DCSA CI MCMO Countermeasures Matrix
Please consider the following questions regarding how you protect your technology, information and personnel from illicit email requests.
Q1. How do you prepare employees who, via email, receive requests for technology or information?
- Employees are aware what information is protected and what information is authorized for public release and report all instances of requests for proprietary, export controlled or sensitive information by unauthorized persons or entities.
- Employees are aware of the common indicators of an illicit procurement attempt (i.e. lack of end user or end use information, multiple same/similar requests from various entities within a short time, poor use of grammar, etc.).
Q2. How do you prepare employees who, via email, receive solicitations to enter business relationships for goods or services (ie foreign entities seeking to become your overseas distributor, or to supply you with goods or services)?
- Policies are in place to conduct due diligence/vetting on entities entering into business relationship with the company/facility.
- FSOs are aware of which offices or individuals in their facility commonly receive email requests for information or technology (including sales, marketing, public relations, scientists/engineers, academics etc.) and tailor CI and security briefings to those employees.
Q3. How do you prepare employees who, via email, receive resumes and/or employment applications?
- Human Resources personnel and/professors are aware of indicators of foreign efforts to exploit access and placement.
- Personnel are aware of which positions require U.S. citizenship and security clearances and do not engage about positions with non-qualified candidates.
- Personnel report unsolicited resume submissions, from foreign persons, to the FSO and Human Resources.
Click on the individual cells in the matrix for suggested Countermeasures.