Videos (no certificate provided)

• National Counterintelligence Executive Statement on Unauthorized Disclosure 
• Attorney General Statement on Unauthorized Disclosure 

Training

• Unauthorized Disclosure (UD) of Classified Information and Controlled Unclassified Information (CUI) IF130.16
• Counterintelligence Awareness & Reporting Course for DOD CI116.16
• Insider Threat Awareness Course INT101.16
• NISP Reporting Requirements IS150.16 
• Standard Form 312 (SF312) Video 
• Unauthorized Disclosure Security Professional Briefing 
• Unauthorized Disclosure Workforce Briefing 

Job Aids

• How to Respond to an Unauthorized Disclosure (UD) of Classified and Controlled Unclassified Information (CUI) Job Aid 
• DOD Unauthorized Disclosure Desk Reference 

Webinars

• Security Chat with the Unauthorized Disclosure Program Management Office

Case Studies

• Unauthorized Disclosure (UD) Case Study: Daniel Hale
• Unauthorized Disclosure (UD) Case Study: Shamai Leibowitz
• Unauthorized Disclosure (UD) Case Study: Gary Maziarz
• Unauthorized Disclosure (UD) Case Study: Jonathan/Dianna Tobbe
• Review all Case Studies here

National Policy

• Executive Order 13526, Classified National Security Information 
• Executive Order 13587, Structural Reforms to Improve the Security of Classified Networks and Safeguarding of Classified Information 
• 32 CFR (Code of Federal Regulations) Parts 2001 & 2003, Classified National Security Information; Final Rule 
• Standard Form (SF) 312, Classified Information Nondisclosure Agreement 
• Intelligence Community Directives 
• Standard Form (SF) 312 Video 
• Whistleblower Protections and Non-Disclosure Policies, Forms, or Agreements 

Whistleblower Policies and Rights

• Executive Order 12333, United States Intelligence Activities 
• Whistleblower Protections - Presidential Policy Directive-19 
• No FEAR Act 

DOD Policy

• DOD Directive 5148.13, Intelligence Oversight  
• DOD Directive 5205.16, The DOD Insider Threat Program  
• DOD Directive 5210.50, Management of Serious Security Incidents Involving Classified Information 
• DOD Instruction 5200.01, DOD Information Security Program and Protection of Sensitive Compartmented Information (SCI) 
• DOD Instruction 5200.48, Controlled Unclassified Information 
• DOD Instruction 5230.09, Clearance of DOD Information for Public Release 
• DOD Instruction 5230.29, Security and Policy Review of DOD Information for Public Release 
• DOD Manual 5200.01, Volume 1, DOD Information Security Program: Overview, Classification and Declassification 
• DOD Manual 5200.01, Volume 2, DOD Information Security Program: Marking of Information 
• DOD Manual 5200.01, Volume 3, DOD Information Security Program: Protection of Classified Information 
• 32 CFR, part 117, National Industrial Security Program Operating Manual (NISPOM) 
• ISOO Notice 2017-04: Security Classification Guides 

Unauthorized Disclosure General Awareness

• Dangerous Disclosure: Graphic Novel by PERSEREC, April 2020 

Unauthorized Disclosure Posters

• Insider Threat - Spillage v3 8.5x11 / 17x22 
• Insider Threat - Spillage v2 8.5x11 / 17x22 
• Whistleblower 8.5x11 / 17x22 
• Think before you click 8.5x11 / 17x22 
• Insider Threat Vigilance 8.5x11 / 17x22 
• Insider Threat EAP 8.5x11 / 17x22 

Prepublication Review

The Defense Office of Prepublication and Security Review (DOPSR) is responsible for managing the Department of Defense security review program, and for reviewing written materials both for public and controlled release. This includes official government and defense industry work products, as well as materials submitted by cleared or formerly cleared individuals pursuant to their voluntary non-disclosure agreement obligations. DOPSR also coordinates official work products with Defense enterprise stakeholders to ensure that information being released is both accurate and represents the Department's official position.

