DNI Issues New Policy on Leak Damage Assessments
The Director of National Intelligence has issued new guidance on assessing damage resulting from the unauthorized disclosure of classified intelligence information to ensure that the damage assessments “are produced in an efficient, timely, consistent and collaborative manner.”
Leak damage assessments should be used iteratively and the lessons learned from them should be applied “to strengthen the protection of classified national intelligence and prevent future unauthorized disclosures or compromises.”
In addition to the facts and circumstances of the unauthorized disclosure, damage assessments should identify “any foreign involvement” in the case and “actionable recommendations to prevent future occurrences.”
Where foreign partners are affected by the leak, agency heads shall coordinate with DNI “prior to notifying a foreign government.” Also, “foreign governments normally will not be advised of any security system vulnerabilities that contributed to the compromise.”
See “Damage Assessments,” Intelligence Community Directive 732, June 27, 2014.
Using the NIST as an example, the Radiation Physics Building (still without the funding to complete its renovation) is crucial to national security and the medical community. If it were to go down (or away), every medical device in the United States that uses radiation would be decertified within 6 months, creating a significant single point of failure that cannot be quickly mitigated.
The federal government can support more proactive, efficient, and cost-effective resiliency planning by certifying predictive models to validate and publicly indicate their quality.
We need a new agency that specializes in uncovering funding opportunities that were overlooked elsewhere. Judging from the history of scientific breakthroughs, the benefits could be quite substantial.
The cost of inaction is not merely economic; it is measured in preventable illness, deaths and diminished livelihoods.