Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unauthorized Disclosure TRAINING FOR Security Professionals

Published byRoberta Summers Modified over 6 years ago

Similar presentations

Presentation on theme: "Unauthorized Disclosure TRAINING FOR Security Professionals"— Presentation transcript:

1 Unauthorized Disclosure TRAINING FOR Security Professionals
These slides have been provided by the DoD UD PMO for use in Unauthorized Disclosure briefings for Security Professionals within your component or command. Feel free to customize the briefing with your command’s name and logo. Slides 13 and 20 provide an opportunity to input customized reporting criteria, procedures, and Command level reporting POC. Consider supplementing this briefing with job aids, case studies, and other awareness materials available under Unauthorized Disclosure Toolkit at For questions on content or any other matters related to DoD Unauthorized Disclosure, please reach out to the DoD UD Program Management Office at Unauthorized Disclosure TRAINING FOR Security Professionals DoD Component Name

2 The Problem Trusted individuals inside the DoD are leaking classified and controlled unclassified information (CUI) to unauthorized recipients.

3 What is an Unauthorized Disclosure?
An Unauthorized Disclosure, or UD, is the communication or physical transfer of classified or CUI to an unauthorized recipient. Other related definitions: Compromise – A security incident in which there is an UD of classified information Data Spill – Transfer of classified or CUI to a computer system accredited at a lower classification level than the data being entered

4 Why do people leak information?
Individuals who leak information do so for a number of reasons, including: Financial gain Influence political decisions Disagree with official government policy Believe the public has a need to know Disregard for security procedures Ego

5 Unauthorized Disclosure case examples

6 Benjamin Bishop SENTENCED TO 87 MONTHS
Government Contractor and Retired Army O-5 Arrested March 2013 ed classified information to a Chinese woman with whom he had a romantic relationship Pled guilty March 13, 2014 for unlawfully retaining classified national defense information at his home and willfully communicating classified national defense information to a person not authorized to receive it Sentenced to 87 months of imprisonment and 3 years of supervised release SENTENCED TO 87 MONTHS

7 Bryan Martin SENTENCED TO 48 YEARS Navy E-4 Arrested December 2010
Attempted to deliver classified information to a representative of a foreign government Sentenced to 48 years in prison, forfeiture of all pay and allowance, reduction to pay grade of E-1, and a dishonorable discharge SENTENCED TO 48 YEARS

8 DoD’s Unauthorized Disclosure Program
2012 2018 DoD established a “top down” approach to the identification, investigation, and reporting of UDs Policy governing the UD of classified information was outlined in Information Security policy under DoDM Volume 3 UD Program Management Office (PMO) was established within the Office of the Under Secretary of Defense for Intelligence (OUSD(I)) Components were directed to identify security officials responsible for reporting UDs to UD PMO DoD determined the UD mission and policy should be moved from Information Security to Insider Threat UD PMO realigned from OUSD(I) to the Defense Security Service (DSS) where it now resides inside the DoD Insider Threat Management and Analysis Office (DITMAC) US specific policy within DoDM Volume 3will be written into Insider Threat policy documents, DoDD and DoDI

9 Where to report an unauthorized disclosure
All suspected or confirmed compromises of classified or controlled unclassified information can be reported to: Security Manager or Facility Security Officer DoD Inspector General Hotline Office of Special Council Security Managers will report disclosures to the Component UD program manager in accordance with Component policy.

