lesson title: security - army museum of south australiaamosa.org.au/r10065640_security.pdf · slide...
TRANSCRIPT
Slide 1 of 22
Lesson Title: Security
Learning Outcome: All members will have a basic overview of National and Local
security; including policy frameworks, individual responsibilities and current local threats
.
Duration: 30 Minutes
Method: Theory Lesson / Lecture
References: - Websites:
- http://intranet.defence.gov.au/dsa/ - http://intranet.defence.gov.au/armyweb/sites/SSAA - http://intranet.defence.gov.au/dsa/dsm/index.html - http://teamweb/sites/ahq/armysecwiki/Wiki%20Pages/Home.aspx
- Local Security Officer for further advice/references
Resources:
- Data Projector
- PowerPoint Presentation (can be downloaded from AHQ website)
- Lecture Facility
Revision: Nil
Teaching Points:
• an overview of security and its importance to Defence; • national threats to security; • principles that lead to an improved security posture; • the framework of security policy and instructions within Defence; and • individual security responsibilities. • current local threats; risks associated with the identified threats; • procedures and other controls are implemented to mitigate risks; and specific
security issues and controls relating to a base, unit or facility, including but not limited to:
• overview of security classified information and official information within Army; • numbers, types and trends of security incidents; • problems, experiences and recommendations of commanders, managers,
personnel, external service providers and security staff; • the degree to which employees understand and accept existing security policies
and procedures; • security performance to date; and • locally threats, specific standing orders and Standard Operating Procedures.
Slide 2 of 22
Speaker Information: This brief is Module 5 of the Force Preservation Annual Mandatory Training Package. It is aimed at all ranks to ensure that all are aware of their most basic security obligations. Throughout the presentation there are several areas for unit specific information to be inserted into the slide templates – all presenters are to ensure that the unit specific information is inserted and the insert ‘prompts’ are removed from the presentation.
PPT 1: Speakers Notes: Army ‘cover’ slide for display prior to commencement. [NEXT SLIDE
PPT 2: Speaker Notes: Welcome to the next Module of this package – Security in Army Anecdotal evidence over the past 12 months reveals that complacency and an unrealistic view of the threat appear to be the most common cause of security incidents. Likewise, time management and an ill conceived willingness to “self manage the security risk” appear to be the next most common cause of security incidents. We must do better. [NEXT SLIDE]
PPT 3: Aim Speaker Notes: The Defence Security Manual mandates that security training and awareness be provided to all Defence personnel and contractors They must have adequate knowledge of applicable protective security requirements and understand the responsibilities and obligations placed on them by virtue of having access to Defence establishments and national security classified material. Fostering the right security attitude is an integral component of managing security risks.
Slide 3 of 22
[NEXT SLIDE] Advice to Speaker: The key message of this presentation is don’t under-estimate the importance of security to Army and your security obligations to the ADF.
PPT 4: Scope Speaker Notes: The scope of this module is once again displayed upon the screen. [NEXT SLIDE] Advice to Speakers: This presentation is provided in two parts. Part I has been standardised so that all Army personnel are adequately briefed on:
• an overview of security and its importance to Defence; • national threats to security; • principles that lead to an improved security posture; • the framework of security policy and instructions within Defence; and • individual security responsibilities.
Part II, The local component of the awareness program, is to be developed by the relevant commander or USO with input from Regional Security Sections, Brigade or Functional HQ intelligence sections and/or DSA.. Part II should include;
• current local threats; risks associated with the identified threats; • the ways in which Defence policy, standards, procedures and other controls are
implemented to mitigate risks; and specific security issues and controls relating to a base, unit or facility, including but not limited to:
• the level and quantity of security classified information kept and basic instructions for its handling;
• numbers, types and trends of security incidents; • Unit OPSEC; • problems, experiences and recommendations of commanders, managers,
personnel, external service providers and security staff; • the degree to which employees understand and accept existing security policies
and procedures; • security performance to date; and • specific local standing orders and Standard Operating Procedures).
Slide 4 of 22
PPT 5: Overview of security in Army Speaker Notes: In Army, security is achieved through establishing and maintaining different measures that are designed to protect our assets (Personnel, Information, Physical and ICT). Based on this, what elements of your daily working environment do you believe Army security encompasses? [NEXT SLIDE] Advice to Speakers: This slide is included to prompt group discussion using the graphics and question.
