The “Insider Threat Program”


Obama’s crackdown views leaks as aiding enemies of U.S.

June 20, 2013

WASHINGTON — Even before a former U.S. intelligence contractor exposed the secret collection of Americans’ phone records, the Obama administration was pressing a government-wide crackdown on security threats that requires federal employees to keep closer tabs on their co-workers and exhorts managers to punish those who fail to report their suspicions. President Barack Obama’s unprecedented initiative, known as the Insider Threat Program, is sweeping in its reach. It has received scant public attention even though it extends beyond the U.S. national security bureaucracies to most federal departments and agencies nationwide, including the Peace Corps, the Social Security Administration and the Education and Agriculture departments. It emphasizes leaks of classified material, but catchall definitions of “insider threat” give agencies latitude to pursue and penalize a range of other conduct. Government documents reviewed by McClatchy illustrate how some agencies are using that latitude to pursue unauthorized disclosures of any information, not just classified material. They also show how millions of federal employees and contractors must watch for “high-risk persons or behaviors” among co-workers and could face penalties, including criminal charges, for failing to report them. Leaks to the media are equated with espionage.

“Hammer this fact home . . . leaking is tantamount to aiding the enemies of the United States,” says a June 1, 2012, Defense Department strategy for the program that was obtained by McClatchy.

The Obama administration is expected to hasten the program’s implementation as the government grapples with the fallout from the leaks of top secret documents by Edward Snowden, the former National Security Agency contractor who revealed the agency’s secret telephone data collection program. The case is only the latest in a series of what the government condemns as betrayals by “trusted insiders” who have harmed national security. “Leaks related to national security can put people at risk,” Obama said on May 16 in defending criminal investigations into leaks. “They can put men and women in uniform that I’ve sent into the battlefield at risk. They can put some of our intelligence officers, who are in various, dangerous situations that are easily compromised, at risk. . . . So I make no apologies, and I don’t think the American people would expect me as commander in chief not to be concerned about information that might compromise their missions or might get them killed.” As part of the initiative, Obama ordered greater protection for whistleblowers who use the proper internal channels to report official waste, fraud and abuse, but that’s hardly comforting to some national security experts and current and former U.S. officials. They worry that the Insider Threat Program won’t just discourage whistleblowing but will have other grave consequences for the public’s right to know and national security.

The program could make it easier for the government to stifle the flow of unclassified and potentially vital information to the public, while creating toxic work environments poisoned by unfounded suspicions and spurious investigations of loyal Americans, according to these current and former officials and experts. Some non-intelligence agencies already are urging employees to watch their co-workers for “indicators” that include stress, divorce and financial problems. “It was just a matter of time before the Department of Agriculture or the FDA (Food and Drug Administration) started implementing, ‘Hey, let’s get people to snitch on their friends.’ The only thing they haven’t done here is reward it,” said Kel McClanahan, a Washington lawyer who specializes in national security law. “I’m waiting for the time when you turn in a friend and you get a $50 reward.” The Defense Department anti-leak strategy obtained by McClatchy spells out a zero-tolerance policy. Security managers, it says, “must” reprimand or revoke the security clearances – a career-killing penalty – of workers who commit a single severe infraction or multiple lesser breaches “as an unavoidable negative personnel action.”

Employees must turn themselves and others in for failing to report breaches. “Penalize clearly identifiable failures to report security infractions and violations, including any lack of self-reporting,” the strategic plan says. The Obama administration already was pursuing an unprecedented number of leak prosecutions, and some in Congress – long one of the most prolific spillers of secrets – favor tightening restrictions on reporters’ access to federal agencies, making many U.S. officials reluctant to even disclose unclassified matters to the public. The policy, which partly relies on behavior profiles, also could discourage creative thinking and fuel conformist “group think” of the kind that was blamed for the CIA’s erroneous assessment that Iraq was hiding weapons of mass destruction, a judgment that underpinned the 2003 U.S. invasion.


Obama’s ‘insider threat’ crackdown on leaks

June 21, 2013

A year and a half after Pfc. Bradley Manning was arrested for one of the greatest unauthorized leaks in American history to the website Wikileaks, President Obama took steps to ensure that such a thing would never happen again. On October 7, 2011, he signed an executive order which mandated the creation of an inter-agency Insider Threat Task Force and required any agency handling classified material to “implement an insider threat detection and prevention program” with guidance from the task force.

Nearly two years later, the Insider Threat Program has gone far beyond an early warning system for potential leaks. It has instead become something far more aggressive, and far more sweeping.

“The program could make it easier for the government to stifle the flow of unclassified and potentially vital information to the public, while creating toxic work environments poisoned by unfounded suspicions and spurious investigations of loyal Americans, according to these current and former officials and experts,” according to a new report from McClatchy’s Washington Bureau. “Some non-intelligence agencies already are urging employees to watch their co-workers for ‘indicators’ that include stress, divorce and financial problems.”

“It’s about people’s profiles, their approach to work, how they interact with management,” a senior Pentagon official told McClatchy. “Are they cheery? Are they looking at or The Onion during their lunch break?”

Those non-intelligence agencies include the Department of Education, which cautions employees that “certain experiences,” such as “stress, divorce, [and] financial problems” could turn even a trusted co-worker “into an insider threat.” Broad parameters are left up to each agency’s interpretations of what constitutes as a threat.

“If reading is enough to make you a suspicious person, that feels like the ’50s to me,” University of South Florida historian David Johnson told MSNBC. Johnson is the author of The Lavender Scare, a history of Washington’s efforts to out any closeted homosexuals from the federal government during the Cold War.

Source = MSNBC

Office of the National Counter Intelligence Executive (NCIX)

Insider Threat

The National Counter intelligence Executive, Mr. Robert Bryant, recently noted that, “Insider threats remain the top counter intelligence challenge to our community.” An insider threat arises when a person with authorized access to U.S. Government resources, to include personnel, facilities, information, equipment, networks, and systems, uses that access to harm the security of the United States. Malicious insiders can inflict incalculable damage. They enable the enemy to plant boots behind our lines and can compromise our nation’s most important endeavours.

Source = NCIX




Our understanding of the insider threat

Insider threat exists within every organization where employees (insiders)comprise the core of an organization’s operational plan and are the key drivers of its mission  execution
As a result (threat) of some perceived injustice, retaliation, sense of entitlement, or unwitting need for attention and/or validation, the employee takes some action as part of a contrived solution that results in negative consequences for the organization
Asset loss is the end result of actions taken by an employee or insider who has access to sensitive, classified, or proprietary information that when disclosed causes damage to  an organization’s interests
Source = NIST

3 responses to “The “Insider Threat Program”

  1. Hi there, after reading this amazing piece of writing i
    am as well delighted to share my knowledge here with mates.

  2. Hello to all, since I am really eager of reading this web site’s post to be updated daily.

    It consists of fastidious material.

  3. Incredible quest there. What happened after?
    Take care!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s