Insider Threat Program May Not Be Ready by 2017
Security policies in the executive branch are being overhauled in response to a potential “insider threat.” But while some progress is being made, the intended functionality will not be available for several more years to come.
The insider threat includes “the threat of those insiders who may use their authorized access to compromise classified information.” Three years ago, due in part to the unauthorized disclosures by then-Pfc. Bradley Manning to WikiLeaks, President Obama issued Executive Order 13587 directing agencies to “implement an insider threat detection and prevention program.”
Last week, the Department of Defense finally issued an internal directive establishing department policy on the subject. The policy aims to establish “an integrated capability to monitor and audit information for insider threat detection and mitigation,” including “the monitoring of user activity on DoD information networks.” See “The DoD Insider Threat Program,” DoD Directive 5205.16, September 30, 2014.
But that is easier said than done. The timetable for achieving a government-wide insider threat program does not envision an Initial Operating Capability until January 2017, and even the achievement of that operational milestone is considered to be “at risk,” according to the latest quarterly report on Insider Threat and Security Clearance Reform (at p. 15).
Prior to 2010, Army regulations “never adequately addressed the ‘insider threat’,” said a 2011 Army investigative report on the Compromise of Classified Information to Wikileaks that was released by the Army in redacted form last month.
“Disenchanted idealists are… a fertile source of information” for adversaries, according to Army Regulation 530-1 on Operations Security, updated 26 September 2014.
Americans are paying too much for almost everything, because the United States has long treated its trucking industry as an artifact to be preserved rather than as an opportunity for innovation.
These ideas aim to advance the detailed policy solutions needed to foster public trust and implement fairness in the adoption of AI across diverse domains, from healthcare and government benefits to rural access, education, and worker protections.
The evidence is clear: algorithmic pay-setting is established in app-based work, and payroll/timekeeping failures show how software can produce systemic wage harm at scale
While a few states have taken steps to implement decision-making mechanisms for certain AI systems, too many leaders are simply accepting narratives about AI’s purported public benefit at face value – jumping to the “how” of AI implementation before thoroughly vetting potential systems and deciding whether they are appropriate to use at all.