PPT 6: The security-in-depth principle Speaker Notes: Security in Defence is achieved by achieving a series of mutually supporting protective barriers (physical, procedural and personnel). Just like ‘defence in depth, they are more robust than a single line of defence. This is underpinned by Risk Management. Security should be layered so that the asset is not reliant on any one measure for protection. Similar to ‘defence in depth’ security in depth provides mutually supporting strategies and tools to protect an asset, be it people, information, equipment of infrastructure. Working out from the centre, this graphic depicts how protective security is best achieved through a layered approach which could include such measures as:
• adherence to the Need-to-Know principle • utilisation of a classification system • psychological barriers designed to deter • security alarm systems designed to detect • physical barriers designed to delay • security personnel trained to respond • access control system designed to limit access only to authorised
personnel • information and communication security measures designed to minimise
security threats targeting ICT systems. This is referred to as Protective Security. [NEXT SLIDE]
Slide 5 of 22
PPT 7: Security threats Speaker Notes: While some security threats are found to be intentional (e.g. espionage), most incidents are not. They are actually a result of poor security practices. This means each one of us have a significant opportunity to combat security threats on a daily basis. It is also important to understand that although there are many different types of security threats, there are only five common sources for those threats to Army and Defence. Trusted Insider - Internal threats come in a variety of forms including the accidental or deliberate disclosure of sensitive information; disgruntled staff looking to get back at Defence; complacent staff that do not see security as a capability enabler and staff that are specifically targeted by external threat sources. Terrorism - People that use or threaten to use violence against individuals or property in an attempt to coerce or intimidate governments, societies or communities to achieve ideological, political or religious objectives. Organised Crime – criminals here and overseas also value the skills that are developed by military forces. Many of these skills are useful in enhancing the capability of criminal organisations. Issue Motivated Groups - An issue motivated group can be defined as a collection of activists with a common ideology that engages in political activities but is not a registered political party. However, extreme groups can engage in ‘direct action’, such as blockading Defence facilities or trespassing into Defence exercise areas even personal assaults. Foreign Intelligence Services - Foreign Intelligence Services want to discover our Defence capabilities. The threat both overseas and within Australia is credible and ever-present. All security threats have potentially catastrophic consequences for Defence, regardless of the source. [NEXT SLIDE]
PPT 8: Why me? Speaker Notes: As a Defence employee you hold a wealth of information that is highly sought after by Foreign Intelligence Services (FIS), both overseas and in Australia. Organised crime, extremist or issue motivated groups are very interested in our work and Defence information. You need to be aware of the wide range of tactics used by FIS and others to gain access to classified or official information.
Slide 6 of 22
You may unknowingly find yourself in contact with members of foreign armed forces or governments, or with persons representing organised crime, extremist or issue-motivated groups, who want to use the opportunity to gather useful information about your work in Defence. Our multinational training exercises and official overseas visits provides a vehicle for foreign military intelligence services to source information that may not be available to their country through official channels. You all have information that is of value to others. Be discrete and do not talk about your work. Report all suspicious contacts or interference with Defence ICT equipment to your Security Officer. Also, if you are contacted by a member of the media, direct them immediately to the Central Public Affairs media unit. Do not attempt to answer any media enquiries by yourself. Be aware of what information you may be sending out of the Defence network or discussing in public places. Unauthorised disclosure can directly affect national security. To assist in addressing these threats Defence, like all other government agencies in Australia utilises a mandated system of protective security. [NEXT SLIDE]
PPT 9: What are they after? How will they get it? Speaker Notes: What are they after? The most sought after Defence information by Foreign Intelligence Services often relates to:
• Emerging Technologies • Aerospace • Communications • Electronics • Weapons Developments.
