Intelligence leaders impatient for insider threat social media guidance

Immensely complex questions of privacy and civil liberties are holding up agencies from using perhaps the most valuable sources of information they could find on current and future employees: social media and other publicly available online information.

“These things take a long time,” said Alex Joel, chief civil and privacy protection officer at the Office of the Director of National Intelligence, during an April 28 panel discussion at the Intelligence and National Security Alliance’s insider threat symposium in Chantilly, Virginia. “If there was an easy answer, we’d have it already. We’re working at the pace of government to try to figure this out.”

Social media is the “void” the National Security Agency is trying to fill with its own insider threat program, Kemp Ensor, director of security at the NSA, said.  His employees don’t go home and talk to their neighbors anymore, he said. They go online.

“That’s where we need to be,” Ensor said. “That’s where we need to mine from if we’re going to build the trusted workforce of the future.”

The ODNI was supposed to issue a security executive agent directive, which would detail how the DNI expects agencies to use social media and other publicly available information to review current and new employees.

But the policy still sits with the Office of Management and Budget for review, Bill Evanina, director of the National Counterintelligence and Security Center at the Office of the Director of National Intelligence, told Congress in February and reiterated April 28.

“There’s a lot of work involved,” he said. “There’s a lot of struggle with the people writing the policy.”

Even without the directive from the administration, current intelligence officials say social media is one of the most valuable sources of data they could use.

Evanina described it as one piece to the “mosaic of an individual person” that agencies need to create as they continuously evaluate their employees with access to classified information.

Top leadership have struggled in the past to buy in to the concept of using social media — and continuous evaluation in general, intelligence officials said.

Carrie Wibben, director for security and policy oversight within the office of the undersecretary of Defense for intelligence, said getting support from top DoD leadership was initially her biggest challenge, but it’s slowly improving.

“I think we’re kind of there now, but we need to make sure we don’t lose it,” she said.

The real challenge, Wibben added, will be in getting the rest of the DoD workforce on board.

The Defense Department is further than most other agencies in standing up its insider threat programs. The department as a whole will have 44 of them — one for each of DoD’s 43 components — plus the DoD Insider Threat Management Analysis Center (DITMAC), Wibben said

She said the department is in “good shape” to meet the initial operating capability marker for DITMAC within the next 10 months, and 16 of the other component programs have met initial operating capability requirements.

DoD is also developing risk ratings for its cleared population, Wibben said. The ratings stem from data the department already has, like information from its human resources office. DoD strips out personally identifiable information (PII) before it evaluates the data for patterns, WIbben told Federal News Radio. The department will add PII back into the data sets if it finds something suspicious, she said.

These conversations come as the administration begins to stand up the National Background Investigations Bureau, the agency that will assume responsibility for the federal security clearance process.

An inter-agency group of leaders began discussing how they will transition ongoing security reinvestigations from the old agency, the Federal Investigative Service, to the new NBIB, said Jim Onusko, the transition director for the new bureau.

Continuous evaluation will play a role in the future, he said. Onusko envisions a security clearance and evaluation process that relies more on automated systems and less on physical investigations. He said he hopes a system that automatically collects publicly available information and social media, and then validates that data with subject interviews and other information, will lead to higher quality and faster investigations.

Dr. John Hamre, former deputy secretary of Defense and now president and CEO of the Center for Strategic and International Studies, also expressed exasperation and frustration with the current system for evaluating current and future employees.

But he suggested major reform hasn’t come more quickly because of major budgetary issues entrenched in the Office of Personnel Management and OMB.

“OPM makes its money doing background investigations the old fashioned way,” Hamre said. OPM currently uses a “fee-for-service” structure to charge agencies for conducting the bulk of their security clearances.

“The Office of Management and Budget is sheltering the budget of a weak agency that it can’t get appropriated,” he added.

Related Stories

Comments

Sign up for breaking news alerts