What great FSO’s read!
We need to talk.
I cannot lie. It is always a little scary when your Defense Security Service Representative reaches out for a “conversation”. I mean, they are there to support FSOs but it is not like they are going to call out of the blue and say, “Hey – I have been sitting here thinking about all the amazing things you are doing and I just wanted to let you know!” (Wouldn’t that be nice though?!)
However, as part of the DiT (see last month’s term reference if you already forgot what that stands for), DSS Representatives are emailing and calling more than ever at the moment.
If you have not received a call or email yet, here is how mine went down: “I am concerned about the lack of Suspicious Contact Reports from your company.”
There was a lot more dialogue than that and it ended on a good note, but I have heard that DSS will be making more of these calls to FSOs so I wanted to share a “FSO Success Story” with you…
- Contact DSS.NISS@mail.mil if you are having issues with your NISS login.
- Plan and Execute your SCR Awareness, training and gathering!
- Log into JPAS and any other timed database so you don’t get locked out.
- Remove any personnel who should not be in JPAS by out-processing or contract ending.
- Run a PR report to determine who
is due for a periodic reinvestigation.
If it is 90 days out or less, start the
- Check visit requests or VARS to see
if they are going to expire or have
out-processed people on them.
- Begin any new hire clearance actions
30 days out if needed.
- Look at the expiration dates on
your classified contracts (DD254)
and coordinate with your Contracts
Administrator to see if they are
being extended or ending soon for
de-briefings if necessary.
- Administer any scheduled annual
training: Annual Refresher, Insider
- Encourage your team to avoid
green beer and anything that could
lead to a citation for public disorderly
conduct on St. Patrick’s Day!
C’mon Eileen – none for you!
From Zero to HERO on Suspicious Contact Reporting!
The jist of our conversation was IF cleared defense contractors are not reporting anything suspicious, then the FSO “was not training them properly.”
Fair or not fair, that was the conclusion. So, we implemented a plan with our cleared personnel and went from zero SCRs to a record amount for the company!
Here is how we did it
(cue Rocky-montage music!).
- First – We prepared our SCR Awareness – DSS.mil has all
sorts of tools to train you to train your cleared personnel
on how to identify SCRs. Ask this guy for my favorite resource!
- Second – We provided some SCR samples to the cleared
Some of you may be able to provide samples of previous
SCRs to your cleared personnel so they know what to look
for and report. If not, here are just a few real-life SCR
samples from the FSO PRO team:
This should be a great exercise. It will either tell you that you are doing fantastic or identify areas where you want to “take it up a notch” in 2018. If it stresses you out, enjoy some holiday chocolate while completing it and use that sugar buzz to plan for next year! Have you …
We’re going to need a montage!
We’re still in the montage!
- Real life SCR: A foreign collector attempted to gain access
through employment. The HR Director noticed that the jobseeker
had held various jobs all over the world for less than 2
months each. This was reported to DSS through the employee
and the FSO and was determined to be a collector.
- Real life SCR: A traveler came back to the hotel and his
work folders had been tampered with. He changed hotels and
reported it upon return.
- Real life SCR: A man approached a cleared contractor at a
“Government Contracting” event show with a business card
and expressed his desire to get into “defense contracting”.
After review, the “office” address on the business card did not
exist and the phone number – from New Jersey – rerouted
- Real life SCR: A green car was seen parked across the street
from a cleared contractor’s building for several days. The
guards reported and noted the length of time, make/model of
the vehicle and license plate. After a week or so, the car approached
the building and made an attempt to access it by
vaguely describing one of the employees and making it sound
as though they had an appointment. This was reported to
Defense Security Service and no attempt was made again.
- Real life SCR: An IT Systems professional went onto Craig’s
list seeking some equipment for a lower price. His inquiry
was routed to a Russian-based escort service. He reported it
to his FSO, but the site was clearly set up for a potential
“bond of affection” with an IT professional that may have a
- Third – We went the distance and interviewed our cleared personnel.
This took the longest. However, using that Self-Inspection Training from CDSE combined with questions in the Self-Inspection Handbook helped us have real dialogue with our cleared personnel and obtain several SCRs immediately!
- Fourth – We brought in a Big Gun!
All FSOs have access to a Counter-Intelligence Special Agent (CISA) who is willing to brief your team on suspicious contacts and other threat awareness information. It is free (love that price!!) and boy do they have SCR samples!
- Fifth – We hyped it up!
People like to be a part of something great and thwarting the enemy is pretty great. We shared with the leadership and the team what we were trying to do. We began letting everyone know how many SCRs we had received. We reported at staff meetings and in newsletters. This kept everyone aware AND reporting.
This is to represent your own personal Ivan Drago. We all have an Ivan Drago. For some, it may be Suspicious Contact Reports. For others, it may be a giant Russian boxer on steroids. Whatever your personal Ivan Drago is, FSO PRO is there to help.
We realize that there were a lot of Rocky references this time. But it just went so well with everything.
Most importantly, we helped protect our great nation by reporting these suspicious contacts to the US Government.
Oh – and one more thing ….
If you are going to report an SCR – make sure you do it right!
DSS is asking that FSOs do a better job reporting suspicious
- Obtaining the name/contact information of your Counter-Intelligence Special Agent (CISA) from your DSS Rep. It is as easy as “Hey Eileen – who is my CISA?” (but in a nice, professional way.)
- When sending suspicious contact reports (e.g., foreign national resumes, spam/spear phishing, odd requests for information, social media requests from foreign nationals, etc.), foreign national names for vetting, etc., please ensure you send the reports to your assigned CISA with a copy to your DSS Rep. Put Eileen on the CC line!
- Ensure you include your CAGE Code and company name in the subject line (e.g., 12DF4 ABC Company, Inc. –
Suspicious contact or 12DF4 ABC Company, Inc. – Foreign National visitor(s)). Eileen has 90 companies to track and the CISA has even more– help ‘em out!
- When sending emails that are suspicious, ensure you obtain the expanded headers (instructions for most can be
found here otherwise, your CISA agent cannot do much with the email. If the email has an attachment, you can submit via Apiary – ask this guy for a copy of that! If the email does not have an attachment, utilize the expanded header instructions to send to your CISA.
Who is FSO PRO?
PO BOX 70095
Fort Bragg, NC 28307
Terms This Month:
DiT: (yes, I am providing it again – I am a pushover like that) DSS in Transition.
SCR: Suspicious Contact Report
CISA: Counter Intelligence Special Agent
CDSE: Center for Development of Security Excellence
STEPP: Security Training, Education and Professionalization Portal
FSO PRO thanks all the FSOs out there for everything you do to keep the warfighter safe. Even the smallest task is designed to keep our nation’s information out of the hands of those who would do harm. We, as FSOs, are doing our part to stay vigilant and determined to protect those who protect us, even in our own small way.
That is why we say how awesome you are. And thank you.