1st Edition

Sensitive Security Information, Certified® (SSI) Body of Knowledge

    348 Pages 6 B/W Illustrations
    by CRC Press

    348 Pages
    by CRC Press

    Sensitive security information (SSI) is a category of sensitive but unclassified information under the United States government's information sharing and control rules. SSI plays a crucial role in all types of security. It is information obtained in the conduct of security activities which, if publicly disclosed, would constitute an unwarranted invasion of privacy, reveal trade secrets, share privileged or confidential information, harm transportation security, or allow hostile elements to avoid security controls.

    Divided into seven sections, the Sensitive Security Information Certified® (SSI) Body of Knowledge provides a comprehensive source that helps you prepare for certification in SSI protection. It reviews and discusses relevant topics in

    • The history and definition of SSI
    • Espionage, security breaches, and detection
    • Personal information security
    • Corporate security
    • Government security
    • Legislation and regulations
    • Identity theft

    Within the sections, the book covers a wide range of subjects related to aiding protection of SSI, including

    • Good information practices
    • The psychology of spies
    • Methods to detect potential betrayal
    • Methods for handling sensitive information
    • Establishing security plans for sensitive information
    • Monitoring techniques such as the use of closed-circuit video cameras

    In a world of ever-changing technology with massive amounts of information available to the public in a matter of seconds, government, businesses, and individuals must take extra precautions in securing their SSI. This book equips you with the essential knowledge to become certified in SSI protection, and will serve as a valuable reference afterward in remaining an effective security professional charged with protecting SSI.

    PERSPECTIVE

    The History of SSI
    The Context of Sensitive Security Information (SSI)
    Defining SSI
    Securing SSI
    Bibliography

    Terms and Definitions
    Government Information
    Public Information
    Personal Information
    Sensitive but Unclassified (SBU) Information
    Bibliography

    The Importance of SSI
    Dangers to Sensitive Information
    Thwarting Economic Espionage
    Sensitive Information and Where It Exists
    Identifying Computer Vulnerabilities
    Domestic Economic Espionage
    Bibliography

    The History of the SSI Classification System
    1951: Executive Order 10290
    1953: EO 10501
    1966: Freedom of Information Act
    1974: The Privacy Act
    1977: Presidential Directive (PD/NSC-24)
    1985: National Security Decision Directive
    1987: Computer Security Act
    1992: "CIA Openness"
    1995: EO 12958
    2002: The Card Memorandum
    2003: EO 13292
    2005: SBU Information Memorandum
    Bibliography

    ESPIONAGE AND SECURITY BREACHES

    The History of Spies and Espionage
    Espionage in Ancient Times
    Espionage: Ninth Century AD–Eighteenth Century AD
    Pre-20th-Century Events
    The Revolutionary War
    The 1800s: New Inventions
    Civil War Spying
    Early 20th Century
    World War I: A Proving Ground for Espionage
    Spies Helped Allies Win World War II
    The Cold War
    September 11, 2001, and Its Aftermath
    Recent History—More Lapses in Security
    Bibliography

    Espionage and Psychology
    Janet Mielke Schwartz, PhD, DABFE, DACFM, DABPS, FACE, CHS III
    Development of the Office of Strategic Services
    Mission and Purpose of the OSS
    The Making of a World War II Spy
    Exploring the Mind of a Spy
    Categories of Spies
    Indicators of a Growing Problem
    Concluding Remarks
    Bibliography

    Spies and Espionage
    Profile of a Spy
    A Double Life
    Types of Spies

    Social Engineering and Countermeasures
    Social Engineering
    Countermeasures
    Bibliography

    Deception Detection
    Establish a Baseline
    Common Suspicious Behaviors
    Macro and Micro Expressions
    Eye-Accessing Cues
    Truth Detection Equipment
    Your Intuition
    Handwriting Analysis

    PERSONAL INFORMATION SECURITY

    Home Computer Security
    E-mail Issues
    Website / E-commerce Issues
    Social Networking and Cyberstalking
    Other Issues
    Bibliography

    Security while Traveling
    Travel Preparations
    Importance of Identification
    Travel Precautions
    Precautions while Staying in a Foreign Country