Issue motivated groups, organised or local crime may seek information or access to:
• Security in place within a military establishment • Weapons, weapon parts of knowledge of manufacturing improvised weaponry • Internal connections that may assist in trafficking drugs • Troop movements or security plans for conferences or training exercises • Information that will show Army in a negative light and/or allow sufficient passive
or violent protest activity to get media attention. The media seeks information on any subject that may prove newsworthy Terrorism - The most significant terrorist threat to Australia continues to originate from
Slide 7 of 22
Islamic extremists, particularly those associated with Al Qaida. It is possible that extremist groups will attempt to infiltrate Defence to gain access to weapons, ammunition, explosives or training through the subversion of military personnel. During August 2009, Victorian police foiled a plot by Australian Islamic militants linked to Somali terrorist group Al Shabaab who were arrested for planning an alleged terrorist attack against Holsworthy Barracks. It is incidents such as this which should be a timely reminder to us all that the terrorist threat posed to Defence is real. Issue Motivated Groups – Defence training of foreign forces, major ADF exercises, anti-war sentiment and visits to Australia by nuclear warships have in the past attracted protest activity. The protest activities from these groups are usually orchestrated to capture media attention and range from placard waving and the distribution of pamphlets highlighting their cause to equipment/building damage and break and enter activity. These groups will often employ professional crowd motivators or stirrers to assist in drawing media attention to their cause. Ex TALISMAN SABRE consistently attracts the attention of Issue Motivated Groups. During Ex TALSIMAN SABRE 2011 a conglomerate of Issue Motivated Groups formed a coalition known as the Peace Convergence 2011 and engaged in disruptive activities including protests, demonstrations and trespass activity in the Rockhampton area and candlelit vigils in major city centres. Issue Motivated Groups traditionally publicise their activities in advance using all communications mediums available to them in order to draw attention to and support for their cause. Organised Criminal elements are particularly interested in obtaining access to weapons, classified information and equipment including computers that may contain official information. As such, criminal elements have in the past subverted and befriended serving Defence members in order to gain access to weapons, body armoury, NFE and classified material. The compromise of this information could have wide-spread consequences for the ADF ranging from public embarrassment to possibly providing an insight into the capabilities of our deployed forces. Trusted Insiders pose one of the most significant threats to Defence and is the hardest to detect because often there are few obvious signs. It is through this internal threat that most external elements pose a threat to the security of Defence. The result of internal threats can be as serious as an armoury being breached due to internal knowledge of security codes and the theft of classified files and equipment. The most relevant example of the internal threat to Defence was the theft of ten M72 66mm SRAAW from Defence Establishment Orchard Hills in 2007 by one serving and one former Army Officer. The accused men were convicted of the theft of ten M72 66mm SRAAW over the five year period since 2002, which had reportedly been on sold to criminal elements for approx. $5000 each. At least one of the ten M72 66mm SRAAW was recovered police during investigations following the arrests.
Slide 8 of 22
How will they get it? Direct and indirect techniques include:
• attempts to gain critical technology in the early stages of development (lowest security classification, least protection, greatest long term value);
• academic exchange programs, where Defence scientists, engineers and technical experts are invited;
• any information you publish, in scientific and professional journals, or post on internet blogs and chat rooms will expose you to the public domain;
• targeting Army personnel when overseas on holidays or official visits; • “talent spotting” Defence members attending events, such as international
conferences; and • attempts to conduct physical site visits in a bid to directly observe facilities,
equipment and products. Issue motivated groups, criminals and the media may seek to contact you or monitor your conversations through:
• online social media sites • nightclubs or hotels • social or sporting events • other direct approaches during out of work hours
Theft of assets such as weapons, sensitive equipment and attractive items can occur through:
poor control measures laziness on the part of individuals in caring for their equipment compromised individuals internal theft break and enter lack of security for the items
[NEXT SLIDE]
PPT 10: Protective Security Advice to Speaker: Instructors should Read through these points whilst using the highlight points on the slide: Speaker Notes: Protective security is the total concept of information, personnel, physical and information & communications technology (ICT) security. Protective security measures in Defence are directed at:
• protecting Defence premises and material against unauthorised access, sabotage, wilful damage, theft or disruption;
Slide 9 of 22
• ensuring that security classified resources are placed only in the care of people who are honest, trustworthy, mature, tolerant, loyal and willing to safeguard those resources against misuse;
• preventing unauthorised disclosure of classified information, whether deliberate or accidental; and
• protecting material supplied by other nations in accordance with the agreements and obligations between Australia and those nations with which classified material is exchanged
. [NEXT SLIDE]
PPT 11: Information Security Speaker Notes: The security of information is critical to the integrity of Army’s mission. Information security is focused upon preventing unauthorised access to official information. Within Defence, Official information is considered to be any information received, developed or collected by, or on behalf of, the Australian Government, through its agencies and external service providers. As such, Official Information includes:
