Official websites use .mil
Secure .mil websites use HTTPS
The National Access Elsewhere Security Oversight Center (NAESOC) is designed to provide consistent oversight and security management for select facilities who do not possess classified information on-site ("access elsewhere").
Please review the resources to identify tools that can assist you in supporting your facility's security program. All resources are “self-help”, and you will find topics, tools, questions and answers that will prepare you for meeting your needs and requests. If you cannot find what you are looking for, please email the NAESOC General Mailbox. Schedule local ISAC or NCMS speaking request Learn more about the NAESOC
Email dcsa.naesoc.generalmailbox@mail.mil
NISS Messenger always available
Defense Industrial Base Vulnerability Disclosure Program
NAESOC Help Desk Hours
On September 3, 2024, the NAESOC Help Desk will transition to its new number (878) 274-1800. Based on customer feedback, we have identified that this is the best way to continue to provide oversight activities that help make the NISP a more secure entity. Your feedback is valuable to us. As a friendly reminder, our Help Desk operations are as follows:
Monday - Thursday: 9:00 a.m. - 3:00 p.m. (Eastern Standard Time) Friday: 8:00 a.m. - 2:00 p.m. (Eastern Standard Time)
Escalate an Existing Inquiry
For both Industry and GCA support, the NAESOC has provides an escalation in capability for any existing inquiries that have been submitted its Help Desk. Please use the Blue Button on the NAESOC Main Page to submit any escalation inquiries.
Security Review Update
As a reminder, all facilities within the NISP are subject to Security Reviews to include facilities currently under NAESOC. NISS users may receive notifications from NISS related to internal updates to support the proper identification of the local DCSA Oversight Team based on the updated regional field office locations. Facilities may also temporarily be reassigned to the local DCSA field office to support the communication and task workflows within NISS during Security Review activities. NISS users may reference their NISS profile to identify their current DCSA Oversight Team. If you have any questions about your oversight team or notifications you have received in NISS, please feel free to contact us directly at the NAESOC Help Desk.
DoD 5220.22-M defines a security violation as a failure to comply with the policy and procedures established by the NISPOM that reasonably could result in the loss or compromise of classified information. Security incidents involving classified information must be appropriately reported to DCSA. Facilities assigned to the NAESOC must immediately report security violations via NISS Messenger. The Security Incident Job Aid provides recommendations and guidance on security incident response and remediation and submitting initial and final security violation reports.
Contractors shall report all relevant and available information indicative of a potential or actual insider threat. Please ensure reporting is made via NISS messenger when including Personally Identifiable Information.
The Reporting the Threat job aid and CDSE Insider Threat Content have been developed to support reporting and Establishing Insider Threat Programs.
You can find additional information on Insider Threat reporting on the new Counterintelligence Awareness and Reporting for NAESOC Facilities webex
Facilities shall report cyber incidents or intrusions regardless of classification level of information or information systems involved in the intrusion provided the contractor determined that 1) circumstance of intrusion are sufficient to qualify as actual, probable, or possible espionage, sabotage terrorism, or subversive activities, and 2) these activities constitute a threat to the protection of classified information, systems, or programs that are otherwise covered by the NISPOM.
NAESOC Facilities shall report cyber intrusions via NISS messenger.
All Suspicious Contact Reporting shall be reported to your local DCSA CI Special Agent.
Foreign Vetting in Academia: A tri-fold
Counterintelligence Awareness and Reporting: A tri-fold
Counterintelligence Best Practices for Industry Booklet
Counterintelligence Awareness and Reporting for NAESOC Facilities
As reported in the Voice of Industry, click here for a resource you can use to enhance your security awareness and reporting program.
Adverse information consists of any information that negatively reflects on the integrity or character of a cleared employee, that suggests that his or her ability to safeguard classified information may be impaired, or that his or her access to classified information clearly may not be in the interest of national security. Revised ISL
Change Conditions are those organizational changes that could affect the Facility Clearance.
Ownership, including stock transfers
Legal Structure
Operating Name
Principal Address
Key Management Personnel
Foreign Ownership, Control, or Influence (FOCI)
Bankruptcy
FCL Termination
Cage Code changes (rare)
Formal submission of Changed Conditions are required to be completed in NISS as an FCL Change Condition Package. Please ensure all business documentation is submitted to substantiate the reporting.
*Note: When entering discussions, consultations, or agreements that may reasonably lead to effective ownership or control by a foreign interest, the contractor shall immediately report the details to DCSA via NISS messenger.
Facility Profile Update Requests–Information that can be edited by Industry users includes, but is not limited to new contracts, program assets, and essential Key Management Personnel and security staff contact information. Facility profile updates have replaced Requests For Information (RFI); so ensure that you review your profile and submit timely updates. *Note: Please ensure all of your appropriate DD Form 254s are submitted via NISS. *Note: FCL Change Conditions should not be submitted as a Facility Profile Update Request.
An insider threat program plan endorsed by the Insider Threat Program Senior Official (ITPSO) (32 CFR Section 117.7(b)(4))
Formal appointment by the contractor of an ITPSO who is a U.S. citizen employee and a senior official of the company (32 CFR Section 117.7(b)(1)(iii)).
Contractor reviews, certified annually (32 CFR Section 117.7(h)(2))
Reporting (32 CFR Section 117.8).
Insider threat training (32 CFR Section 117.12 (g))
User activity monitoring on classified information systems (as required) (32 CFR Section 117.18 (b)(4)(i).
Risk Management Framework (RMF) (as required) (32 CFR Section 117.18 (e)
CDSE recently released the 2023 Insider Threat Vigilance Campaign job aid. The job aid promotes a different vigilance theme each month. CDSE will provide awareness materials relevant to each monthly theme to be shared with your workforce. Use the job aid to jump-start your 2023 annual vigilance campaign or tailor it to your organization using resources from our Insider Threat Toolkit Vigilance Tab located at https://www.cdse.edu/Training/Toolkits/Insider-Threat-Toolkit/#vigilance
Insider Threat Program (ITP) for Industry. This job aid provides an overview of the insider threat program requirements for industry as outlined in the NISPOM, training, definitions, resources, and more.
Sample Insider Threat Program Plan for Industry. This sample plan provides recommendations for creating an InT program and can be tailored around your organization’s specific rules and guidelines.
Establishing a Program Toolkit. This toolkit provides information on how to establish an InT Program and procedures for responding to an InT action.
Insider Threat Reporting Job Aid. This job aid explains the reporting requirements and procedures for Federal agency employees and cleared contractors, and the consequences of failing to meet these guidelines.
Insider Threat and Industry Webinar. This webinar addresses the requirements for establishing an InT program, which includes developing an implementation plan to gather, share, and report relevant InT information from offices across the contractor’s organization.
Establishing an Insider Threat Program for Your Organization INT122.16 (cdse.edu). CDSE’s course provides guidance for organizational InT program managers on how to organize and design their specific program.
Insider Threat Definitions Job Aid. This job aid acts as a quick reference glossary of commonly used words within the InT space in an easily accessible format for InT professionals.
INSIDER THREAT WEBEX. In order to identify the risks and mitigations regarding Insider Threat for Access Elsewhere facilities, the NAESOC has specifically prepared this webex for the requirements of the non-possesing facility.
CHECK OUT INSIDER THREAT CASE STUDIES
CDSE has added a new case study to the case study library:
Ahmedelhadi Serageldin – A case of an insider’s mishandling of classified information
Russel Langford – A case study of an insider’s kinetic violence