Every Facility Security Officer (FSO) knows, counterintelligence (CI) readiness and awareness is paramount in maintaining one’s Facility Clearance and demonstrating readiness in the protection of classified materials entrusted to the facility and personnel within. Here are three CI priorities every FSO should have at the front of their list.
1. Counterintelligence Knowledge
First and foremost, the FSO and the FSO’s team need to be aware, knowledgeable and current on CI threats facing the United States government and the United States private sector (including defense contractors). The Cognizant Security Authority (CSA) is the point of contact for receiving classified CI information germane to the FSO’s facility and classified contracts being supported. This information needs to be folded into the CI program and each and every individual with a need to know, needs to know.
Then there is the publicly available information. This information may come directly from the DSS Counterintelligence Directorate; The National Counterintelligence Executive; Congressional Reports/Committee Hearings; Public Records or private blogs which dissect methodologies being used by hostile intelligence services.
The well-read FSO will be up-to-speed on what’s happening and how the experiences of others may affect the FSO’s facility. No ostrich behavior permitted, we don’t decide which facility or program is targeted by the hostile intel services.
2. Counterintelligence Briefings
The NISPOM Chapter 3 requires each individual with a security clearance receive an annual CI briefing. Non-negotiable. Now every NISP director and FSO knows that 100 percent compliance with this requirement is sometimes tantamount to herding goats – lots of chasing is involved. But what if the nature of the CI briefings were adjusted so the briefings were always available on demand and adjusted based on employee behavior or current events?
Not only will employees who are required to receive an annual CI briefing receive multiple briefings, but their briefings will be both topical and timely – the former being the key. People tend to care about that which will have a direct impact on their work. Generic briefs are just that, generic. Topical briefs are where the interests of the employee match perfectly the interests of the nation (and DSS).
3. Open Door Policy
You train your personnel on how to handle classified materials. Excellent. You will be rated on how many security violations or mishandling events have occurred. There is a delicate balance at play. The expectation is that all who enjoy the trust of the US government will self-report any violation of security and classified information handling protocols. That said, human nature will shy away from drawing attention to themselves if they believe they will be beaten down. The Japanese industrial adage on conformity, “The nail that sticks up will be pounded” need not apply.
Rather, every FSO should adopt both a physical and open door policy. If you handle classified information for a long enough period, you are going to display your human side, which is why the first incident is treated with remedial reminders and direction to prevent recurrence.
Similarly, that open door is key to the successful implementation of the Insider Threat Program. A malevolent insider’s greatest threat is his colleagues. With an open door, the FSO is ensuring his availability to listen and take serious every tidbit of information provided to the FSO by the constituency. The self-police option is the most powerful of all tools within every insider threat program.
Knowledge is power
Information is power, but only if the information is shared. Every CI program must empower the individuals within the program with knowledge they need to make good decisions.