• documents and papers; • notes and working papers taken at meetings or orders groups • data held on any Defence IT system; • the software or systems and networks on which the information is stored,
processed or communicated; • the intellectual information (knowledge) acquired by individuals; and • physical items from which information regarding design, components or use
could be derived. Australian classified information must not be shared or passed to military of other government officials of any foreign country without prior approval. Australia has a responsibility to protect classified information provided by other governments under multinational or bilateral arrangements or agreements. This information is to be handled the same as Australian classified information of the same level of classification. [NEXT SLIDE]
PPT 12: Information Security – Classification, handling and storage Speaker Notes: Most of the material you will be working with in Defence will be classified as National Security Information TOP SECRET Information – TOP SECRET is the highest classification in National Security Information. This type of information if disclosed could cause exceptional grave damage to national security. Very little information warrants this type of
Slide 10 of 22
classification and it must be used with the utmost restraint. SECRET - The classification of information as SECRET signifies that unauthorised disclosure of this type of information could cause serious damage to the country’s national security. It’s important to note that this classification must be used sparingly. CONFIDENTIAL - The next classification below SECRET is CONFIDENTIAL. Any information that’s CONFIDENTIAL and disclosed without consent could cause damage to national security. PROTECTED is the fourth category of National Security Information. If PROTECTED information is disclosed without consent could cause damage to the Australian Government, commercial entities or members of the public. All classified material must be handled securely as detailed in the DSM and Army security policy. Even Unclassified information and documents should be dealt with carefully, as all information could ultimately be used for the wrong purpose. Unit Commanders are responsible for ensuring security on deployments and exercises; including the correct storage of, access to, and handling of, any classified material. Your Chief Clerk or USO can provide detailed advice on the correct handling of classified material. Of note here. During the next 12 months Defence will move to a new security classification system but until then, the current system is to apply until amendments are made to the DSM. All classified material must be handled securely as detailed in Defence procedures and specific unit processes. Even Unclassified information and documents should be dealt with carefully, as all information could ultimately be used for the wrong purpose All classified information has strict procedures for handling. In particular there a procedures for Storage, Transfer and Disposal. Storing classified information is based on two factors.
• Firstly, is the area where the material is to be stored secure? • Secondly, does the container holding the classified material meet minimum
security standards as set out in the DSM? Security Containers are categorised as Class A, Class B, Class C or Commercial Grade.
Approved security containers include locked filing cabinets and safes. Transferring classified information from one place to another requires specific procedures. These requirements vary depending on the level of classification and where the information is going. Some of the security measures may include:
• security satchels; • double enveloping; • use of tamper evident seals; • special formatting of the information on the envelope;
Slide 11 of 22
• the use of receipts (XC51s); • recording in a Classified Document Register (CDR); • the use of SCEC endorsed briefcases; and • safehand couriers.
If unsure about storing and transferring classified material that you are working with, refer to your supervisor or your Security officer who will be able to advise you on the classification of your work area and the material you are working on, and of any special arrangements specific to your location. It is very important to appropriately dispose of classified information. The approved disposal methods to use when disposing of classified materials include shredding and putting it into a classified waste bag for disposal. For a detailed list of disposal methods please refer to the DSM. Remember that the Australian Defence Force doesn’t just work in offices - your deployed Commander is responsible for ensuring security on deployments and exercises; including the correct storage of, access to, and handling of, any classified material. If you would like to know more then check out the Classified Document Handling Course on CAMPUS. Those that don’t have DRN access can send email to [email protected] to request the course on CD-ROM. [NEXT SLIDE]
PPT 13: ICT Security Speaker Notes: The Information and Communications Technology (ICT) environment changes rapidly, with significant developments in technology being coupled with associated threats to networks from individuals, criminal elements and foreign governments. The misuse of the Defence computer system will not be tolerated. All systems are monitored and misuse may result in loss of access, disciplinary or even criminal action. With the internet increasingly being used for government business, the increased capabilities of malicious entities means that adversaries have a greater opportunity and reason to conduct electronic attacks. Do not attempt to change computer settings or introduce any non approved hardware into the computer system as this can potentially give an attacker a gateway into our systems. An important note here is: you can all be assured with a high degree of certainty that all classified email leaving the Defence network, into the world wide web, is compromised and in the hands of foreign intelligence services or organised crime, who may collect information on behalf of a foreign state.
Slide 12 of 22
Hotmail, Optus net and most providers networks have been compromised and have filters embedded in their systems that are far more sophisticated than our own, capturing information that may raise a flag, such as classified markings. Classified and official information that is deliberately, negligently or accidentally sent outside the Defence network constitutes a data spill and a MAJOR security incident. Defence has recently acquired sophisticated software applications that is able to monitor the Defence ICT gateway and trace all classified emails, sent or attempted to be sent outside the Defence network to non-secure email addresses, back to the individual user. Data spills can be easily prevented by checking the content of all emails sent outside the Defence ICT network. If you believe an email has been over-classified, address this issue with the email originator. The use of mobile phone technology and on-line networking has introduced new threats such as geo tagging, interception of discussions, the targeting of families and intelligence gathering. Users of this technology must be constantly aware of the threats posed by the technology embedded in smart phones. Standard telephone lines are not secure. It is an offence to discuss or fax classified information over a non-secure line. Only UNCLASSIFED material may be faxed or discussed using a non-secure telephone line. All classified transmissions must use an approved secure telephone or fax machine. Your USO or Chief Clerk can advise of the location of secure communications within your unit. [NEXT SLIDE]
PPT 14: ICT Security – Internet and social Media Speaker notes: The use of the Internet, and in particular social media, is becoming a growing security threat to army. It is best to avoid placing your details on Internet sites. Defence recognises members have the right to use certain web sites outside work hours, but you must be aware from a security perspective that information posted could sometimes lead to a breach in Defence security. The information you post can help people to locate you and target you for the purpose of trying to obtain information about your work. You should never post information about the operations, projects or work you are focusing on. Personal information that identifies where you work, what your job is and who you are should also not be posted. Internet content of security concern to Defence as a whole includes:
• Information on organisation structure; • Details of an organisational role beyond generalities; • Details of tactics and strategic planning;
Slide 13 of 22
• Information relating to the size, capacity and capabilities of facilities, either as a narrative or as part of a map.
As an individual you should limit your internet presence through the following measures:
• Operational security is paramount; • Omit your personal information where possible; • Be sensible about how much you reveal; • Do not denigrate or insult others; • Do not fall into the trap of responding to postings on ‘hate sites’; and • Be sensitive about the associations of your internet presence. Redirection to
another website may imply endorsement of its content. Report social media sites that may pose a threat to Australia’s security or ‘hate sites’ targeting Army or Defence. [NEXT SLIDE]
PPT 15: Personnel Security – principles of personnel security Speaker Notes: Personnel security measures ensure that the identity, suitability and eligibility if individuals have been adequately assessed before they are given access to official information and resources. This is achieved by ensuring that:
• only the minimum number of Defence employees and Defence contractors consistent with operational effectiveness are security cleared;
• all Defence employees and Defence contractors who need access to security classified resources are assessed as suitable to be granted a security clearance;
• all Defence employees and Defence contractors to whom a security clearance has been granted remain suitable for their continued access to security classified resources; and
• all Defence employees and contractors are aware of their responsibilities in handling security classified resources.
• All full time Army personnel hold clearances necessary for deployment. All full time (ARA) Army personnel are to have a minimum clearance level of NV1. (For ARA briefings) All ARA personnel are to hold at least a NV1 level security clearance upon commencement. ARA personnel with current SECRET clearances will maintain their clearance until re-validation is required at the 10 year point at which time they will be vetted at NV1. (For Ares briefings) All Ares personnel are to have an appropriate clearance to the level of classified material or information that they will have regular access to. Those Ares identified for deployment must hold a minimum of NV1 clearance.
