Sunday, September 28, 2008

Pentagon analyst Gregg William Bergersen, was recently sentenced to 57 months in prison for providing information classified at the SECRET level to the People's Republic of China. The information was classified SECRET, thus having the potential to cause serious damage to national security. The complicated espionage operation involved not only native born U.S. Citizens, but foreign born as well. Though this ring involved several people both U.S. and Non-U.S. citizens, let us spend our focus on the the cleared U.S. Citizen Mr. Bergersen.

The foreign operative received the largest sentence, however, let us not waste time tracking them, they are paid to spy and we have agencies dedicated to catching spies. We as security managers entrusted with safeguarding classified information, have to clean up our own back yards. Proactive security specialists are constantly on the look out for indicators of employee espionage. We cannot prevent employees from being corrupted with recruitment, but we can train employees to help good employees reduce the effectiveness of recruiting efforts and identify those prone to espionage and stop them early in the process. Some practical ways to do so include providing education and reporting for:
1. Espionage recruiting efforts.
2. Suspicious contacts.
3. Changes in cleared employee activity, behavior, mood, finances, allegiance and other key areas.

Security managers can also reassess their physical security, IT and document control procedures to bring into accountability and control our nation's secrets. All classified material is to be documented, safeguarded and provided proper disposition from the time it enters the facility until its authorized removal. Controlling pedestrian traffic and classified item movement at all steages is the most logical of security procedures.

The adversary is not spending resources breaking into classified areas and stealing SECRETS. So, why should we focus all of our efforts trying to prevent break-ins. Spies know their best efforts pay off with recruiting people to walk it out the doors for them. Recent cases of espionage involve older and more educated, foreign born, cleared employees.

Our best action is to reassess the threat, identify ways to oppose the adversary and dedicate time and resources designed toward that end. Any classified material introduced, copied, moved, removed, created or otherwise under jurisdiction of a contractor or Government entity should never be lost or compromised.

So, what can you do to reduce the chances of employees walking away with classified material? Are you implementing innovative ways to protect what is your responsibility, or are you just following "best practices". Remember, espionage is not successful with out willing parties. Those willing parties should have a very difficult time hiding their intentions (there are always indicators", and removing classified material (there are always available controls).

No comments: