top | item 40950553

(no title)

The company I work for (high profile private sector U.S. defense contractor) has security people (FSOs and such) that are constantly concerned about being held legally responsible for actions (or inactions) related to theirs and other's work (specifically those with personal or facility security clearances). They regularly claim that they can be held responsible for the failures of others.

Their hesitation leads me to believe these legal repercussions happen more often than not. Would be interesting to see some data on the claims. My guess is the people being held responsible for these things aren't your average developer taking down prod.

discuss

nradov|1 year ago

That's a separate issue. There are criminal and administrative penalties for mishandling classified information that apply to anyone with a clearance, regardless of whether they are a government employee or private contractor. As long as you follow all the rules yourself you won't be punished for someone else's actions.

adolph|1 year ago

> As long as you follow all the rules yourself

Sounds easy. Just keep a list in front of me. Maybe a book. Throw it into a RAG on local ollama. Keep a Teams chat open with the compliance folks.