Slide 14 of 22
Our Army APS personnel and contractors are to have an appropriate clearance to the level of classified material or information that they will have regular access to. Security is based on the need to Know principle. This determines what clearance you may have. Also, just because you have a clearance, you might not need to see all the available information if it does not concern you. If your duties require a higher security clearance, you must apply for a higher classification level. Speak to your USO who will assist you in completing an E-Pack to apply for a higher security clearance. Once you have a clearance, your responsibilities don’t stop there. We will now move on to some follow up actions after receiving a clearance. [NEXT SLIDE]
PPT 16: Personnel Security – Security Clearance Levels Speaker notes: This slide provides an overview of the new security clearance levels which are now consistent across all Australia Government agencies. Advice to Speakers: BASELINE security clearance is equivalent to the former RESTRICTED security clearance. NEGATIVE VETTING LEVEL 1 security clearance is equivalent to the former SECRET security clearance. NEGATIVE VETTING LEVEL 2 security clearance is equivalent to the former TOP SECRET NEGATIVE VETTING security clearance. TOP SECRET POSITIVE VETTING security clearance – no change. [NEXT SLIDE]
PPT 17: Personnel Security – Change of Personal Circumstances Speaker notes: A change in personal circumstances would require you to advise your USO and complete a Security Clearance Change of Personal Circumstances Notification form (SVA003). QUESTION TO AUDIENCE: Can anyone identify the sorts of things that may be classed as a change in personal circumstances? Appropriate answers may include:
• Change in circumstance includes: • Marriage • Separation or divorce • Sharing your accommodation with others
Slide 15 of 22
• Experiencing a significant change in financial circumstances • Joining or affiliation with a controversial club, group or organisation • Criminal charges made against you for any illegal activity • Involvement in workplace investigations • Dependence on or misuse of alcohol or other drugs • Change of name • Change of citizenship
[NEXT SLIDE]
PPT 18: Personnel Security – Overseas Travel Speaker Notes: All overseas travel must be cleared by your Security Officer. You should give your USO at least four weeks notice prior to your departure, to ensure that all the correct procedures and documentation has been completed before you leave. You can arrange an Overseas Travel Briefing with your USO. Your USO will advise which forms you need to complete, security issues you should be aware of while overseas, and the things you need to do when you come back. Be aware of travel restrictions for service personnel. Seek advice from your USO or Chief Clerk. You should also check the Department of Foreign Affairs and Trade Smart Traveller website, to check if there are any travel warnings for the country you are going to. When you return from your holiday you will attend a Debriefing Session with your USO and will complete the Overseas Travel – Debriefing Certificate AB 645 form. This ensures the USO can find out about any incidents that may have happened that could pose a potential security risk. If you are planning to travel for work and will need to be able to discuss classified information or gain access restricted establishments while overseas, you need to have your clearance details passed to the government of the country being visited. This process can take significantly longer than four weeks. Contact [email protected] for specific details. Whilst Army Reserve personnel, not on CFTD, are not subject to the same travel restrictions as full time members, Reserve personnel must declare all overseas travel to their USO. Remember, your overseas travel is recorded on your Personal Security File and by having it recorded up front when it occurs you do not have to spend time searching for records, years later when your re-evaluation comes around. [NEXT SLIDE]
Slide 16 of 22
PPT 19: Physical Security Speaker Notes: Army has an obligation to provide and maintain a safe and secure environment for the protection of its people, information, capabilities and assets. An appropriate physical security environment minimises risks to the efficient and effective performance of Defence's goals and objectives, underpinning the application of other protective security measures Army needs to have physical security measures in place:
• to provide a safe and secure working environment for employees and visitors • to prevent unauthorised access to official information and resources • to deter, detect, delay and respond to intruders.
Physical security includes our locks and doors, alarm systems, CCTV systems monitoring stations and guards, each designed to deter, delay and detect intruders. Of importance in Army is the physical security of our armouries, weapons and explosive ordnance. Whether in Australia or on operations, it is the unit and individuals responsibility to ensure that our weapons and explosive ordnance are accounted for and protected. Defence policy mandates that access to all armouries must be dual access only. Single person access is an offence under general lawful order in accordance with Defence policy. Each of you play you part in physical security by being the eyes and ears for your unit detecting and reporting problems or unusual activity that could impact on your unit and mates. [NEXT SLIDE]
PPT 20: Questions? Speaker Notes: You should ask the audience if they have any questions so far. In particular, you should ensure that they understand Information Security, Personnel Security, Physical Security and ICT Security. [NEXT SLIDE]
Slide 17 of 22
PPT 21: Security Incidents Speaker Notes: You should ask the audience for what they think is a ‘security incident’. Affirm any appropriate responses and then provide the following definitions:
• A security incident is any event that prejudices security and/or breaches security regulations.
