Last week, we told you about CitizenTube, a channel gives you a chance to ask the President follow up questions after the State of the Union speech. For the past five days since the President’s speech, people from across the country have submitted and voted on video and text questions on CitizenTube.

Today, the President will respond to these questions in a live YouTube interview at 1:45 p.m EST.

This is the first time President Obama will answer follow-up questions since the speech last week. CitizenTube promises the interview “will cover a range of issues, minimize duplicate questions, and include both video and text submissions.”

As of now, well over 11,000 questions have been submitted covering a broad cross-section of topics and concerns.

Tune-in to CitizenTube at 1:45 pm EST for the interview.

This Wednesday, at 9pm EST, president Barack Obama will deliver his State of the Union speech.

This year will be extra special as the followup to Obama’s speech viewers will have the opportunity to submit questions (and vote on other users’ questions) in response to the speech on youtube.com/CitizenTube. Next week, Obama will answer some of the questions in an online event delivered live from the White House. From the YouTube blog:

“Presidents have long used new technology to share their message directly with the American people. Calvin Coolidge was the first president to broadcast the State of the Union over the radio in 1923, and President Truman made history in 1947 when he became the first to deliver his address to a live television audience.

This year’s State of the Union speech will also make history. It will be the first time that citizens will have the opportunity to ask follow-up questions during the speech — and to hear the president’s response to those questions.”

Currently, the exact timing of the followup event is unknown.

SGIS Security wants you all to be aware that you could potentially be a target.  Whether it’s for Economic Espionage, a type of cyber crime or Elicitation/Recruitment, the fact that you are a working for a U.S. government contracting company puts you at a level of risk.

Those who have clearances and access to sensitive or proprietary information are prime targets to foreign intelligence operatives a.k.a. “spies.”  Now when I say spy, someone might think of 007 or “Get Smart,” but the fact is today’s operatives are usually friendly, everyday people who want to become “friends” with you.  They use a technique called “Elicitation”, which simply put is “the art of conversation honed by intelligence services…”  Often times, they will make initial contact with you at a seminar, business conference, networking event or social networking site.  Their goal is to determine if you have ANY information or access to information that could be potentially valuable.

If this initial contact seems worthy, they will proceed to get to know you and assess your vulnerabilities.  This is why it is extremely important to be careful what you say about yourself and your co-workers!  If you begin telling this spy… err, I mean “friend,” about your financial difficulties, marital problems or work related stresses, you are letting them know what your vulnerabilities are and they will exploit those vulnerabilities to gain an advantage.

Elicitation can take place over a long period of time. They collect tidbits of information on you, your job and coworkers. Elicitation is sometimes very hard to recognize.  Over time they hope to earn your trust and have you consider them a friend. They may ask for your expertise or consultation. Typically their goal is to have a “trusted source” that they can go to for information.

Please review the information below for further details on how they may try to recruit you and or your information:



Elicitation might be hard to recognize, but if feel you are being targeting and assessed by a Foreign Intelligence Operative, remember you have done nothing wrong unless you start maintaining a regular contact without reporting it to your security officer. Your main defense is awareness and reporting. The government may be able to notify you that you are dealing with a known intelligence operative, or it may identify the person as an operative as a result of your reporting the contact. Always report so that you are part of the solution and not the problem. See reporting requirements below.

You are required to report the following to your security office:

• Any effort by any individual, regardless of nationality, to obtain illegal or unauthorized access to classified information or to compromise you or any other cleared employee.  In addition, all contacts by you or any other cleared employee with known or suspected intelligence officers from any country, or any contact which suggests that you or any other employee may be the target of the intelligence service of another country or other clandestine group shall be reported.¹

• Any other known, suspected, attempted, or planned activity that threatens U.S. national security. This includes unauthorized release of or access to any classified or otherwise sensitive information, intrusion into an automated information system containing classified or otherwise sensitive information, or information relating to terrorism, sabotage, subversion, or illegal diversion of U.S. technology to a foreign country. Knowledge of any activity by a foreign country or organization that suggests that country or organization may have unauthorized knowledge of U.S. national security information, processes or capabilities.

Just to show you that this is REAL and happens regularly, I have linked some interesting articles on recent espionage cases that have happened this past year:

U.S.: Product engineer swiped Ford’s secrets

China proves to be an aggressive foe in cyberspace

Scientist offered U.S. secrets for $2 million, prosecutors say

As always, SGIS security is here to HELP you! Please email us a SECURITY@SGIS.COM for assistance or if you’d like to suggest further monthly topics, we would love to hear from you.

References:

1. National Industrial Security Program Operating Manual, paragraph 1-302. Presidential Decision Directive NSC-12, Security Awareness and Reporting of Foreign Contacts, August 5, 1993.

2. Many ideas in this topic came from a NRO foreign intelligence threat awareness briefing.

3. DSS pamphlet, “Elicitation, Can you recognize it?”

Why do former military professionals make great employees?

Civilian employees can learn the specifics of a job, but some of these skills cannot be taught as easily. Candidates with military backgrounds make excellent civilian employees because they already possess several intangible skills that can be the most difficult to teach. This is why so many employers go to these individuals time and time again to fill positions. The fact is, finding these traits in the civilian world can end up being difficult as well as costly. It only makes sense that employers would turn to former military personnel to fill their hiring needs.

What kinds of qualities do these military professionals possess to make good hires?

SGIS Security would like to give you some pointers on how to protect yourself, and your equipment, while traveling overseas to help circumvent foreign intelligence agencies from obtaining US economic, technological and military information. As an employee of a government contracting company, you are a prime target to foreign intelligence agencies.  The reality is that most technologically advanced or developing countries, including some democratic countries that are closely allied with or supported by the United States, place a high priority on acquiring U.S. technology by both fair and foul means. One of the largest tactics used is to target your electronic equipment; laptops, computers and cell phones are easily intercepted, recorded, download, sabotaged and/or out right stolen. Any information transmitted over wires or airwaves is vulnerable to exploitation. So SGIS has put together some pointers that should assist you to help keep your information secure.

• If possible, leave unnecessary electronics devices at home!
• Use designated travel-only laptops that contain no sensitive information.
• Establish a temporary email address not associated with the company.
• Encrypt data, hard drives, storage devices etc.
• Use complex passwords, and enable login credentials.
• Never use a wireless connection as they are NOT secure and most countries have sophisticated intercept technology.
• Most important, be sure to REPORT any thefts or unauthorized accesses of your portable devices.
• Blackberry acting strange, turning on and off, making odd changes.
• Never trust the hotel or room safe… always carry your electronics with you.
• ALWAYS report anything out of the ordinary or suspicious.

Below you will find some funny excerpts of real life situations that have been reported.  We hope you enjoy the humor in the situations but please take them seriously, as they are true stories.

Anecdote #1: A traveler attending a workshop returned to his hotel room after being away for dinner. He went to bed and was awakened six hours later by a beeping noise. The noise was coming from the traveler’s laptop computer. The computer cover was closed, but the unit was not shut off. The traveler believes that while he was out of the room, it was searched and the laptop was opened but not turned off. This caused the battery to run down, which is what had caused the beeping. The traveler had not turned on the computer during his trip. No classified, sensitive, or proprietary information was on the computer’s hard drive.

Anecdote #2: A traveler found four entries for “guest access” on his laptop computer. The computer had been locked with a commercially available padlock and left in his room unattended. It was not clear if someone had actually accessed any files on the hard drive. He then checked the computer’s protection software and found another “guest entry” had been logged on. The date of this entry coincided with a previous trip the traveler took to the same country. Of course we “know” these situations could never happen to you right?  If you find yourself traveling overseas, we hope you review these tips and remember by reporting your observations to your security office. You make it possible for your security office to keep abreast of what is happening and to warn others about things they might encounter during their trip.

Next month look for tips on Counterintelligence Risks and Elicitation (Can you recognize it?)
As always, Security@SGIS.com welcomes your suggestions for any article ideas.

Reference: All anecdotes are from United States General Accounting Office, Department of Energy: National Security Controls over Contractors Traveling to Foreign Countries Need Strengthening, GAO/RCED-00-140, June 2000

Newly issued FY 2010 guidelines and policies from the White House Office of Management and Budget and the Department of Defense Component Manpower Authority are taking a stance to minimize reliance on non-specialized contracting while growing their civilian workforce.

White house executive and administration officials have new strategies to shift workforce reliance with the intent of saving $40 billion in contract funds annually starting in 2010. The strategies are designed to minimize contract reliance on non-specialized, generic, or commonly available services, and replace much of the contract workforce in those areas with government civilian acquisition programs.

In deciding between a Government Civilian solution or a contract solution, two basic rules must be answered: Is the work an inherent Government responsibility? And can the work be done by accelerating the acquisition of Government Civilians or by being brought into the Governments umbrella of inherent responsibility?

If the answer is no to both of those key questions, a permanent, or on going contract solution is easily justifiable. If the answer is yes to both questions, a Government workforce will clearly be responsible for the work. If the answer is no to one question, but yes to another, a temporary contract solution, not intended to be more than 5 years, can be implemented. The intent of temporary contract solutions will be to satisfy the requirement while also allowing the Government time to analyze the work requirement for inclusion as a Government responsibility and bring the work into the Government Civilian workforce acquisition process.

This does not negate the need for a contract workforce. Accomplishing government missions and requirements remains paramount. However, this will focus Government requirements for contractors into specialized and short-term needs, surgical solutions and unique solutions not available elsewhere. Contract solution providers must become a true solution provider instead of a generic personnel provider. Large and small companies cannot rely solely on providing personnel; they most provide true solutions, niche abilities and enhancements to existing programs that the Government cannot obtain elsewhere to reach the intended balance in Government solutions and abilities.

About the author: Jason Wilson, the SGIS Division Manager of the Intelligence and Training Division, is a recently retired US Army Warrant Officer with 21 years of military experience. Wilson has strong relevant operational and institutional credentials and subject matter expertise as well as 19 years of experience in leadership and contract supervision positions.

Specific accolades for Jason Wilson include:
Certified Project Manager (CPM)
5 years supporting DoD and US Army level acquisition programs
6 years supporting and participating in Advanced Concept Technology Demonstrations and Joint Capability Technology Demonstrations
6 years supervising a theater wide contract for Oracle and MS SharePoint development

If you are interested in reaching out to the author via discussion, visit SGIS on LinkedIn.

In a previous blog post, we discussed the growing efforts made by government officials towards cybersecurity. As the popularity of online social networking and information sharing services continue to grow, more and more security threats arise. A new military command structure will need more flexibility than traditional models to combat these threats, according to Lt. Gen. William Lord, chief of warfighting integration and chief information officer of the Office of the Secretary of the Air Force.

Lord recently spoke at an AFCEA Northern Virginia chapter and said non-traditional elements will play a big role in creating a command model that will be successful in such a domain. Cyberspace cannot be dominated because it is a commercial enterprise and not a military enterprise, he said.

As military and government officials continue finding ways to battle cyber threats, SGIS experts are working towards finding solutions to these threats as well. If you are interested in working on cybersecurity and a career with SGIS, visit our Careers page for a listing of our current openings.

Source: Federal Computer Week, “Cyber threat calls for flexibility in command model, general says” http://fcw.com/Articles/2009/09/18/Lord-emphasizes-joint-force-approach-to-battle.aspx

Cybersecurity is one of the most widely discussed topics in recent government news. The popularity of online collaboration and information sharing technologies and concerns over cyber attacks and cyber espionage have pushed the subject into the public eye.

One of this week’s most read and most e-mailed articles on NextGov.com explains the Department of Homeland Security’s new initiatives to protect federal computer networks against cyber attacks.

As a result, the Homeland Security’s U.S. Computer Emergency Readiness Team is currently developing and testing Einstein 3, an upgrade upon predecessor Einstein 2, which was criticized for being too reactive.

Homeland Security is also working towards proactive approaches with the White House and industry on a cyber incident response plan that will guide how organizations react in the occurrence of a widespread attack.

To read more about Cybersecurity and how SGIS defends individuals and government agencies against cyber attacks, click here.

Source: http://www.nextgov.com/nextgov/ng_20090910_6952.php?oref=rss

The Department of Defense Website recently underwent a huge transformation. Formerly known as “DefenseLINK.mil,” the DoD page has now become a new-and-improved “Defense.gov.” The reason for the change? A strategy to emphasize two-way, personal communication with the American public, according to Price Floyd, principal deputy assistant secretary of public affairs. The launch is targeted specifically towards the 18- to 24-year-old age group. Defense officials at the Pentagon are hoping to reach and engage these users in a number of ways by allowing them to post questions, provide feedback and participate in other interactive features.

If you haven’t been to the page yet, you’ll definitely want to take a look.

New DoD Homepage

Have you visited the new DoD Website? What security risks do you think should be addressed?

In July, Secretary of Labor Hilda L. Solis announced 17 grants, totaling more than $7.5 million dollars that would provide approximately 3,000 veterans with job training to help them succeed in civilian careers. The grants are being awarded under the U.S. Department of Labor’s Veterans’ Workforce Investment Program (VWIP).

As if this wasn’t enough good news, there will be a strong emphasis on training veterans who are interested in “green jobs.” These jobs range from fields such as energy efficiency, renewable energy and modern electric-power development to clean vehicle development. To view more information about this initiative, visit http://www.doleta.gov and look for the “green jobs” heading.

Not sure what qualifies as a “green job?” You can find more information about Green Careers here and you can view the full press release of Secretary of Labor Hilda L. Solis announcement here.