ANNUAL SECURITY

EDUCATION, TRAINING AND

AWARENESS (SETA)
Joseph F. Ricchiazzi
Security Program Manager

Lance C. Guedry
Antiterrorism / Physical Security Specialist

Benjamin L. Delatte
Personnel Security Specialist

UNCLASSIFIED
SECURITY EDUCATION, TRAINING AND AWARENESS
2

TRAINING (SETA)
What is SETA Training
• SETA is an education and awareness program that provides the USACE workforce
with the knowledge and practices necessary to effectively protect themselves, our
information and assets.

• The SETA program falls under the G2/National Security Programs managed by
Security Offices throughout the Corps.

• SETA training is mandated in Army Regulation 380-5, The Army Information Security
Program, and is usually accomplished through multiple online and in-person
trainings throughout any given year.

• It applies to personnel WITH and WITHOUT clearances, and includes daily security
practices that, when properly executed by the workforce, increase our protective
posture and enables us to securely complete our missions.

UNCLASSIFIED
 3

FOCUS AREAS FOR THIS TRAINING

 Personnel Security Clearance Process

 Information Security Program

 Physical Security Program

 Operations Security (OPSEC) Program

 Antiterrorism/Force Protection Program

 Foreign Travel

UNCLASSIFIED
 4

PERSONNEL SECURITY CLEARANCE PROCESS

The Personnel Security Program: This program provides security policies and
procedures; establishes standards, criteria, and guidelines for personnel security
determinations and overall program management responsibilities.

Position Designations
Special-sensitive: Access to Sensitive Compartmented Information (SCI)/Top
Secret (TS) or Special Access Program (SAP). Potential for inestimable damage to
National Security.
Critical-sensitive: Access to Top Secret (TS). Potential for exceptionally grave
damage to National Security.
Noncritical-Sensitive: Access to Secret or Confidential. Potential for significant or
serious damage to National Security.
Non-sensitive: No Clearance or other sensitive

UNCLASSIFIED
 5

PERSONNEL SECURITY CLEARANCE PROCESS

UNCLASSIFIED
 6

PERSONNEL SECURITY SELF-REPORTING

Self Reporting

Report changes in:

Status: Marriage, co-habitation, addition of new family member
Adverse Information:
• Criminal activity (domestic violence, issuance of restraining order)
• DUI/DWI
• Traffic tickets over $300
• Excessive indebtedness, financial difficulties, bankruptcy
• Use of illegal drugs
Foreign Contacts: Close or continuing association with foreign nationals

Reporting does not automatically result in revocation of eligibility, so don’t be afraid to report!

UNCLASSIFIED
 7

INFORMATION SECURITY
LEVELS OF CLASSIFIED INFORMATION
Information Security: a system of policies, procedures, and requirements established to protect
classified and controlled unclassified information (CUI) that, if subjected to unauthorized
disclosure, could reasonably be expected to cause damage to National Security.

Top Secret: Could cause exceptionally grave damage to national security (SF703)

Secret: Could cause serious damage to national security (SF704)

Confidential: Could cause damage to national security (SF705)

Controlled Unclassified: Could cause foreseeable harm to

National Security (DA Label 87)
UNCLASSIFIED
 8

INFORMATION SECURITY
ORIGINAL CLASSIFICATION

ORIGINAL CLASSIFICATION: The initial decision that an item of information could reasonably be
expected to cause identifiable or describable damage to the national security if subjected to
unauthorized disclosure and requires protection in the interest of national security.

• Information may be originally classified only by the Secretary of Defense, the Secretaries of the Military
Departments, and other officials to whom they delegate this authority in writing.

• Delegation of OCA shall be limited to the minimum number of officials required for effective operation
of the Department of Defense.

• The authority shall be delegated to, and retained by, only those officials who have a demonstrable and
continuing need to exercise it.

UNCLASSIFIED
 9

INFORMATION SECURITY
DERIVATIVE CLASSIFICATION

DERIVATIVE CLASSIFICATION: Defined as incorporating, paraphrasing, restating, or generating in

new form, information that is already classified, and marking the newly developed material
consistent with the classification markings that apply to the source information.

Derivative Classification Requirements

• Appropriate security clearance

• Need-to-know
• Properly trained

UNCLASSIFIED
 10

INFORMATION SECURITY MARKING SYNTAX

Classification
Markings
are for Training
Purposes Only

UNCLASSIFIED
 11

INFORMATION SECURITY
PROCESSING CLASSIFIED INFORMATION
Rules for Processing Information: Use systems accredited or authorized to process information
at the appropriate level.

Do Not
• Install Software without approval
• Use another person’s username and password
• Allow an unauthorized person to use your computer
• Circumvent or defeat security systems
• Permit unauthorized access to any sensitive computer network
• Modify or alter operating system configuration
• Write down your password

UNCLASSIFIED
 12

INFORMATION SECURITY
CONTROLLED UNCLASSIFIED INFORMATION (CUI)

CUI: Unauthorized disclosure could cause foreseeable harm.

Examples of CUI
• All information on the Critical Information List
o Investigation documents
o Inspection reports
o Agency budgetary information
o Procurement bids/proposals
o Personally Identifiable Information (PII)
o Information protected under Privacy Act of 1974
o Protected Health Information (PHI)
• Staff Notes
• ID Card (DOD ID#)
• Digital Signatures (Don’t Post in Public Areas)

UNCLASSIFIED
 13

INFORMATION SECURITY SAFEGUARDING

Safeguarding Information

Safeguard Classified Information Safeguard Controlled Unclassified Information

(CUI)
• GSA approved container • Locked cabinets if no guard present
• Vaults • Unlocked cabinets if a guard is present
• Secure rooms • Rooms with locked outer office doors
• Secure telephone • Keep covered with FOUO or PII cover sheets
• Maintain control, never leave unattended • Binders and file folders on shelves do not need
• Do not talk around using codes or hints additional protection
• Do not divulge to unauthorized persons • Staffing folders should have appropriate cover
sheets stapled to the outside of the folder. Staff
Summary sheets must also be marked if
discussing FOUO
UNCLASSIFIED
 14

INFORMATION SECURITY MAILING CONTROLLED DOCUMENTS

Mailing Classified Information Mailing CUI Information

• Cover sheet required; opaque envelope • Address packages that contain CUI only to a
• Mark highest classification level SPECIFIC RECIPIENT
• Wrap and tape envelope • DO NOT put CUI Markings on the outside of an
• Address properly envelope or package for mailing/shipping.
• Complete a document receipt • Use in-transit automated tracking and
• Mitigate tampering accountability tools where possible.

UNCLASSIFIED
 15

INFORMATION SECURITY TRANSMITTING CUI

Transmitting or Transporting CUI

Transmit/Transport CUI via:

• U.S. Postal Service certified mail, parcel post, or fourth class mail
• Approved secure communications systems (Encrypted e-mail with appropriate markings)
• Facsimile if appropriate protection is available at receiving location (FOUO/PII Cover Letters)

UNCLASSIFIED
 16

INFORMATION SECURITY DESTRUCTION

Destruction of Classified / CUI materials

Destruction of Classified Material Destruction of CUI

• NSA approved crosscut shredder • Same methods as classified
• Burning • Only Use NSA EPL Approved Shredders
• Wet pulping
• Mutilation
• Chemical decomposition
• Pulverizing

UNCLASSIFIED
 17

INFORMATION SECURITY

Government Information & Public Media

Classified and CUI Information in the Public Media

• Do not confirm or deny information

• Do not respond to questions about programs or projects
• Remember that the information you work with daily is not yours.
• Do not release CUI without approval just because it’s already in the public sphere.
• Refer all questions to the Public Affairs Office (PAO) and your Security Manager

UNCLASSIFIED
 18

INFORMATION SECURITY INCIDENTS

Security Incident: Categorized as an infraction or a violation.

Infraction
• No loss or compromise of information.

Violation
• Loss – material cannot be accounted for or physically located.
• Compromise– material disclosed to an unauthorized person.
• Negligent Discharge of Classified Information (NDCI) - occurs when data is placed on
an IT system with insufficient controls at the required classification level.

Report infractions and violations immediately to your Security Officer

UNCLASSIFIED
 19

INFORMATION SECURITY SANCTIONS

You are subject to sanctions if you knowingly, willfully, negligently:

• Disclose classified or sensitive information to unauthorized persons
• Classify information in violation of DoD regulations
• Violate any provision of AR 380-5, Department of The Army Information Security Program.

Sanctions include:

• Warning • Discharge from military service

• Reprimand • Criminal Prosecution
• Loss/denial of classified access • Termination of employment
• Suspension without pay

UNCLASSIFIED
 20

INDUSTRIAL SECURITY

Working with Contractors

Contractors may or may not be cleared

• Verify through a valid visit authorization and/or DD Form 254, Department of Defense
Contract Security Classification Specification
• Cleared under National Industrial Security Program (NISP)
• Follow requirements of DoD 5220.22-M, National Industrial Security Program Operating
Manual (NISPOM)
• Required to comply with your organization’s security program

Check with your security office for information on verifying contractor employee clearance
eligibility and need to know.
UNCLASSIFIED
 21

THREAT AWARENESS AND REPORTING

Insider Threat: A person with placement and access who intentionally causes loss or
degradation of resources or capabilities or compromises the ability of an organization
to accomplish its mission through espionage, providing support to international
terrorism, or the unauthorized release or disclosure of information about the plans
and intentions of U.S. military forces.

INSIDER
Intentional Unintentional
THREAT

Edward Snowden, Bradley Manning, & Reality Winner Kristian Saucier

UNCLASSIFIED
 22

THREAT AWARENESS AND REPORTING

Some Indicators of potential exploitation of DoD information systems
• Excessive probing or scanning from either an internal or external source.
• Tampering with or introducing unauthorized elements (data, software, or hardware) into information systems.
• Hacking or password cracking activities.
• Unauthorized network access or unexplained user account.
• Social engineering, electronic elicitation, e-mail spoofing, or spear phishing.*
• Use of DOD account credentials by unauthorized parties.
• Downloading, attempting to download, or installing non-approved computer applications.
• Key logging.
• Rootkits, remote access tools, and other “backdoors.”
• Unauthorized account privilege escalation.
• Unexplained storage of encrypted data.*
• Unauthorized use of removable media, or other transfer devices.
• Unauthorized e-mail traffic to foreign destinations.
• Unauthorized downloads or uploads of sensitive data.
• Data or software deletion.
• Log manipulation.

UNCLASSIFIED
 23

PHYSICAL SECURITY

Physical Security: Active and passive measures to prevent unauthorized access to personnel,
equipment, installations, and information, in order to safeguard them against espionage,
sabotage, terrorism, damage, and criminal activity.

Physical Security Countermeasures

• Barriers/Fencing: establish boundaries and deter individuals.
• Intrusion Detection System (IDS): deter, detect, document, deny, or delay intrusion
by detecting a change in the environment.
• Security forces: DoD, military, contract personnel, and trained dogs.

Controlled Areas
• PS Countermeasures apply to all controlled areas.
• All USACE Administrative Office areas are “Controlled Areas”.
• District policy may exclude some areas such as visitor centers or field offices.

UNCLASSIFIED
 24

PHYSICAL SECURITY

Escort Requirements
• Ensure access to controlled areas by non-cleared personnel is minimal.
• Only DoD civilians, cleared contractors and military personnel are authorized to escort non-
cleared personnel.
• Ensure visit requests are submitted to the Security Office for uncleared visitors, especially
when visiting restricted areas.
• Ensure all visitors sign the Visitor Log upon entry.
• Escorts must remain with escorted personnel at all times.
• Check with your local security office for specific escort procedures.

