www.ispcert.com DEFENSIVE SECURITY BRIEFING
Dec 25, 2015
www.ispcert.com
Employee Responsibilities While Traveling
Threat Awareness and Defensive Information
Methods of Contact
Countermeasures
Test
CONTENTS
This briefing is designed to prepare you the “cleared employee” for overseas travel. You have responsibilities to protect our employees, product, customers and those we do business with while you are traveling
www.ispcert.com
Notify FSO of travel plans
Ensure proper travel documentation
Protect export controlled technology and classified information
Visit the State Department website for up to datetravel information www.state.gov
EMPLOYEE RESPONSIBILITIES
www.ispcert.com
Notification to FSO includes travel plans for Canada, Mexico and Caribbean Countries
The state department website informs you of necessary travel documentation. Familiarize yourself with the site and use it to become an informed international traveler www.state.gov
Exports Compliance: Technical data can be transferred by reading a note, viewing a computer screen, conducting seminars and etc. Make sure you are authorized with a license and or TAA before discussing technical data that falls under exports compliance.
EMPLOYEE RESPONSIBILITIES
www.ispcert.com
Maintain professional bearing
Remain in contact with host
Travel with others when possible
Display wealth as little as possible
Learn customs and courtesies of host country
EMPLOYEE RESPONSIBILITIES
www.ispcert.com
EMPLOYEE RESPONSIBILITIES
Conduct yourselves as professionals at all times. Pretend you are travelling with the CEO (or title of highest ranking officer) as you represent the company
Stick with your host-They will ensure your safety and refer you to reputable establishments
Travel in a group to make yourself as unattractive target of opportunity
www.ispcert.com
Protect Privileged Information (Classified, Proprietary, For Official Use Only and Sensitive Information) While Traveling
This information includes:Carryon baggageLaptop computersConversations
EMPLOYEE RESPONSIBILITY
www.ispcert.com
Company employees should bring a sanitized computer while on travel. You can almost guarantee that you will be separated from your laptop at some point during customs checks. A sanitized computer provides no threat of exports violations or theft of economic or corporate data.
Keep all information that could lead to export violations or the release of proprietary data close at hand.
Company employees cannot transport classified material across international borders.
EMPLOYEE RESPONSIBILITY
www.ispcert.com
Foreign ThreatEconomic Classified informationIntelligence
Conduct Risk AnalysisWho is targetingWhat do they wantHow do they get it
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Economic Threat– theft of technology and commerce. Foreign entities may target classified or company sensitive information to gain a competitive edge. This costs millions of dollars in damage to U.S. business
Intelligence Threat-Collection efforts against the U.S. to increase for government power and competitive edge.
THREAT AWARENESS AND DEFENSE
www.ispcert.com
When conducting analysis of threat ask the following questions: What do we have?
What is our technology, defense or economic product
What do they want? The product the foreign entity or government have the most to gain
How can they get it? Where are we vulnerable
What efforts can we take to prevent unauthorized disclosure? Training
Recognizing the threat How to react to the threat
Reporting How and what to report
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Could you be a target overseas? Who are you and what will you do?
Science conventionAir showsBusiness meetings
Conduct Risk Analysis
www.ispcert.com
Will you be speaking? Are you approved for a certain subject? Watch for the cancellation and topic change
For example, suppose you are approved to speak on the topic of a radar’s effects on bird migration. The foreign host may inform you that the conference has changed and they need you to present the subject of the weather’s effects on a specific radar.
What business will you be conducting? Is it approved? Make sure to stay on target
For example, suppose you have approval to present a business opportunity for a teaming effort on your company’s refractor lenses for a foreign government’s telescope. The foreign entity brings the discussion to focus light beam intensity. Same product, different capabilities.
Conduct Risk Analysis
www.ispcert.com
Some factors that could increase the possibility Your access Overseas locations Ethnic, racial, or religious background
COULD YOU BE A TARGET
www.ispcert.com
Just as in real estate, location is important. Your position, responsibilities and geographic location are circumstantial and may increase your chances of being targeted for recruitment.
