Sensitive Security Information, Certified® (SSI) Body of Knowledge

Sensitive security information (SSI) is a category of sensitive but unclassified information under the United States government's information sharing and control rules. SSI plays a crucial role in all types of security. It is information obtained in the conduct of security activities which, if publicly disclosed, would constitute an unwarranted invasion of privacy, reveal trade secrets, share privileged or confidential information, harm transportation security, or allow hostile elements to avoid security controls. Divided into seven sections, the Sensitive Security Information Certified® (SSI) Body of Knowledge provides a comprehensive source that helps you prepare for certification in SSI protection. It reviews and discusses relevant topics in The history and definition of SSI Espionage, security breaches, and detection Personal information security Corporate security Government security Legislation and regulations Identity theft Within the sections, the book covers a wide range of subjects related to aiding protection of SSI, including Good information practices The psychology of spies Methods to detect potential betrayal Methods for handling sensitive information Establishing security plans for sensitive information Monitoring techniques such as the use of closed-circuit video cameras In a world of ever-changing technology with massive amounts of information available to the public in a matter of seconds, government, businesses, and individuals must take extra precautions in securing their SSI. This book equips you with the essential knowledge to become certified in SSI protection, and will serve as a valuable reference afterward in remaining an effective security professional charged with protecting SSI.

PERSPECTIVEThe History of SSIThe Context of Sensitive Security Information (SSI)Defining SSISecuring SSIBibliographyTerms and DefinitionsGovernment InformationPublic InformationPersonal InformationSensitive but Unclassified (SBU) InformationBibliographyThe Importance of SSIDangers to Sensitive InformationThwarting Economic EspionageSensitive Information and Where It ExistsIdentifying Computer VulnerabilitiesDomestic Economic EspionageBibliographyThe History of the SSI Classification System1951: Executive Order 102901953: EO 105011966: Freedom of Information Act1974: The Privacy Act1977: Presidential Directive (PD/NSC-24)1985: National Security Decision Directive1987: Computer Security Act1992: "CIA Openness"1995: EO 129582002: The Card Memorandum2003: EO 132922005: SBU Information MemorandumBibliographyESPIONAGE AND SECURITY BREACHESThe History of Spies and EspionageEspionage in Ancient TimesEspionage: Ninth Century AD–Eighteenth Century ADPre-20th-Century EventsThe Revolutionary WarThe 1800s: New InventionsCivil War SpyingEarly 20th CenturyWorld War I: A Proving Ground for EspionageSpies Helped Allies Win World War IIThe Cold WarSeptember 11, 2001, and Its AftermathRecent History—More Lapses in SecurityBibliographyEspionage and PsychologyJanet Mielke Schwartz, PhD, DABFE, DACFM, DABPS, FACE, CHS IIIDevelopment of the Office of Strategic ServicesMission and Purpose of the OSSThe Making of a World War II SpyExploring the Mind of a SpyCategories of SpiesIndicators of a Growing ProblemConcluding RemarksBibliographySpies and EspionageProfile of a SpyA Double LifeTypes of SpiesSocial Engineering and CountermeasuresSocial EngineeringCountermeasuresBibliographyDeception DetectionEstablish a BaselineCommon Suspicious BehaviorsMacro and Micro ExpressionsEye-Accessing CuesTruth Detection EquipmentYour IntuitionHandwriting AnalysisPERSONAL INFORMATION SECURITYHome Computer SecurityE-mail IssuesWebsite / E-commerce IssuesSocial Networking and CyberstalkingOther IssuesBibliographySecurity while TravelingTravel PreparationsImportance of IdentificationTravel PrecautionsPrecautions while Staying in a Foreign CountrySECURITY WITHIN BUSINESSSecuring Business SSICorporate SpyingNo Business Is SafeInternational Organization for Standardization GuidelinesChoosing a Security CompanyResponding to a Security BreachPreventing Physical TheftSecurity Breach Notification LawsYour Opportunity to CommentANSI StandardsThe ANSI INCITS 359-2004ANSI INCITS 359-2004 OrganizationANSI INCITS 359-2004 as the RBAC StandardBibliographyCorporate National Institute of Standards and Technology (NIST)The Importance of Using National Institute of Standards and Technology (NIST)Due Care and Due DiligenceProcesses and MethodologiesAdvantages of Using NISTConducting Risk AssessmentsCybersecurityInformation Storage and TransmissionCybersecurity ChallengesProtecting Your Most Sensitive InformationE-mailCyber ChecklistsData Storage TipsGOVERNMENT SECURITY NEEDSThe Intelligence ProcessIntelligence and CounterintelligenceMilitary IntelligenceBibliographyThe Law and Homeland SecurityBackgroundExecutive SummaryHistory of Electronic Surveillance and FISA CourtPolitical Fallout of Electronic SurveillanceImpact of Electronic SurveillanceBibliographyThe Department of Homeland Security (DHS) StructureDepartment Subcomponents and AgenciesDepartment ComponentsLEGISLATION AND REGULATIONSGovernment LawsEconomic Espionage Act of 1996BibliographyGovernment and HIPAASSI-Related Laws and TerminologyAccess to InformationPrivacy of Electronic Data and ComputersCryptologyPrivacy LawsTrade SecretsNational Industrial Security Program (NISP)NISP OverviewClassified InformationComponents of the NISP (DOD)The FSO and the Industrial Security Representative (IS REP)Structure of DSS: Industrial SecuritySensitive but Unclassified (SBU) Information Control ProceduresPolicies to Control SBU InformationPolicies to Protect Specific Types of Sensitive Information Involving Scientific and Technical ApplicationsSSI Controls: TransportationIdentifying and Handling SSIControls on Environmental Impact InformationControls on Unclassified Biological Research InformationIssues Dealing with Geospatial InformationThe DHS’s SBU DirectivesOperation Security: A Law Enforcement ConcernThe Role of Operational SecurityInformation Sources for CriminalsPreventing Breach of SecurityDeveloping a Security PlanCamera SurveillanceDennis TreeceSetting up Camera SurveillanceIssues to ConsiderEavesdropping Threats and IP Phone SystemsEavesdropping ThreatsIP Phone SystemsFacility SecurityHomeland Security Presidential Directive 12Who Manages the PIV Program?What Do You Need to Implement PIV-I?What Do You Need to Prepare for PIV-II?Integration with Existing InfrastructureIDENTITY THEFTFair and Accurate Credit Transactions ActOverviewWhat Is FACTA?What Agencies Promulgated the Red Flags Rule?FACTA GuidancePenalties for Non-Compliance to Red FlagsBenefits of Complying to Red FlagsIdentity Theft Red Flags under FACTARed FlagsIdentity Theft DefinedTypes of Identity TheftDevelopment and Implementation of a Red Flags Prevention ProgramWritten ProgramAdministering the ProgramMaintaining an Identity Theft Red Flags ProgramBibliography

The Center for National Threat Assessment (CNTA) is an intellectual property management group that is responsible for overseeing the certification process of professionals in homeland security, forensics, psychotherapy and integrative medicine. CNTA manages the American Board for Certification in Homeland Security, the American College of Forensic Examiners Institute, the American Psychotherapy Association, and the American Association of Integrative Medicine. Leading professionals from the four associations provide CNTA with a pool of intellectual capital and enhance the field of their respective profession by writing and publishing important articles in four monthly peer-reviewed journals: Inside Homeland Security, The Forensic Examiner, the Annals of American Psychotherapy, and The American Association of Integrative Medicine Journal. The CNTA is responsible for the maintenance and development of over 32 certifications in homeland security, forensics, psychotherapy, and integrative medicine. The CNTA strives for all of its exams and certification processes to be psychometrically valid and meet the American National Standards Institute’s 17024 international standards for personnel certification.