    SECURITY WITHIN BUSINESS

    Securing Business SSI
    Corporate Spying
    No Business Is Safe
    International Organization for Standardization Guidelines
    Choosing a Security Company
    Responding to a Security Breach
    Preventing Physical Theft
    Security Breach Notification Laws
    Your Opportunity to Comment

    ANSI Standards
    The ANSI INCITS 359-2004
    ANSI INCITS 359-2004 Organization
    ANSI INCITS 359-2004 as the RBAC Standard
    Bibliography

    Corporate National Institute of Standards and Technology (NIST)
    The Importance of Using National Institute of Standards and Technology (NIST)
    Due Care and Due Diligence
    Processes and Methodologies
    Advantages of Using NIST
    Conducting Risk Assessments

    Cybersecurity
    Information Storage and Transmission
    Cybersecurity Challenges
    Protecting Your Most Sensitive Information
    E-mail
    Cyber Checklists
    Data Storage Tips

    GOVERNMENT SECURITY NEEDS

    The Intelligence Process
    Intelligence and Counterintelligence
    Military Intelligence
    Bibliography

    The Law and Homeland Security
    Background
    Executive Summary
    History of Electronic Surveillance and FISA Court
    Political Fallout of Electronic Surveillance
    Impact of Electronic Surveillance
    Bibliography

    The Department of Homeland Security (DHS) Structure
    Department Subcomponents and Agencies
    Department Components

    LEGISLATION AND REGULATIONS

    Government Laws
    Economic Espionage Act of 1996
    Bibliography

    Government and HIPAA
    SSI-Related Laws and Terminology
    Access to Information
    Privacy of Electronic Data and Computers
    Cryptology
    Privacy Laws
    Trade Secrets

    National Industrial Security Program (NISP)
    NISP Overview
    Classified Information
    Components of the NISP (DOD)
    The FSO and the Industrial Security Representative (IS REP)
    Structure of DSS: Industrial Security

    Sensitive but Unclassified (SBU) Information Control Procedures
    Policies to Control SBU Information
    Policies to Protect Specific Types of Sensitive Information Involving Scientific and Technical Applications
    SSI Controls: Transportation
    Identifying and Handling SSI
    Controls on Environmental Impact Information
    Controls on Unclassified Biological Research Information
    Issues Dealing with Geospatial Information
    The DHS’s SBU Directives

    Operation Security: A Law Enforcement Concern
    The Role of Operational Security
    Information Sources for Criminals
    Preventing Breach of Security
    Developing a Security Plan

    Camera Surveillance
    Dennis Treece
    Setting up Camera Surveillance
    Issues to Consider

    Eavesdropping Threats and IP Phone Systems
    Eavesdropping Threats
    IP Phone Systems

    Facility Security
    Homeland Security Presidential Directive 12
    Who Manages the PIV Program?
    What Do You Need to Implement PIV-I?
    What Do You Need to Prepare for PIV-II?
    Integration with Existing Infrastructure

    IDENTITY THEFT

    Fair and Accurate Credit Transactions Act
    Overview
    What Is FACTA?
    What Agencies Promulgated the Red Flags Rule?
    FACTA Guidance
    Penalties for Non-Compliance to Red Flags
    Benefits of Complying to Red Flags

    Identity Theft Red Flags under FACTA
    Red Flags
    Identity Theft Defined
    Types of Identity Theft

    Development and Implementation of a Red Flags Prevention Program
    Written Program
    Administering the Program
    Maintaining an Identity Theft Red Flags Program
    Bibliography

    Biography

    The Center for National Threat Assessment (CNTA) is an intellectual property management group that is responsible for overseeing the certification process of professionals in homeland security, forensics, psychotherapy and integrative medicine. CNTA manages the American Board for Certification in Homeland Security, the American College of Forensic Examiners Institute, the American Psychotherapy Association, and the American Association of Integrative Medicine. Leading professionals from the four associations provide CNTA with a pool of intellectual capital and enhance the field of their respective profession by writing and publishing important articles in four monthly peer-reviewed journals: Inside Homeland Security, The Forensic Examiner, the Annals of American Psychotherapy, and The American Association of Integrative Medicine Journal. The CNTA is responsible for the maintenance and development of over 32 certifications in homeland security, forensics, psychotherapy, and integrative medicine. The CNTA strives for all of its exams and certification processes to be psychometrically valid and meet the American National Standards Institute’s 17024 international standards for personnel certification.