. The foreign host may inform you that the conference has changed and they need you to present the subject of the weather’s effects on a specific radar.

What business will you be conducting? Is it approved? Make sure to stay on target

For example, suppose you have approval to present a business opportunity for a teaming effort on your company’s refractor lenses for a foreign government’s telescope. The foreign entity brings the discussion to focus light beam intensity. Same product, different capabilities.

Conduct Risk Analysis

www.ispcert.com

Some factors that could increase the possibility Your access Overseas locations Ethnic, racial, or religious background

COULD YOU BE A TARGET

www.ispcert.com

Just as in real estate, location is important. Your position, responsibilities and geographic location are circumstantial and may increase your chances of being targeted for recruitment.

Also, your background may cause you to be vulnerable. Foreign operatives may play on your sympathy if you have ties to foreign countries. It is important to always report foreign relations to the FSO

It is important to note that all the above factors that increase the chances of a person selected or initial targeting and assessment are circumstances you have little or no control over.

Most foreign contacts are perfectly legitimate and well meaning. Your ability to recognize the few who are not will help you avoid problems. It will also help your security officer help others avoid problems.

COULD YOU BE A TARGET

www.ispcert.com

You have no control over whether or not you are targeted

Most foreign contacts are perfectly legitimate and well meaning

COULD YOU BE A TARGET

www.ispcert.com

Your present situation may cause you to look vulnerable, but it doesn’t mean you will be targeted. Also, you may be targeted even if your circumstances aren’t as above. It’s all out of your control. However, you can control your actions and how you react to assessment and recruiting efforts.

Your ability to recognize the few who are not will help you avoid problems. It will also help your security officer help others avoid problems.

COULD YOU BE A TARGET

www.ispcert.com

Who Could Target You?Third party spiesStudentsConvention AttendeesThe next table overAnyone

Conduct Risk Analysis

www.ispcert.com

When traveling overseas, things may not be the way they seem. Friendly encounters, business meetings, symposiums and etc could provide a fertile market for collection efforts.

Remain vigilant, but remember to obey laws and practice local customs and courtesies if they don’t violate ethics.

Report all suspicious contacts to security

Conduct Risk Analysis

www.ispcert.com

Collection effortsElicitation EavesdroppingSurveillanceTheft Interception

THREAT AWARENESS AND DEFENSE

www.ispcert.com

Elicitation-Subtle form of questioning where conversation is directed to collect information- It is a different method than direct questioning and is hard to recognize

Example of Elicitation can be found in the recent case of Ben-Ami Kadish, who gave secrets to Israel. His handler, who also handled a spy name Pollard, smoothly convinced him to turn over documents to help maintain the security of Israel. Kadish received small gifts and private dinners. http://www.washingtonpost.com/wp-dyn/content/article/2008/04/22/AR2008042202590.html?wpisrc=newsletter

Eavesdropping-Listening in to get information

Surveillance-Watching target unobserved

THREAT AWARENESS AND DEFENSE

www.ispcert.com

Today’s business puts many employees in contact with foreign entities. Some of these contacts can lead to elicitation Elicitation is different than direct recruitment

Subtle, but enough to obtain privileged information Listen to your gut; if the conversation feels wrong…

Change the topic and move onA reluctant prospect may not be pressed into service

A WORD ABOUT ELICITATION

www.ispcert.com

Economical need for information is strong Spies look and act like normal people Any traveler can be assessed Privileged information is damaging Report suspicious situations

KEEP YOUR EYES OPEN

www.ispcert.com

Organized Government Services Could:Follow you Sneak into your quartersTap your communications Arrange audio and video coverage Use guides and interpreters

WHAT’S THE WORSE THAT COULD HAPPEN?

www.ispcert.com

Security or foreign intelligence services are activeThey can and do review Visa requestsYou may be assessed

At the very least, these services may “debriefed” some of your foreign contacts

If you are of interest, the next step is Recruitment

WHAT’S THE WORSE THAT COULD HAPPEN?

www.ispcert.com

Remain non-committal if approached Report all suspicious activities to FSO Practice smart information systems security Escort visitors

COUNTERMEASURES

More than 140 countries actively target US information-Largest collection effort since the cold war

www.ispcert.com

Report to Security for a debriefing Bring any notes Be open and honest

WELCOME HOME

www.ispcert.com

• Click on the correct answers

TEST

www.ispcert.com

1. Which of the following are factors that may make you a target of espionage:A. Ethnic background B. Annual incomeC. Rental car

2. Where might a foreign service glean privileged information

A. Magazines you read

B. TV shows you watch

C. Products you buy

D. Conversations you have

3. While traveling, you have control over all situations

A. True

B. False

4. All are examples of collection methods EXCEPT:

A. Elicitation

B. Surveillance

C. Currency exchange

D. Eavesdropping

TEST-SELECT THE CORRECT ANSWER

www.ispcert.com

5. Which of the following are the most correct countermeasures of a solicitation effortA. Agree to provide then contact the authoritiesB. Say “no” and then contact the authoritiesC. Continue the conversation so as not to offend the hostD. Make attempts to change the subject

6. Most foreign contacts are well meaning and legitimate

A. True

B. False

TEST-SELECT THE CORRECT ANSWER

www.ispcert.com

CERTIFICATE