Wednesday, May 21, 2014

Communicating Your Security Message

NISPOM topics applying to the cleared contractor facility should be addressed as often as possible. Cleared employees may be very familiar with classified performance requirements, but may not always remember countermeasures implemented at the facility to protect classified information. Though they may be excellent at marking documents or using deriviative classification techiques to properly transfer a classification from a security classification guide to a classified report, they may still need to be reminded to attend security training, report suspicious information, or attend threat briefings. Excellence comes from day to day exposure. As their daily performance makes cleared employees experts in their fields, FSOs play a large role in bringing them to that same level of NISPOM compliance. Take the time to understand what training is needed and try to meet that need.

Three effective ways to communicate your security message:

1. Group presentations-a popular and fast way to train others is in a classroom environment. Many FSOs conduct this type of training using PowerPoint as the media of choice. You can get a lot of great applicable NISPOM information in a single presentation. Though the volume of information is high, risk of an audience tuning out is just as probable. Keep your presentations alive with you being the focus. Use PowerPoint to reinforce your message, not to deliver the message. A few bullets with applicable images will do the trick. But don't make the PowerPoint do all of your talking. Eyes should be on you with frequent glimpses at the charts to illustrate points, not narrate them. You can buy royalty free images (like the picture accompanying this article) from online providers that are clear and catchy and download them for use in your presentations.

2. Multimedia messages-Initial security training occurs when employees get their clearances and security refresher training is an annual training requirement per the NISPOM. However, training doesn't always have to be performed once a year. Instead of having an hour long command performance, try smaller and more frequent venues. A newsletter via print, electronic bulletin board or email is very effective. Just be sure the keep the message short and easy to read. Don't worry about trying to cram all the information into the communique all at once. Try to make your point using a few bullet sentence or a few paragraphs with no more than 250 words. Even better, download some royalty free images relating to the topic.

3. Personal touch-Get up from your desk and visit the team. Relationships contribute tremendously to the protection effort. Develop relationships that allow you to interact with each of the groups or individuals. Cleared employees should look forward to seeing you at their door; better yet, they should seek out your advice. Such status comes from developing trust and value. Once it thrives, there's not much you won't be able to do. If you have employees working in IT, just follow them around. You'll see an incredibly valuable employee being sought out by others for software, hardware and network fixes. If you aren't yet at that level, consider partnering with someone who is. You might roam with the IT, safety or HR professionals and glean experience and develop relationships based on ones they already have. You can then develop similar value as people learn to trust your input.

Understand what your message is and communicate it effectively. Some ways to build up your security program is to educate the employees through training in the form of presentations, multimedia contact and by developing relationships. Take time to understand where some of the NISPOM requirement weaknesses are and develop training to meet it. If you don't have your own NISPOM training presentations, SF 312, or derivative classification briefings, consider downloading ours.

Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".

No comments: