ISOO Welcomes Heather Harris Pagán as National Industrial Security Program Manager

Heather Harris Pagán joined the ISOO staff to manage ISOO’s National Industrial Security Program (NISP) and National Industrial Security Program Policy Advisory Committee (NISPPAC).

Heather joins ISOO with 18 years of security experience.  She has broad experience working closely with the Intelligence Community (IC) and the military services.  Most recently, she served as a security specialist at the U.S. Agency for International Development (USAID), broadening her expertise beyond the IC and the Department of Defense.  During her career, Heather gained experience working on matters related to Executive Order 13526, “Classified National Security Information, including in security oversight, personnel, physical, and information security.  She participated in internal agency oversight inspections, provided security guidance, and supported her agency’s NISP activities.  At USAID, Heather also supported the Controlled Unclassified Information program.

In welcoming her to ISOO, we wanted to ask her a few questions about both her past work experiences and her objectives for the NISP and working at ISOO.

Question:  You have security experience working with classified materials in uniform and as a civilian.  You have worked with three different service branches, at the Pentagon, and at a non-Department of Defense foreign policy agency.  What were some of the challenges you observed and worked on overcoming?

Answer:  Most challenges can be resolved by communicating.  At my level, I focused on overcoming long-standing cultures and processes by communicating and demonstrating.  For instance, explaining why classified records need to be marked, protected, and handled appropriately, and showing examples of proper marking.  It is a good feeling when you are able to change behavior and correct poor security practices so that staff are protecting our nation’s secrets appropriately.  Still, there is a long way to go and proper marking remains a challenge.

Question:  You led or participated in self-inspection oversight and security inspections.  What were the biggest challenges you observed and their possible solutions?

Answer:  While the programs at each agency operate differently, the classification system rules are the same and we all inspect the same way – to make sure agencies are following the rules.  When we came across errors, we worked with management to identify possible solutions that worked for that agency and provided them to leadership for action.  I also stress the importance of individual responsibility in protecting classified information.  There were some offices where I felt the culture did not support protecting information as it should.  I am passionate about the importance of safeguarding classified information and always tried to instill that in every person I worked with.

Question:  The National Industrial Security Program Operating Manual (NISPOM) establishes standards, procedures and requirements for industry who receive Government contracts that include use of classified national security information.  It was last updated in 2013.  What changes in government and industry operations have you noticed since then and what improvements do you foresee?

Answer:  I am excited to be joining ISOO during this time when the government has shifted how it works to a fully digital environment.  This is also a huge change for federal government security policy.  Sometimes industry is ahead of its client in using new technologies to be more efficient.  We could learn from that.  A big challenge for agencies is learning how to adapt to having fewer resources to manage their security programs.  This will likely require streamlining processes and learning to work more – and differently – with less.  I am eager to be a part of modernizing security practices to better support national security and the national security needs of agencies and contractors.

Question:  The NISPPAC meets twice a year to discuss and make recommendations for policy changes to the NISP, NISPOM, and Executive Order 12829, “The National Industrial Security Program.” What do you think will be on the agenda that are of concern to both government and industry?

Answer:  I am looking forward to seeing the NISP Contract Classification System (NCCS) get off the ground.  When I received the demonstration years ago on its intent, I was excited that so many functions would be in one system.  I hope it is an effective tool.  Having everyone on the same system from beginning to end will be a big time and cost saver.  I am also looking forward to working with the NISPPAC members and the NISPPAC working groups, listening to challenges, and helping overcome them.

Question:  What’s the greatest hockey team around?

Answer:  Washington Capitals.  Let’s go Caps!

Question:  Have you ever visited the National Archives?

Answer:  Yes! I last visited with my son, who is a history buff, about a year ago. We loved it! But I have participated in meetings at ISOO and, on occasion, toured the Rotunda with ISOO staff members.  I’m looking forward to actually working in the building when we all go back to work.