As the responsibility for the majority of security clearances changes hands, the National Counterintelligence and Security Center doesn’t see its role in much of a different light.
“From our perspective, whether there’s five organizations or 30 doing investigations, it’s irrelevant to us,” Bill Evanina, director of the NCSC, said in an interview with Federal News Radio. “We want to make sure they’re all doing it the same way.”
For the NCSC, part of that work means guiding agencies through the murky and often challenging world of continuous evaluation and insider threat.
Evanina’s organization is on track to deploy its own fully functional continuous evaluation system by fall 2018. That system will vet executive branch employees and will check about 10 databases for warning signs. It’ll be open to any executive branch agency that signs up to use it.
A few intelligence agencies have already opted in and said they’ll use the service, Evanina said.
“If an agency out there, say the Department of Education or Forest Service or Interior, wants to run their individuals through our databases, they can,” he said. “We will provide that service and provide them back any hits that we have.”
The NCSC will focus on continually vetting top-secret clearance holders first and will then focus its attention on employees with secret clearances, Evanina added.
Defense and intelligence agencies have much more experience with the concept of continuous evaluation. The Intelligence Community is already running its top-secret clearance holders through two critical nodes of continuous evaluation now, Evanina said.
The Defense Department is building its own continuous evaluation system with other defense components and internal databases, but the Pentagon will also opt into the NCSC system, Evanina said.
Continuous evaluation will play a major role in DoD’s plan to transfer 75 percent of the security clearance workload from the Office of Personnel Management and the National Background Investigations Bureau to the Pentagon.
Rather than evaluate its clearance holders once every five years, DoD sees continuous evaluation as the method it will use to process periodic reinvestigations more efficiently and quickly.
Soon, the department will have 1 million employees under its continuous evaluation program, but CE will play an even bigger role in the Pentagon’s plan to process periodic reinvestigations more efficiently and quickly.
But civilian agencies have been much slower to take to the concept of continuous evaluation.
“Every agency has a general counsel who has a different opinion on whether they should do that to their employees or not,” Evanina said. “We provide the ability to do it, and then it’s up to each organization. [It’s the] same thing with insider threat. In the Intelligence Community, user and system monitoring is second nature. That’s not the case everywhere else. Each organization has their own management, leadership opinions and general counsel who opine on whether or not they should be monitoring their employees’ usage of classified systems or internet. We navigate through that all day, every day, trying to facilitate what’s that equilibrium.”
They’ll have more information and best practices for applying continuous evaluation soon; Evanina’s office developed a community-wide directive on the topic, which the Office of Management and Budget is currently reviewing, he said.
The NCSC will also host a forum in a month for agencies to discuss their insider threat challenges.
“Not every agency is the same,” Evanina said. “What the CIA needs to do is not the same as what the Department of Energy needs to do, which is not the same as what the Department of Interior needs to do. Everybody’s different. We work with each agency to get to a place we feel is commensurate with the intent of the executive order to ensure they’re doing the best that they can to protect their crown jewels. From an executive branch perspective, we are not where we need to be, for sure, but we are working hard with every agency to get us to where we need to be.”
The NCSC has also been helping NBIB with its own vetting processes. The Office of the Director of National Intelligence hosted working group sessions to re-engineer NBIB’s business processes.
They developed 10 significant recommendations to improve the investigative business process, and the Director of National Intelligence is reviewing that memo now, Evanina said.
“We have to be able to do these investigations more effectively, efficiently, in a nimble fashion at a much faster pace, [and] at the same time, ensure due-diligence that we are bringing in a trusted workforce into our organizations to prevent insider threat,” he said. “It’s an interesting dichotomy, but we have to get to a place where we’re reaching that balance. We’re on our way to get there in a manner that’s a whole of government approach.”