The government-wide effort to contain the threat to classified information and sensitive facilities from trusted insiders is falling behind schedule.
Currently, the anticipated achievement of an Initial Operating Capability for insider threat detection by January 2017 is “at risk,” according to a new quarterly progress report. Meanwhile, the date for achieving a Full Operating Capability cannot even be projected. See “Insider Threat and Security Clearance Reform, FY2014, Quarter 4.”
One aspect of the insider threat program is “continuous evaluation” (CE), which refers to the ongoing review of background information concerning cleared persons in order to ensure that they remain eligible for access to classified information and to provide prompt notice of any anomalous behavior.
The Office of the Director of National Intelligence was supposed to achieve “an initial CE capability for the most sensitive TS [Top Secret] and TS/SCI population” by December 2014. The latest quarterly report on the Insider Threat program noted that this milestone is “at risk.” In fact, it was missed.
“We did not meet” the December 2014 milestone for an initial CE capability, confirmed ODNI spokesman Eugene Barlow, though he said that “we’ve made considerable progress” in the Insider Threat program overall.
Nor has a revised milestone date for the initial CE capability been set, he added. But “we continue to aggressively push forward” and the desired function will be rolled out over the next few years, he said.
The Department of Defense is “on track” to provide continuous evaluation of 225,000 agency personnel by the end of 2015, and to expand that number to 1 million employees by 2017, according to the quarterly report. Actual achievements in individual agencies are classified.
As a general matter, the Insider Threat program faces both technological and “cultural” obstacles.
The information technology structures that are in place at most executive branch agencies are not optimized to support continuous evaluation or related security policies. Adapting them to address the insider threat issue is challenging and resource-intensive. Nor are agency policies and practices consistent across the government or equally hospitable to security concerns.
But it’s worth noting that the uneven performance described in the quarterly report reflects a degree of public candor that is unusual in security policy. Instead of presenting assurances that everything is fine in the Insider Threat program, the report acknowledges that some things are not fine and will not be fine for an unspecified time. That is refreshing and even, in its straightforward approach to the issue, somewhat encouraging.
Investing in interventions behind the walls is not just a matter of improving conditions for incarcerated individuals—it is a public safety and economic imperative. By reducing recidivism through education and family contact, we can improve reentry outcomes and save billions in taxpayer dollars.
The U.S. government should establish a public-private National Exposome Project (NEP) to generate benchmark human exposure levels for the ~80,000 chemicals to which Americans are regularly exposed.
The federal government spends billions every year on wildfire suppression and recovery. Despite this, the size and intensity of fires continues to grow, increasing costs to human health, property, and the economy as a whole.
To respond and maintain U.S. global leadership, USAID should transition to heavily favor a Fixed-Price model to enhance the United States’ ability to compete globally and deliver impact at scale.