UNCLASSIFIED
 25

OPERATIONS SECURITY (OPSEC)

OPSEC: Is the Army’s process for identifying and mitigating risk to our operations by looking at
those operations through the eyes of our adversaries’ intel gathering ability. OPSEC
considerations must be factored into production, use, storage and destruction of our protected
information; Controlled Unclassified Information (CUI) and For Official Use Only (FOUO).

UNCLASSIFIED
 26

OPERATIONS SECURITY 5 STEP PROCESS

The 5 Step Process:

UNCLASSIFIED
 27

OPERATIONS SECURITY CRITICAL INFORMATION LIST

Critical Information List: Information the Commander deems critical to our ability to conduct
USACE missions, which if obtained by an adversary, could cause mission failure or other
unacceptable consequences.

USACE
CIL

MVD
CIL

CIL is: District

CIL
• Protected Information

• Exempt from FOIA in most cases.

UNCLASSIFIED
 28

OPERATIONS SECURITY PRACTICES

OPSEC Practices for Employees:

• Remove ID badge when you leave your facility.

• Do not post or send sensitive/controlled information on the internet.
• Guard against probing callers trying to obtain sensitive information.
• Do not discuss sensitive information in public, or over the telephone.
• Watch for and report suspicious activity.

UNCLASSIFIED
 29

OPERATION SECURITY FOR HOME

UNCLASSIFIED
 30

OPERATIONS SECURITY
SOCIAL NETWORKING SITES

• Social networking sites (SNSs), like Facebook® and Twitter®, are great ways to connect with
people, share information, and market products and services. However, these sites can also
provide adversaries, such as terrorists, spies and criminals, with the critical information they
need to disrupt your mission and harm you, your co-workers, or even your family members.

• The more information adversaries can obtain, the more opportunities they have to cause
damage at your expense. Practicing good operations security (OPSEC) will minimize the risks
that come from participating in SNSs, and help you to recognize and protect your critical
information..

UNCLASSIFIED
 31

OPERATIONS SECURITY SOCIAL NETWORKING

SITES COUNTERMEASURES
Follow computer security guidelines: Adversaries prefer to go after Treat links and files carefully: Social engineers and hackers post
easy targets. Keep your computer security up-to-date and make links in comments and try to trick you into downloading an “update,”
yourself a hard target. “security patch,” or “game.”

Never login from risky locations: Public SNSs generally do NOT have Don’t trust add-ons: Plugins, games, and applications are often
secure login available (HTTPS with the lock icon). If you login from a written by other users, not the SNSs themselves. The authors can
hotel, cyber-café, or airport hotspot, particularly ones in foreign easily gain access to your data once you install them.
countries, your name and password can be captured at any time.
Don’t post critical information: If you don’t want it public, don’t
Keep your password secure: Use different, strong passwords for each post it. Search engines and functions make it easy for adversaries to
online account. Never give your password away. find what they’re interested in. Once information is on the Internet,
it is there forever.
Modify your search profile: Do a search for yourself and if too much
data comes up, go to your settings and restrict your search profile. Review your friends’ profiles: The photos or information they post
about you may be a problem.
Don’t depend on the SNS for confidentiality: Even SNSs that aren’t
open and public by design can become so due to hacking, security Control “friend” access: Verify a “friend” request by phone or other
errors, poor data management practices, and data brokering. In some means before allowing access. Group “friends” (e.g., real life, co-
cases, the site terms of service explicitly claim ownership of all your workers, strangers, etc.) and control access permissions based on
posted content. the groups.

UNCLASSIFIED
 32

ANTITERRORISM (AT) PROGRAM

• ANTITERRORISM: Defensive measures used to reduce the vulnerability of individuals and

property to terrorist acts, to include limited response and containment by local military and
civilian forces.