Also, your background may cause you to be vulnerable. Foreign operatives may play on your sympathy if you have ties to foreign countries. It is important to always report foreign relations to the FSO
It is important to note that all the above factors that increase the chances of a person selected or initial targeting and assessment are circumstances you have little or no control over.
Most foreign contacts are perfectly legitimate and well meaning. Your ability to recognize the few who are not will help you avoid problems. It will also help your security officer help others avoid problems.
COULD YOU BE A TARGET
www.ispcert.com
You have no control over whether or not you are targeted
Most foreign contacts are perfectly legitimate and well meaning
COULD YOU BE A TARGET
www.ispcert.com
Your present situation may cause you to look vulnerable, but it doesn’t mean you will be targeted. Also, you may be targeted even if your circumstances aren’t as above. It’s all out of your control. However, you can control your actions and how you react to assessment and recruiting efforts.
Your ability to recognize the few who are not will help you avoid problems. It will also help your security officer help others avoid problems.
COULD YOU BE A TARGET
www.ispcert.com
Who Could Target You?Third party spiesStudentsConvention AttendeesThe next table overAnyone
Conduct Risk Analysis
www.ispcert.com
When traveling overseas, things may not be the way they seem. Friendly encounters, business meetings, symposiums and etc could provide a fertile market for collection efforts.
Remain vigilant, but remember to obey laws and practice local customs and courtesies if they don’t violate ethics.
Report all suspicious contacts to security
Conduct Risk Analysis
www.ispcert.com
Collection effortsElicitation EavesdroppingSurveillanceTheft Interception
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Elicitation-Subtle form of questioning where conversation is directed to collect information- It is a different method than direct questioning and is hard to recognize
Example of Elicitation can be found in the recent case of Ben-Ami Kadish, who gave secrets to Israel. His handler, who also handled a spy name Pollard, smoothly convinced him to turn over documents to help maintain the security of Israel. Kadish received small gifts and private dinners. http://www.washingtonpost.com/wp-dyn/content/article/2008/04/22/AR2008042202590.html?wpisrc=newsletter
Eavesdropping-Listening in to get information
Surveillance-Watching target unobserved
THREAT AWARENESS AND DEFENSE
www.ispcert.com
Today’s business puts many employees in contact with foreign entities. Some of these contacts can lead to elicitation Elicitation is different than direct recruitment
Subtle, but enough to obtain privileged information Listen to your gut; if the conversation feels wrong…
Change the topic and move onA reluctant prospect may not be pressed into service
A WORD ABOUT ELICITATION
www.ispcert.com
Economical need for information is strong Spies look and act like normal people Any traveler can be assessed Privileged information is damaging Report suspicious situations
KEEP YOUR EYES OPEN
www.ispcert.com
Organized Government Services Could:Follow you Sneak into your quartersTap your communications Arrange audio and video coverage Use guides and interpreters
WHAT’S THE WORSE THAT COULD HAPPEN?
www.ispcert.com
Security or foreign intelligence services are activeThey can and do review Visa requestsYou may be assessed
At the very least, these services may “debriefed” some of your foreign contacts
If you are of interest, the next step is Recruitment
WHAT’S THE WORSE THAT COULD HAPPEN?
www.ispcert.com
Remain non-committal if approached Report all suspicious activities to FSO Practice smart information systems security Escort visitors
COUNTERMEASURES
More than 140 countries actively target US information-Largest collection effort since the cold war
www.ispcert.com
1. Which of the following are factors that may make you a target of espionage:A. Ethnic background B. Annual incomeC. Rental car
2. Where might a foreign service glean privileged information
A. Magazines you read
B. TV shows you watch
C. Products you buy
D. Conversations you have
3. While traveling, you have control over all situations
A. True
B. False
4. All are examples of collection methods EXCEPT:
A. Elicitation
B. Surveillance
C. Currency exchange
D. Eavesdropping
TEST-SELECT THE CORRECT ANSWER
www.ispcert.com
5. Which of the following are the most correct countermeasures of a solicitation effortA. Agree to provide then contact the authoritiesB. Say “no” and then contact the authoritiesC. Continue the conversation so as not to offend the hostD. Make attempts to change the subject
6. Most foreign contacts are well meaning and legitimate
A. True
B. False
TEST-SELECT THE CORRECT ANSWER