So clearly there is risk in eliminating the polygraph for new hire. A risk management approach asks, is it a risk worth taking?
George Fallon, a 30-year veteran of IT auditing, explains why agencies need to re-evaluate the protection of e-mail, document and business systems.
The Office of Personnel Management was the sixth agency to achieve final operating capability on an insider threat program. But OPM is among the few agencies who have set up such programs. Small agencies say cultural barriers, lack of resources and legal and privacy questions are among the obstacles preventing them from meeting the goal, but insider threat experts say those problems aren't unique.
Civilian agencies have been struggling with the same challenges in developing strategies for insider threats for years now. They say those challenges are unique to them not to the Defense Department and intelligence community that have the insider threat mindset built into their culture. But the IC and DoD say not so. Federal News Radio Reporter Nicole Ogrysko tells Federal Drive with Tom Temin the two agencies have struggled with the same issues.
Federal employees and contractors waited hundreds of days in some cases for a security clearance in 2016, but the Office of Personnel Management spent much of the year putting the policy pieces in place for improvement. Key stakeholders in the Performance Accountability Council developed an IT plan for the new background investigation system and issued business rules for adjudicating some cases.
David Green, chief security officer for Veriato, details why it’s important for agencies to rate employee positions and apply the appropriate insider threat oversight based on those ratings.
The defense industry has gotten off to a good start implementing initial capabilities for insider threat programs, the Defense Security Service said. Cleared contractors had until Nov. 30 to develop and submit their plans for an insider threat program and appoint a senior official to lead and oversee it.
Experts say until the government moves to a continuous evaluation program of employees and contractors with clearances, threats from employees will continue to grow.
Lightning has struck twice in the same spot now — NSA and Booz Allen Hamilton.
Jonathan McDonald, executive vice president of TransUnion, says agencies need to look to multiple sources to understand potential risks posed by employees.
The Coast Guard said it's the first Executive Branch agency to achieve full operating capability on its insider threat program. The Homeland Security Department said it's working to automate its continuous evaluation program, in support of a governmentwide goal to add 5 percent of the cleared population under CE by 2017.
The Defense Department is moving ahead with new rules for defense contractors aimed at limiting damage from insiders with security clearance. Jim Harris, senior counsel for the law firm Holland and Knight, joins Federal Drive with Tom Temin to offer his insight.
Current and former intelligence community officials say they're not getting the buy-in they need from their top leadership — or the guidance they need to use begin using social media — in their insider threat and security clearance programs.
The investigations process is to blame for higher security clearance processing times at the beginning of 2016 and end of 2015. Challenges with culture, resources and legal questions are also pushing agencies farther and farther off schedule in standing up their own insider threat programs.