The Department of Defense recently demonstrated the “Continuous Evaluation” of approximately 100,000 cleared military, civilian and contractor personnel, in order to validate their eligibility for access to classified information on an ongoing basis.
Continuous Evaluation (CE) refers to the automated monitoring of government and commercial databases for signs of criminal behavior, irregular financial activity, or other “triggers” that could lead to suspension of a security clearance. CE is a central feature of the emerging Insider Threat program that is intended to deter and detect espionage, terrorism, unauthorized disclosures of classified information, and other offenses by security-cleared personnel.
According to a new quarterly report on the Insider Threat program, the Department of Defense is on track to expand its Continuous Evaluation capability to 225,000 persons by the end of 2015, to 500,000 persons by the end of 2016, and to 1 million persons during 2017. (There are approximately 4.5 million cleared personnel in government and industry.) See Insider Threat and Security Clearance Reform, Quarterly Report, FY 2015, Quarter 2, June 2015.
But progress has been uneven. The Office of the Director of National Intelligence missed a December 2014 milestone for Continuous Evaluation of the most sensitive Top Secret and TS/SCI (Top Secret/Sensitive Compartment Information) clearance holders in government and industry. The revised goal is “to have CE completed on a portion of the TS and TS/SCI population in the Executive Branch by the end of FY 16,” the new quarterly report said.
The Insider Threat problem is a difficult one particularly since the fraction of employees who are spies, terrorists, or leakers is minuscule. Nor does this tiny contingent have a simple, readily identifiable profile. (Convicted spy Aldrich Ames and fugitive unauthorized-discloser Edward Snowden, for example, seem to have few traits in common, although both apparently passed their polygraph examinations without difficulty.)
Therefore, even though Continuous Evaluation is years away from full implementation, security policy officials are already looking beyond it for other options.
Last week, the Intelligence Advanced Research Projects Agency (IARPA) invited researchers to submit proposals for its Scientific advances to Continuous Insider Threat Detection (SCITE) Program.
The SCITE Program seeks “a new class of insider threat indicators, called active indicators, where indicative responses are evoked from potential insider threats,” according to the June 18 Broad Agency Announcement issued by the IARPA “Office for Anticipating Surprise.”
“Current practice and research is heavily focused on passive indicators that monitor existing data sources for indicative behaviors,” IARPA said.
By contrast, “Active indicators introduce stimuli into a user’s environment that are designed to evoke responses that are far more characteristic of malicious users than normal users. For example, a stimulus that suggests that certain file-searching behaviors may be noticed is likely to be ignored by a normal user engaged in work-related searches, but may cause a malicious user engaged in espionage to cease certain activities.”
The incoming administration must act to address bias in medical technology at the development, testing and regulation, and market-deployment and evaluation phases.
Increasingly, U.S. national security priorities depend heavily on bolstering the energy security of key allies, including developing and emerging economies. But U.S. capacity to deliver this investment is hamstrung by critical gaps in approach, capability, and tools.
Most federal agencies consider the start of the hiring process to be the development of the job posting, but the process really begins well before the job is posted and the official clock starts.
The new Administration should announce a national talent surge to identify, scale, and recruit into innovative teacher preparation models, expand teacher leadership opportunities, and boost the profession’s prestige.