Pentagon exploring methods to mitigate insider threats
- By Frank Konkel
- Dec 06, 2013
The Pentagon is researching how best to identify and prevent the next Edward Snowden or Bradley (Chelsea) Manning-level insider threat.
In a request for information made public Nov. 22, the Defense Department aims to gauge the capabilities, experience, knowledge and abilities of contractors qualified to participate in its internal security threat program.
No doubt expedited by unauthorized disclosures from Snowden, a former National Security Agency contractor, and Manning, an Army private who leaked 250,000 documents, the request ultimately stems from an executive order issued by President Barack Obama on Oct. 7, 2011.
Executive Order 13587 directed the government to ensure the responsible sharing and safeguarding of classified national security information within and between federal agencies, prompting other policy directives, including the National Insider Threat Policy.
The latest request, which asked for responses from contractors by Dec. 6, is likely just the next stage in handling insider threats, and information received from this RFI could be used to issue a request for proposals in the near future. Specifically, the Pentagon seeks:
- Counterintelligence-focused support to investigations involving, but not limited to espionage, sabotage, treason, terrorism and insider threat; conduct inquiries to identify and develop insider threat leads for possible referral to investigators; conduct background records reviews to identify past behaviors relevant to the issue under inquiry; provide comprehensive written reports as required; review results of data analysis of insider threat auditing and monitoring software systems to detect, identify and refer threats to the appropriate entities.
- Provide subject matter expertise in the security clearance process to include adjudication of clearances, processing of security information files, and suspension of clearances for violating security protocols to support documenting violations or attempts to bypass or circumvent the activities and systems identified above.
- Conduct data analysis of auditing and monitoring software to detect, identify and refer threats to the appropriate entities.
- Support development and implementation of security measures that protect the handling, storing, processing, and transfer of classified information.
Frank Konkel is a staff writer covering big data, mobile, open government and a range of science/technology issues. Connect with him on Twitter at @Frank_Konkel.