• A security incident is any event resulting in negative consequences for the Australian Government, including Army.
• A security incident is any incident that contravenes security regulations, whether deliberate, negligent or accidental.
• A security incident can be from a failure to comply with the security requirements as defined in the DSM or other endorsed publications.
In the Year January 2011 – June 2011 Army had 1209 incidents. These have been broken into the following categories:
Incident Type Jan 11 - Jun 11
Data Spills (both on unit websites and emails containing
classified information) 68
Disclosure of official information 23
ICT Misuse 36
WME (includes of weapons and munitions) 61
Physical Security 614
Loss of ID Card 407
Our aim is to reduce the number of incidents across Army through awareness and individual compliance with protective security policy. [NEXT SLIDE]
PPT 22: Security Incidents – how to report a security incident Advice to Speakers: Ensure your unit USO details are inserted into this slide (and remove balloon comments from the Slide) Speaker notes: All security incidents (other than minor incidents) are to be reported to the Defence Security Authority's Security Incident Centre (DSA SIC) within 24 hours. These can initially be reported by telephone or email but must be followed up by an XP188 – Security Incident Report, available on web forms.
Slide 18 of 22
Incidents reportable to DSA SIC include: • unauthorised access to Defence facilities; • loss or theft of weapons, associated equipment (weapon parts, combat body
armour, night fighting equipment and night vision equipment), and explosive ordnance (explosive ordnance includes all ammunition, propellants, pyrotechnics and explosives);
• loss or theft of, or unauthorised access to/or disclosure of official Defence information;
• unauthorised access to and/or use of Defence information and communications equipment or systems;
• a security contact where a Defence employee is approached by, or communicates with, representatives of foreign interests, extremist or subversive groups, criminals, or commercially, politically or issue motivated groups whose purpose appears to be to obtain official information.
All minor security incidents are to be reported to your Unit Security Officer who will complete an XP 188 and advise the local regional DSA representative within30 days. A minor security incident is an accidental or unintentional failure to observe the requirements for handling and storage of materiel classified up to and including, but not limited to CONFIDENTIAL. [NEXT SLIDE]
PPT 23: Security Incidents - Contact Reporting Advice to Speakers: A security contact is a contact where a Defence employee is approached by, or communicates with, representatives of foreign interests, extremist or subversive groups, criminals, commercial, politically or issue-motivated groups whose purpose appears to be to obtain official information. Defence people and their families or friends may be targeted for such contact. A security contact can be social or official, involve verbal or written communication including the internet, and it can occur in Australia or overseas. If you suspect you have been contacted by a FIS, you must report it in order to: allow early intervention of the activity determine the extent of the threat
alert the appropriate authorities so they can develop potential countermeasures.
Contact reports for suspected foreign intelligence or foreign nationals are reported through your USO on a Contact Report Form available on Webforms. Contact reports for any contact with criminal groups, commercial, issue motivated or extremist groups is reported on the online XP188 through your USO. [NEXT SLIDE]
Slide 19 of 22
PPT 24 Current local threat Advice to Speakers: Presenter must include threats that are peculiar to the location or type of work carried out by the unit audience (and remove balloon comments from the Slide); [NEXT SLIDE]
PPT 25: Unit-specific security issues Advice to Speakers: The Instructor / Presenter must include risks that are peculiar to the location or type of work carried out by the unit audience. (and remove balloon comments from the Slide) Speaker notes: [NEXT SLIDE] Additional speaker information: Specific security issues and controls relating to a base, unit or facility, include, but are not limited to:
• the level and quantity of security classified information kept and basic instructions for its handling
• numbers, types and trends of security incidents • problems, experiences and recommendations of commanders, managers,
personnel, external service providers and security staff; • the degree to which employees understand and accept existing security policies
and procedures • security performance to date; and • Locally-specific standing orders and standard operating procedures.
PPT 26: Known local risks Advice to Speakers: The Instructor / Presenter must include risks that are peculiar to the location or type of work carried out by the unit audience. (and remove balloon comments from the Slide) Speaker notes: [NEXT SLIDE]
Slide 20 of 22
PPT 27: SAFEBASE Speaker notes: Defence’s security response to external threats shall be based on security risk management principles using the SAFEBASE alert system. Responses to threats shall be incremental, coordinated, and appropriate to the identified level of threat. The SAFEBASE alert system is only applicable to domestic activities in Australia and non-operational activities overseas. Operational security threats are managed by the Chief Joint Operations (CJOPS) as a component of operational security planning. SAFEBASE ALPHA - There is no specific threat to Defence. This alert level provides for a minimum level of security. Measures from higher alert levels may be implemented as additional deterrents. SAFEBASE BRAVO - The possibility of a general threat is heightened, but specific actions, targets or timeframes are not defined. It may be necessary to implement measures from higher alert levels resulting from intelligence received or as a deterrent. Limited impact on normal operations, local authorities or the civilian population. SAFEBASE CHARLIE - Sufficient indications exist that specific threat action is likely; however, no definite target or time of attack has been identified. It may be applied as a precautionary measure to cover events liable to stimulate terrorist or issues-motivated group action. Will create some hardship and limit a number of normal activities. SAFEBASE DELTA - Specific information has been received and it has been assessed that there is a substantial threat to Defence within an identifiable period of time. Usually a specific installation, group or type of facility would be identified as potential targets. SAFEBASE ECHO - Direct action is about to occur or is occurring against specific Defence elements. Examples: An imminent attack on an installation by terrorists, or a protest action which has the potential to turn violent at a Defence establishment. Will cause significant hardship and severely disrupt normal daily activities. The SAFEBASE alert system is only applicable to domestic activities in Australia and non-operational activities overseas. Operational security threats are managed by the Chief Joint Operations (CJOPS) as a component of operational security planning the presenter should also remind the audience at what level of SAFEBASE the unit / location is currently under [NEXT SLIDE]
Slide 21 of 22
PPT 28: Security - Your responsibilities Speaker notes: Everyone needs to be aware of the impact that their security behaviour can have on the security of Defence as a whole. The Defence Security Manual (DSM) is the primary source of security policy, principles and minimum standards for security in Defence. It reflects the requirements of Legislated and mandated government security requirements in:
• The Defence Act 1903 • The Crimes Act 1914 • The Freedom of Information Act 1982 • The Privacy Act 1988 • The Australian Government Protective Security Manual (PSM) • The Australian Government Information and Communications Technology
Security Manual (ISM)
The policies that effect security at the local level are Security Standing Orders (SSOs) – These are procedural in nature and outline local security arrangements for the unit, based on the DSM. You MUST be familiar with these arrangements in your work area. [NEXT SLIDE]
PPT 29: Summary Speaker notes: During this presentation we have had to cover a great deal of information. The key ‘take-ways’ are: In Army, security is achieved through establishing and maintaining different measures that are designed to protect our assets (Personnel, Information, Physical and ICT). All Army personnel are responsible for ensuring that Army security measures are robust and effective. Each of you are our capability enhancers in making security work in your unit. People are our most vital asset as well as being our highest vulnerability. The difference is: your attitude to security If you take nothing else away from this presentation, I would ask that you don’t under-estimate the importance of security to Army and your security obligations to the ADF. [NEXT SLIDE]
Slide 22 of 22
PPT 30: Questions Advice to Speaker: The Instructor / Presenter should ask for any final questions or doubtful points. Conclude by restating that security threats are real and always present. Speaker notes: [NEXT SLIDE]
PPT 31: More information Speaker notes: As already mentioned, the primary point of contact for security issues within our unit is: INSERT EMAIL & PHONE DETAILS (and delete balloon box from Slide). References for further information as websites: http://intranet.defence.gov.au/security/index.htm http://intranet.defence.gov.au/armyweb/sites/SSAA http://teamweb/sites/ahq/armysecwiki/Wiki%20Pages/Home.aspx - These sites can also link you with the Defence Security Manual. [NEXT SLIDE]
PPT 32: End of presentation Placeholder slide whilst next presentation is being arranged. [NEXT SLIDE]