• AT PROGRAM: A collective, proactive effort focused on the prevention and detection of

terrorist attacks against DoD personnel and their families, facilities, installations and
infrastructure critical to mission accomplishment as well as the preparation to defend against
and planning for the response to the consequences of terrorist incidents.

UNCLASSIFIED
 33

ANTITERRORISM
FORCE PROTECTION CONDITIONS (FPCONS)
The DoD FPCON System describes the progressive level of protective measures that are implemented by all the
DoD Components in anticipation of or in response to a terrorist threat or attack. This system is the principal
means through which commanders apply an operational decision on how to best guard against the terrorist
threat and reduce the risks of terrorist attacks and other security threats to DoD personnel, units and activities.

FPCON NORMAL: Applies at all times as a general threat of terrorist attacks, hostile acts, or other security threats
always exists in the world.

FPCON ALPHA: Applies to a non-specific threat of a terrorist attack or hostile act directed against DOD elements
and personnel.

FPCON BRAVO: Applies when an increased or more predictable threat of a terrorist attack or hostile act exists
and is directed against DOD elements and personnel.

FPCON CHARLIE: Applies when a terrorist or hostile act incident occurs within the commander’s area of interest,
or intelligence is received indicating a hostile act or some form of terrorist action or targeting against DOD
elements, personnel, or facilities is likely.

FPCON DELTA: Applies when a terrorist attack or hostile act has occurred or is anticipated against specific
installations or operating areas.
UNCLASSIFIED
ANTITERRORISM 34

THREAT AWARENESS AND REPORTING (TARP)

TARP: Is a program that allows personnel to report any incident of known or suspected
espionage, international terrorism, sabotage, subversion, theft or diversion or military
technology, information systems, intrusions, and unauthorized disclosure of classified
information (Confidential, SECRET, TOP SECRET). This Program is geared more towards the
Insider Threat.

UNCLASSIFIED
 35

ANTITERRORISM

UNCLASSIFIED
 36

ANTITERRORISM / ACTIVE SHOOTER

Copy and place the below link in your internet browser to view the Department of Homeland
Security Active Shooter Video (Run, Hide, Fight) and complete active shooter training.

https://www.bing.com/videos/search?q=https%3a%2f
%2fwww.youtube.com%2fwatch%3fv
%3d5VcSwejU2D0%26feature
%3dyoutu.be&&view=detail&mid=20D7A79E108D495537
D320D7A79E108D495537D3&&FORM=VRDGAR&ru=
%2Fvideos%2Fsearch%3Fq%3Dhttps%253A%252F
%252Fwww.youtube.com%252Fwatch%253Fv
%253D5VcSwejU2D0%2526feature%253Dyoutu.be
%26go%3DSearch%26qs%3Dds%26form%3DQBVDMH

UNCLASSIFIED
 37

OFFICIAL FOREIGN TRAVEL

All DoD Federal Employees MUST provide advance notice of foreign travel plans to
the Security Office.

Foreign Travel Requirements

• Official Foreign Travel by MVD Employees is a CCIR and requires the below actions led by your
Security Officer.
• Obtain defensive foreign travel security briefing prior to travel or at least once a year.
• Obtain country specific briefing from the Counterintelligence Officer (if required).
• Current Antiterrorism/Force Protection Level 1 training.
• Contact nearest U.S. Consulate, Defense Attaché, Embassy Regional Security Officer, or Post
Duty Officer if detained or subjected to harassment or provocation.
• Be debriefed on return by a Counterintelligence Officer (if required).

UNCLASSIFIED
 38

UNOFFICIAL FOREIGN TRAVEL

A Foreign Travel Brief is Required for all personnel with a security clearance prior to departing
on Unofficial Foreign Travel - See your Security Officer.

Unofficial Travel by personnel without Clearances.

• It is recommended that USACE employees traveling for leisure or unofficially contact their
local security officer for a foreign travel brief.
• Foreign Travel Briefs may be given to spouses and other family members traveling with our
employees.

UNCLASSIFIED
 39

ANY QUESTIONS?

UNCLASSIFIED