FAA’s Security and Investigations Division (AMC-700) is staffed with Special Agents who conduct Internal Investigations, Facility Security Inspections, Personnel Security Adjudications, Regulatory Investigations as well as liaison duties for all Federal, State, local, tribal and international law enforcement agencies. AMC-700 is a tenant organization reporting directly to the Deputy Associate Administrator for the Office of Security & Hazardous Materials Safety (ASH-2) in Washington D.C. However, the office supports the Aeronautical Center Director and serves as the Servicing Security Element (SSE) for the Aeronautical Center.
This month, there are two extremely valuable programs to be recognized when it comes to protecting FAA personnel and information: the Insider Threat and Active Shooter Programs. Both are being utilized by the ASH organization to educate all Federal and Contract Employees on how to recognize and react to Insider Threats and Active Shooter situations. Insider Threats and Active Shooter situations can happen anywhere and at any time, which is why these programs are so important. The information being provided for these programs has and will continue to save lives.
The focus of the Insider Threat Program is to deter, detect, and mitigate actions by employees who may pose a threat to FAA information, resources, and/or national security. Any employee who uses any of their FAA granted privileges or access to harm FAA personnel, facilities, networks, or information (wittingly or unwittingly) is an Insider Threat.
There are currently two categories of Insider Threats; the Malicious Insider and the Unwitting Insider. The Malicious Insider uses authorized access to intentionally harm FAA facilities and personnel by selling information to adversaries, sabotaging systems, or attacking FAA employees. (Examples of a Malicious Insider would be former CIA employee, Edward Snowden and former U.S. Army soldier, Bradley Manning.)
The Unwitting Insider is defined as a trusted employee or contractor who, without malice, causes harm to the FAA. Any FAA employee or contractor who discusses sensitive information with non-cleared individuals or posts sensitive information on social media or any internet site could be considered an Unwitting Insider. Sensitive information can include security procedures, employee rosters, and most certainly FAA proprietary or For Official Use Only (FOUO) information such as NextGen, the National Airspace System, etc.
Insider threats can be difficult to detect, however, there are several indicators that everyone can use to identify a possible threat. Indicators could be a single instance or several combined suspicious behaviors, for instance: Attempting unauthorized access to protected information or secure areas, unexplained affluence, working outside of normal duty hours without permission, using unauthorized technology in secure areas, and any drug, alcohol, or financial problems. All suspicious behavior must be reported to your supervisor and your Servicing Security Element (SSE) immediately. If you “See Something, Say Something.”
This article is simply a brief overview of the Insider Threat & Active Shooter Programs that the FAA is currently employing. FAA employees can find more information and resources on these this programs at my.faa.gov/ash/runhidefight. The Office of Security & Hazardous Materials Safety has also released the new “Insider Threat Program and Reacting to an Active Shooter Event” course on eLMS. This course is mandatory training for all FAA employees and contractors.
Each tenant organization at MMAC can request a more in-depth and personalized presentations by contacting the Security and Investigations Division, AMC-700. In closing, each of us are a part of the MMAC community and share everyday moments with our colleagues and friends. It's easy to take for granted the routine moments that occur in our everyday lives, but your every day is different than your co-worker’s—filled with the moments that make it uniquely yours. So if you see something you know shouldn't be there—or someone's behavior that doesn't seem quite right—say something!
Please report any security incidents and weaknesses involving the protection of FAA assets to your immediate supervisor, manager, contracting officer (or representative as applicable) or SSE. The MMAC Infrastructure Protection Special Agents can be reached at (405) 954-3212.