10 Special Reporting Circumstances
TYPE OF DISCLOSURE REPORT TO Disclosures of Special Access Program (SAP) material Component SAP program office reports to DoD SAP Central Office Disclosures of alternative compensatory control measures (ACCM) information Local ACCM control officer Disclosures of critical protection information (CPI) Program Manager of record and cognizant Defense Counterintelligence (CI) component Disclosures of foreign government information (FGI) or NATO information DoD Component senior agency official reports to the USD(P) Disclosures of sensitive compartmented information (SCI) Activity Special Security Office (SSO) Disclosure of communications security (COMSEC) or Cryptologic information Report in accordance with NSTISSI 4003 Deliberate Compromise Cognizant Defense CI component Compromise by a Foreign Intelligence Service or Terrorist Organization

11 More about UD PMO UD PMO provides enterprise level management and operational capability to improve the identification, investigation, tracking, and reporting of UDs. Specifically, the UD Program was directed to develop robust capabilities to: Coordinate reporting and report UDs to ensure the prompt and complete delivery of UD case referrals to DoD senior officials for administrative action or to seek civil remedies or to the Defense Criminal investigations; Serve as the operational arm of the DoD UD program in accordance with DoD policy and guidance; Serve as the central DoD office for consistent uniform, and timely reporting of UD; and Promote collaboration and information sharing across the Department on UD.

12 UD PMO reportable events
UDs Reportable to UD PMO MEDIA The release of classified information and/or controlled unclassified information (CUI) in the public domain. Public domain includes but is not limited to podcasts, print articles, internet-based articles, books, journals, speeches, television broadcasts, blogs, and social media postings. TECHNOLOGY Release or theft of information relating to any defense operation, system, or technology determines to be classified and/or CUI. UNAUTHORIZED RECIPIENT Information wherein individuals disclosed classified or CUI to unauthorized person or persons resulting in administrative action, referral for criminal and/or CI investigation, and/or resulted in the suspension or revocation of clearance.

13 Component UD Program **Recommend including:
Items reportable to Component UD program office UD reporting chain within the Component Case management tools used by Component

14 What Happens After A Possible UD Is Identified?
Security Managers will report suspected UDs to the Component UD program manager in accordance with Component policy Component UD programs with equity in the disclosure will arrange for an original classification authority (OCA) to conduct a classification review if not already completed The Component will complete a preliminary inquiry or investigation into the UD Component UD program will report the UD to the UD PMO, if required Component UD program will arrange for the completion of a damage assessment If the UD was in the public media, the Component UD program will arrange for the completion of a Department of Justice (DoJ) media leaks questionnaire If an individual is identified in the course of an investigation, the Component will determine if the administrative sanctions, a criminal investigation, or some other course of action is most appropriate.

15 Preliminary Inquiry/investigation
What is it? Initial fact finding and analysis process to determine the facts of any security incident When is it required? All cases where information is compromised What is included? Who, what, when, where, how When should it be completed? As soon as possible, not to exceed 10 duty days

16 Damage Assessment What is it?
Formal multidisciplinary analysis to determine the effect of a compromise of classified information on the national security When is it required? All cases where information is compromised What is included? Practical effects of a compromise on DoD programs, operations, systems, materials, and intelligence and on the Department of Defense’s ability to conduct missions When should it be completed? Within six months

17 Disclosures In The Public Media
DoD has a responsibility to report certain Federal Crimes to the DoJ, including UD in the public media. UD PMO will refer UDs in the public media to the DoJ under one of the following Tiers: Tier 1 The Component’s inquiry or investigation determines that further investigation is not warranted. DoD does not ask for further action from DoJ Tier 2 DoD has determined that an internal or administrative investigation is appropriate Tier 3 DoD is requesting a criminal investigation from DoJ

18 Media Leaks Questionnaire
What is it? Questionnaire required to refer an UD in the media to the DoJ When is it required? If the disclosure was in the public domain What is included? 11 specific questions When should it be completed? As soon as practical

19 -ATTORNEY GENERAL SESSIONS
Conclusion Attribution is key to changing the culture where individuals believe they can leak national defense information Attribution cannot be achieved without timely reporting of unauthorized disclosures “THESE CASES ARE NEVER EASY. BUT CASES WILL BE MADE, AND LEAKERS WILL BE HELD ACCOUNTABLE.” -ATTORNEY GENERAL SESSIONS

20 Component Resources Component policy governing UDs:
Policy/regulations Component UD program manager(s): Name(s) Office Contact information

21 Questions? Additional Resources for DoD Unauthorized Disclosure Policy: UD PMO SharePoint: CDSE UD Toolkit: DoDD , Management of Serious Security Incidents Involving Classified Information DoDM , DoD Information Security Program Volumes 1-4

Download ppt "Unauthorized Disclosure TRAINING FOR Security Professionals"

Similar presentations

C H A P T E R 15 Government at Work: The Bureaucracy

C H A P T E R 15 Government at Work: The Bureaucracy
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.

What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
Special Category Cases. Special Categories  Military Whistleblower Reprisal  Senior Officials  Civilian Reprisal  Equal Opportunity  Equal Employment.

Special Category Cases. Special Categories  Military Whistleblower Reprisal  Senior Officials  Civilian Reprisal  Equal Opportunity  Equal Employment.
Special Category Cases. Special Categories  Military Whistleblower Reprisal  Senior Officials  Civilian Reprisal  Equal Opportunity  Equal Employment.

Special Category Cases. Special Categories  Military Whistleblower Reprisal  Senior Officials  Civilian Reprisal  Equal Opportunity  Equal Employment.
Department of the Navy Information Security Program

Department of the Navy Information Security Program
Section One: Classification System Overview Note: All classified markings contained within this presentation are for training purposes only.

Section One: Classification System Overview Note: All classified markings contained within this presentation are for training purposes only.
IS 700.a NIMS An Introduction. The NIMS Mandate HSPD-5 requires all Federal departments and agencies to: Adopt and use NIMS in incident management programs.

IS 700.a NIMS An Introduction. The NIMS Mandate HSPD-5 requires all Federal departments and agencies to: Adopt and use NIMS in incident management programs.
Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.

Walking Through the Breach Notification Process - Beginning to End HIPAA COW Presentation and Panel April 8, 2011.
The Department of Defense Intelligence Oversight Program

The Department of Defense Intelligence Oversight Program
POLICY Defining DoD GHE  Coordination and adjudication process: Report on the results from a SACCP tasker review and coordination of DoD GHE definition.

POLICY Defining DoD GHE  Coordination and adjudication process: Report on the results from a SACCP tasker review and coordination of DoD GHE definition.
Joint Personnel Adjudication System (JPAS) Overview

Joint Personnel Adjudication System (JPAS) Overview
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.

Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.
Army Family Advocacy Program 1 of 16201130R APR 06 Restricted Reporting Policy for Incidents of Domestic Abuse.

Army Family Advocacy Program 1 of R APR 06 Restricted Reporting Policy for Incidents of Domestic Abuse.
Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.

Section Eight: Communication Security (COMSEC) Note: All classified markings contained within this presentation are for.
Section Ten: Security Violations and Deviations Note: All classified markings contained within this presentation are for training purposes only.

Section Ten: Security Violations and Deviations Note: All classified markings contained within this presentation are for training purposes only.
Security Education and Awareness Security 101 February 28, 2007 JSAC.

Security Education and Awareness Security 101 February 28, 2007 JSAC.
** Deckplate training for Navy Sailors **.  On Thursday, 9 July, the Office of Personnel Management (OPM) announced a cyber incident exposed the federal.

** Deckplate training for Navy Sailors **.  On Thursday, 9 July, the Office of Personnel Management (OPM) announced a cyber incident exposed the federal.
United States Army Freedom of Information Act (Freedom of Information Act Managerial Training)

United States Army Freedom of Information Act (Freedom of Information Act Managerial Training)
Maureen B. Higgins Assistant Director, Agency Support & Technical Assistance Office of Personnel Management December 8, 2010.

Maureen B. Higgins Assistant Director, Agency Support & Technical Assistance Office of Personnel Management December 8, 2010.

Similar presentations

Ads by Google