Post on 08-Jul-2018
transcript
INDUSTRY WEBINAR
InApril2017,thirty-onerepresentativesfromclearedindustryparticipatedinthefirstinaseriesofDSSinTransitionandIndustrywebinars.ItwasapromisingstarttowhatweareconfidentwillbeaclosepartnershipforreceivingfeedbackonthedevelopmentofthenewDSSmethodologyandassessingtheeffectivenessofourcommunicationeffortstoindustry.Duringthewebinar,weoutlinedthehistoryoftheDSSinTransitioninitiative,detailedthecomponentsofthenewDSSmethodology,andpresentedanoverviewofthefindingsfromourintegratedprocessteams.
Movingahead,weplanonleveraging thecollectivebackground,experience,andexpertiseoftheparticipantsasan, “industryfocusgroup.”Inthisregard,wewillbelookingtothemtoprovide feedback,identifygaps,andvalidateapproachesaswedevelopthenew DSSmethodologyandramp-upourcommunicationefforts. ThenextDSSinTransitionandIndustry webinarisscheduledforJuly2017. Meanwhile,youcanviewtheApril2017 webinarbyclickingonthefollowing link: http://cdse.adobeconnect.com/p8xk8gnjsy9/.
TheworldisrapidlychangingandtheDefenseSecurityService(DSS)ischangingtoo.Wheretheagencyonceconcentratedonschedule-drivenNationalIndustrialSecurityProgramOperatingManual(NISPOM)compliance,DSSisnowmovingtoanintelligence-led,asset-focused,andthreat-drivenapproachtoindustrialsecurityoversight.
Through2017,DSS inpartnershipwithindustrywillbedeveloping,testing,andrefiningthisnewmethodologyforhelpingclearedfacilitiesbetterprotectnationalsecurityinformationandtechnology.ThenewmethodologywillallowDSStoworkmoreeffectivelywithclearedindustryandprogrammanagerstodesigntailoredsecurityprogramswiththeultimategoalofhelpingtoensurethatcontractedcapabilities,technologies,andservicesaredelivereduncompromised.
FROM THE CHANGEMANAGEMENT OFFICE
WelcometotheinauguraleditionoftheDSSinTransitionnewsletter.Recognizingthatthischangeisfargreaterthananytheorganizationhastackledinthepast,DSSestablishedtheChangeManagementOffice(CMO)inFebruary2017.ThisofficereportstoMr.JamesKren,DSSDeputyDirector,throughMr.KevinJones,DSSinTransitionChangeManagementOfficer/Director,CenterforDevelopment ofSecurityExcellence(CDSE),andhasoversightofthechangeactivitiesacrosstheagency.Theseactivitiesincludecoordinatingallof theactionsrequiredtodesign,test,andrefinethenewDSSmethodologyandimplementingourcomprehensivecommunicationsstrategy.
Inaddition,theCMOhastheresponsibilityfordevelopingacommonapproachforchangemanagementtouseacrosstheagency.ThisapproachwillbekeytobuildingorganizationalandindividualchangemanagementcapabilitiesandcompetenciesneededtosustaintheDSSinTransitioninitiativeovertheyears.TheCMOisalsoworkingonasix-month,one-year,andtwo-yearchangemanagementplantohelpguide,coordinate,andsupportallofourenterprise-widechangeinitiativesinDSS.
Lookingahead,theCMOwillberegularlyreachingouttoclearedindustrythroughaseriesofcoregroupmeetingsandfocusgroupwebinars.TheobjectiveistocontinuouslygatherinputonhowtotransformtheintentoftheDSSinTransitiontaglineof “PartneringwithIndustrytoProtectNationalSecurity”into aworkingreality.
CURRENT NEWSPRIORITIZATION FIELD TEST
InMay2017,eightFieldOfficesfromacrossthecountryparticipatedinathree-phaseexercisetotesttheprioritizationprocessforthenewmethodology.Inthefirstphase,theISRsineachFieldOfficeweretaskedtocollectdataonalloftheirassignedfacilities,completeanExcelworkbookonNIPRNet developedspecificallyfortheexercise,andthenscoreeachfacilitybeforereturningtheworkbookstoHeadquarters.
Inthesecondphase,Headquarters addedaprioritizationscoretothefield score,includedathreatmultiplier,and developedatotalscore.Thistotalscore wasreturnedtotheFieldOfficesvia SIPRNet whereinthethirdphasethe ISRsweregiventheopportunityto eitheracceptoroverridethescores. Thefindingsofthisexercisearecurrently beingcompiledandtheresultswillbe briefedtoDirectorDan Payne inJune.
ISSUE1ISSUE1VOL1
SUMMER2017
V1V2
V3V4
C1C2
C3C4
PointsofContactMetho
ds
NISPOM+
TVIReviewV1:V2:V3:V4:
C1:C2:C3:C4:
Also:F{TVI}AssessmentsTechnologyTrendsReportOnTheGroundUnderstanding
Also:DSSDirectorStrategicGuidancePastSVAsBusinessAnalysis
MajorInput:PrioritizedTechnologies/NIPFPriorities/All-Source Commerce
Study
NewEntrantorChangedConditions
“ShoeLeather”(ISR/ISSP)
PlanforAllocatingResources
Continuouslywalkthrough12x13matrixtotailorassessmentatfacility
12x13Matrix
CollaborativelydevelopedwithDSS,Facility,andPMstodefinecountermeasures
TVIAnalysisandReviewisjointlydevelopedwithfacilitysecurity,and
involvesPMasneeded
Ø ValidateCountermeasureImplementation&ValueØ AssessEffectivenessØ UseMOEsforContinuousImprovement
*FCBtoSustainAssetList
Improveopportunityto
identifythreatorvulnerability
DataGeneratedFeedsFuturePrioritization
Asset
TheNewMethodologyisafluidanddynamicmodelconsistingoffourcomponentsthatwillcontinuetoevolve.ThePrioritizationComponentprioritizesassetsandfacilitiesbasedonnationalintelligenceinformation.Thekeytothiscomponentisthatit’sdesignedtobefield-drivenandnotheadquarterscentric.Ourplanistoempowerourfieldforcetomakeinformeddecisionsonprioritiesintheirportfolios.
TheAssetIdentificationComponentfurtherdefinesprioritizedassets.Assetscanbeunderstoodasitemsofvaluerelatedtoaprogramorclassifiedcontract,thelossorcompromiseofwhichwouldadverselyaffectnationalsecurity.Wecurrentlyareintheprocessofdevelopingbothlong-termandnear-termapproachesfordefiningprioritizedassets.Weplantolearnaswego,makecontinuousimprovements,andapplythesameapproachtodevelopingtheothercomponentsinthenewmethodology.
THE OVERALL APPROACHTheThreat,Vulnerability,Impact(TVI)AnalysisandReviewComponentanalyzesandconsidersthreatstoassets,identifiesvulnerabilitiestothoseassets,andcapturesNISPOMcompliancerequirements.WewillusetheTechnologyTrendsForecast,ThreatAlerts,andrelatedsourcestohelpidentifythesethreats,usingamatrixtohelpdeterminevulnerabilities.The Tailored Security Program (TSP) Component provides a template and necessary guidance to industry for initially developing a baseline for the TSP. Our expectation is that the baseline will closely resemble an enhanced Standard Practice Procedure (SPP) and form the foundation for the TSP. Once TSPs have been developed and implemented by industry, DSS will evaluate, validate, and continuously review them.Thefourcomponentstakentogetherwillformacontinuousloopwiththeresultsfromallcomponentsfeedingbackintotheoverallprocess.
Didyouknow?...thatover75%ofallchangemanagementeffortsfail?Oneofthemostcommonreasonswhyisthatpeopleareinherentlyresistanttochange.Thiscanmanifestitselfinmanyways.Forexample,peopleresistingchangeoftenmakestatementslike,“we'vealwaysdoneitthisway,sowhyshouldwechange?”or “wearealreadykindofdoingthingsthisway,sowewon'tchangemuch.”
DSSinTransitionisanenterprise-widechangeinitiative.Itwillfacethesametypeofresistance.Don’tletithappen.Participateinmakingthischangeareality.EveryoneinDSShastheopportunitytolearnabout,engagein,andprovidefeedbackonDSSinTransition.Bygettinginvolved,youcanhelpDSSnotonlybeattheodds,butalsoshapethefutureofindustrialsecurityoversight.
ChangeManagementFacts
IMPLEMENTATIONOver the last several months, DSS developed and implemented Integrated Process Teams (ITPs) that have been engaged indeveloping and testing each specific component of the new methodology. The Prioritization IPT’s efforts culminated in May2017 with an exercise involving eight DSS field offices to pilot and refine the processes and tools required to prioritize assetsand cleared contractor facilities. Additionally, the Asset and TVI Analysis and Review IPTs have developed draft concepts ofoperation that have been delivered to DSS leadership for review and the TSP IPT is just now beginning its work. Eventually,each component of the new methodology will be integrated into one comprehensive concept of operations, tested, andrefined before it is provided to the field for implementation.
HOW WE’RE MOVING FORWARD
PARTNERING WITH INDUSTRYIn April 2017, DSS launched an ongoing series of meetings with a core group of 18-volunteer representativesfrom cleared industry. The purpose of these meetings is to update cleared industry on the findings of theIPTs and to solicit their perspectives, ideas, and comments on the new DSS methodology. Thus far, DSS hashosted at CDSE two in-person meetings as well as a number of teleconferences to answer questions, discussissues, and solicit input on the way ahead.
In addition, DSS also has assembled an additional 40+ volunteers from cleared industry as a focus group toprovide ongoing input on the effectiveness of our communication efforts. As we ramp-up our communicationactivities, we will be looking to them to learn how we can improve both our message and delivery.
• This is an enterprise-wide initiative:It is how DSS will be doing businessin the future and will influence andinform everything the Agency does
• We are learning by doing: As wedesign, test, and validate the newmethodology, it will continue toevolve
• There is no turning back: DSS iscommitted to moving to anintelligence-led, asset-focused, andthreat-driven approach to industrialsecurity oversight
• Partnering with industry: As thenew methodology is developed,cleared industry will providefeedback, participate in exercises,and support the refinement of theprocess
• This change benefits everyone: Itwill enable those involved inindustrial security to become moreefficient, effective, and successful intheir roles
DSS IN TRANSITION –FIVE BASIC PRINCIPLES
VISITUSONTHEWEBDSSEMPLOYEES– VISITUSONSHAREPOINT
http://www.dss.milhttp://dssinside.dss.mil/transition
InformationSheet• ProvidesabroadrangeoftalkingpointsonDiT andthenewDSSmethodologyforuseinternallyandexternally
FAQs• AnswerscommonlyaskedquestionsaboutDiT,thenewmethodology,andtransitiontimeline
QuickReferenceGuide• FeatureskeymessagesonDiT andthenewDSSmethodologyina4”x6” laminatedcard
Tri-FoldCard• Definestheneed,goal,andapproachforDiT inabusinesscardsizetri-fold
AccessArticles• OffersacollectionofarticlesonDiT publishedintheDSSmagazine
Webinars• DeliversDiT updates,discussions,andanswerstoquestionsvialivewebinarsessionsthathavebeenrecorded
Infographics• DisplaysDiT keymessagesinaonepagepicture(seefollowingpageforanexample)
GeneralBriefing• Suppliesslidesandtalkingpointsforgeneralaudiences
BriefingforSeniorLeadership• HighlightsDiT purpose,approach,andexpectedoutcomesina
DiT COMMUNICATION PRODUCTS
customizedsetofslidesandtalkingpointsforseniorlevelaudiences
PleasecontacttheDSSChangeManagementOfficeforcustomizedcommunicationproducts
Defense Security Service, April 2017
Our goal is to help ensure contracted capabilities, technologies, and services are delivered uncompromised
Partnering with Industry to Protect National Security
The Defense Security Service (DSS) is changing its approach to industrial security oversight
DSS is moving from a focus on schedule‐driven compliance to an intelligence‐led, asset‐focused, and threat‐drivenapproach to industrial security oversight
The New Methodology is a fluid and dynamic model that will continue to evolve
It consists of four primary components:• Asset Prioritization• Asset Identification• Threat, Vulnerability, and Impact Analysis• Tailored Security Programs
Cleared industry is partnering with DSS on the New Methodology to:
• Support the design and development of the components• Participate in practical exercises to validate processes• Analyze and challenge approaches and assumptions• Provide feedback on communication strategies, methods, and messages