• DOD Office of Prepublication Security Review (DOPSR) Mandates and Authorities 

Videos

• National Counterintelligence Executive Statement on Unauthorized Disclosure 
• Attorney General Statement on Unauthorized Disclosure 
• Unauthorized Disclosure Video Lesson: DNI Testimony 
• Unauthorized Disclosure: Protecting Classified Information 

Security Awareness Games

• Unauthorized Disclosure Magic 8 Ball 

Reporting Unauthorized Disclosure

With diligent reporting, the consequences of unauthorized disclosure can be mitigated. If you see or suspect unauthorized disclosure, first take steps to protect the classified information. Then report to your organization's Security Officer. If you are a DOD employee, report the incident to your Activity Security Manager. If you are a cleared contractor, report the incident to your Facility Security Officer (FSO) who will, in turn, report it to your company's Defense Counterintelligence and Security Agency Industrial Security Representative (DCSA IS Rep).

Consider the following resources for more information on reporting unauthorized disclosure or attempts to solicit classified information:

• Unauthorized Disclosure (UD) of Classified Information and Controlled Unclassified Information (CUI) IF130.16
• Counterintelligence Awareness & Reporting Course for DOD CI116.16
• Insider Threat Awareness Course INT101.16
• NISP Reporting Requirements IS150.16 

Unauthorized Disclosures can be emailed to the DITMAC UD PMO via group accounts:

NIPR Org Box: dcsa.quantico.hq.mbx.ditmac-unauthorized-disclosure@mail.mil
SIPR Org Box: dcsa.quantico.hq.mbx.ditmac-unauthorized-disclosure@mail.smil.mil
JWICS Org Box: DITMAC.UD@dss.ic.gov

Access the DITMAC UD intelink site for more information:
https://intelshare.intelink.gov/sites/ditmac/UDPMO/_layouts/15/start.aspx#/SitePages/Home.aspx.  

Reporting Questionable Government Activities

The Whistleblower Protection Act (PPD-19) protects employees from direct retaliation for acts of reporting protected disclosures. It does NOT protect employees who unlawfully disclose classified information. Report questionable government activity to your supervisor or your organization's Security Officer. If you are not comfortable reporting to these sources, other avenues are available including the DOD Senior Intelligence Oversight Official, the DOD Inspector General, the US Attorney General, and the DOD Hotline.

Consider these resources for more information:

• DOD Directive 5148.13, Intelligence Oversight  
• DOD Hotline Information 
• DOD Senior Intelligence Oversight Official 
• No FEAR Act 
• Whistleblower FAQ 
• Whistleblower Reprisal Complaints 

General Workforce

• Immediately protect the information
• Report unauthorized disclosure
  
  Consider the following resources for more information on securing classified information, including information on the internet or other media formats, negligent discharge of classified information (NDCI) or "spills", and spills involving controlled unclassified information (CUI).
   
  • Unauthorized Disclosure (UD) of Classified Information and Controlled Unclassified Information (CUI) IF130.16
  • Counterintelligence Awareness & Reporting Course for DOD CI116.16
  • Insider Threat Awareness Course INT101.16
  • NISP Reporting Requirements IS150.16 
  • Cybersecurity Toolkit

Security Personnel and Other Authorities

• Investigate the incident
• Impose sanctions
• Report to Congress, if required
• Conduct damage assessment
  
  Consider the following resources for more information on incident response, including those involving special access program, controlled unclassified information, and spillage; potential required reporting to the Federal Bureau of Investigations (FBI), Defense Counterintelligence and Security Agency (DCSA), Office of the Under Secretary of Defense (Intelligence and Security) (OUSDI (I&S)), and/or Congress; Original Classification Authority review; damage assessments; and more.
   
  • eLearning: Derivative Classification IF103.16
  • eLearning: Safeguarding Classified Information in the NISP IS109.16 
  • Short: Classified Storage Requirements
  • Short: Data Spills
  • Short: Disposal and Destruction
  • Short: Security Incident Reporting Requirements
  • Webinar: Developing an Incident Response Capability
  • Incident Response Plan 
  • ISOO Notice 2017-04: Security Classification Guides