Week 1 Personnel Security PDF

WEEK PERSONNEL SECURITY Topic Outline 0 DEFINITION 1 0 THREATS 2 0 IMPORTANCE 3 0 SAMPLE CASE 4 0 HISTORICAL CONTEXT AND 01 DEFINITION It refers to the policies, procedures, and practices designed to ensure that individuals with access to an organization's sensitive information, assets, or facilities are trustworthy, reliable, and do not pose a security risk. It is a critical component of an organization’s overall security strategy, particularly in environments where classified or sensitive information is involved. Topic Outline 0 DEFINITION 1 0 THREATS 2 0 IMPORTANCE 3 0 SAMPLE CASE 4 0 HISTORICAL CONTEXT AND 02 THREATS 1. Unauthorized Access  Intruders or unauthorized personnel entering restricted areas, posing risks to employee safety. 02 THREATS 2. Workplace Violence  Acts of aggression or violence by employees or outsiders, including threats, assaults, or harassment. 02 THREATS 3. Natural Disaster  Events such as fires, floods, or earthquakes that can endanger employees and disrupt operations. 02 THREATS 4. Data Breaches  Unauthorized access to sensitive employee information, including personal data that can lead to identity theft. 02 THREATS 4. Phishing Attack  Attempts to trick employees into revealing sensitive information through fraudulent emails or messages. 02 THREATS 5. Bullying and Harassment  Workplace bullying, sexual harassment, or discrimination can create a hostile environment, affecting mental health. 02 THREATS 6. Insider Threat  Employees with access to sensitive information may intentionally or unintentionally compromise security. Addressing Threats in Personnels 1. Background Checks - Verifying the personal, educational, and professional background of individuals before they are granted access to sensitive areas. a. Employment History b. Criminal History c. Education Verification d. Professional Licenses e. Reference Check f. Social Media and Online Presence g. Drug Testing h. Identity Verification i. Employment Gap Addressing Threats in Personnels 2. Training and Awareness - Educating staff on security policies, threat awareness, and proper handling of sensitive information and consequences of violating security policies. a. Security Awareness Training b. Ethics and Conduct Training c. Consequences of Violations d. Data Privacy Training e. Cybersecurity Training Addressing Threats in Personnels 3. Monitoring and Evaluation - Ongoing surveillance and evaluation of personnel to ensure they remain trustworthy throughout their tenure. a. Initial Onboarding b. Performance Monitoring c. Assess Job Satisfaction and Engagement d. Probationary Period Evaluation e. Tenure Period Evaluation Addressing Threats in Personnels 4. Access Control - Restricting access to facilities, systems, and data based on an individual’s role and the principle of least privilege. a. Role-Based Access Control (RBAC) b. Biometric Access Control c. Time-Based Access Control Addressing Threats in Personnels 5. Incident Reporting - Encouraging the reporting of suspicious activities or behaviors that may indicate security risks. Topic Outline 0 DEFINITION 1 0 THREATS 2 0 IMPORTANCE 3 0 SAMPLE CASE 4 0 HISTORICAL CONTEXT AND 03 IMPORTANCE Personnel security aims to protect against insider threats and minimize the risk of human factors that could lead to security breaches, espionage, or other forms of harm to the organization. It also plays a crucial role in protecting an organization's resources, maintaining its reputation, and ensuring long- term operational stability. 03 IMPORTANCE 1. Protecting Sensitive Information 2. Mitigating Insider Threats 3. Preventing Fraud and Espionage 4. Ensuring Business Continuity 5. Safeguarding Physical and Cyber Assets 6.Enhancing Organizational Trust Topic Outline 0 DEFINITION 1 0 THREATS 2 0 IMPORTANCE 3 0 SAMPLE CASE 4 0 HISTORICAL CONTEXT AND 04 SAMPLE CASE Tesla Insider Theft of Trade Secrets (2018) Issue: A former Tesla employee was accused of stealing trade secrets and sharing them with third parties. The employee had access to sensitive manufacturing information about Tesla's electric vehicle batteries and shared this information with unauthorized individuals outside the 04 SAMPLE CASE Edward Snowden and NSA (2013) Issue: Edward Snowden, an employee of a contractor for the National Security Agency (NSA), leaked classified information to the public, exposing various surveillance programs operated by the NSA. 04 SAMPLE CASE Google vs. Anthony Levandowski (Waymo Case) Issue: Anthony Levandowski, a former engineer at Google, was accused of downloading confidential documents related to Google's self-driving car project before joining Uber. This case resulted in a high-profile legal battle between Waymo (a subsidiary of 04 SAMPLE CASE Philippine Airlines – Insider Ticketing Scam (2018) Issue: Several Philippine Airlines (PAL) employees were involved in an insider ticketing scam, where they colluded with travel agencies to divert sales and issue fraudulent tickets. The employees used their access to PAL’s ticketing system to manipulate transactions, 04 SAMPLE CASE Philippine Long Distance Telephone Company (PLDT) – Insider Data Breach (2019) Issue: A former PLDT employee was caught selling the personal data of PLDT customers to third-party marketers. The employee had access to sensitive customer information and used this access to sell data to companies without authorization illegally. 04 SAMPLE CASE LBC Express – Cyber Fraud by Employees (2020) Issue: A group of LBC Express employees was arrested for tampering with the company's cargo handling system to steal valuable shipments. The employees used their positions within the company to manipulate the system and smuggle items from LBC warehouses. Topic Outline 0 DEFINITION 1 0 THREATS 2 0 IMPORTANCE 3 0 SAMPLE CASE 4 0 HISTORICAL CONTEXT AND 05 HISTORICAL CONTEXT AND EVOLUTION Personnel security in the Philippines has gradually evolved as a response to colonialism, political instability, and the growing importance of technology and data protection in the modern era. 05 HISTORICAL CONTEXT AND EVOLUTION HISTORICAL CONTEXT AND 05 EVOLUTION Colonial Era Post Martial Law (Pre-1946) Independece Period (1946-1972) (1972-1986) Spanish Period (1565–1898): Formation of the National Bureau of Focus on Internal Dissent: Marcos Security primarily focused on Investigation (NBI): In the late 1940s, used personnel security to prevent controlling insurgent groups and the NBI was established, formalizing opposition groups from gaining suppressing uprisings against security screening for individuals influence in key sectors, such as the Spanish rule. within the government and law military and government. American Period (1898–1946): The enforcement agencies. It played a role focus was on maintaining loyalty to in personnel vetting and background the American administration, checks for public servants. preventing insurrections, and addressing the threat of communist HISTORICAL CONTEXT AND 05 EVOLUTION Colonial Era Post Martial Law (Pre-1946) Independece Period (1946-1972) (1972-1986) Spanish Period (1565–1898): Formation of the National Bureau of Focus on Internal Dissent: Marcos Security primarily focused on Investigation (NBI): In the late 1940s, used personnel security to prevent controlling insurgent groups and the NBI was established, formalizing opposition groups from gaining suppressing uprisings against security screening for individuals influence in key sectors, such as the Spanish rule. within the government and law military and government. American Period (1898–1946): The enforcement agencies. It played a role focus was on maintaining loyalty to in personnel vetting and background the American administration, checks for public servants. preventing insurrections, and addressing the threat of communist HISTORICAL CONTEXT AND 05 EVOLUTION Colonial Era Post Martial Law (Pre-1946) Independece Period (1946-1972) (1972-1986) Spanish Period (1565–1898): Formation of the National Bureau of Focus on Internal Dissent: Marcos Security primarily focused on Investigation (NBI): In the late 1940s, used personnel security to prevent controlling insurgent groups and the NBI was established, formalizing opposition groups from gaining suppressing uprisings against security screening for individuals influence in key sectors, such as the Spanish rule. within the government and law military and government. American Period (1898–1946): The enforcement agencies. It played a role focus was on maintaining loyalty to in personnel vetting and background the American administration, checks for public servants. preventing insurrections, and addressing the threat of communist HISTORICAL CONTEXT AND 05 EVOLUTION Post-EDSA Revolution Modern Era Era (2000s-Present) (1986-2000s) Anti-Insurgency Operations: In the 21st century, personnel Personnel security continued to be a security in the Philippines has concern due to ongoing conflicts adapted to address a broader range of with communist insurgents (CPP- threats, including terrorism, NPA). cybercrime, corruption, and Screening and monitoring of espionage. personnel in sensitive government The focus has expanded beyond positions became critical to national military and government sectors to security. include private industry, critical infrastructure, and information HISTORICAL CONTEXT AND 05 EVOLUTION Post-EDSA Revolution Modern Era Era (2000s-Present) (1986-2000s) Anti-Insurgency Operations: In the 21st century, personnel Personnel security continued to be a security in the Philippines has concern due to ongoing conflicts adapted to address a broader range of with communist insurgents (CPP- threats, including terrorism, NPA). cybercrime, corruption, and Screening and monitoring of espionage. personnel in sensitive government The focus has expanded beyond positions became critical to national military and government sectors to security. include private industry, critical infrastructure, and information END OF DISCUSSION

Week 1 Personnel Security PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue