In the wake of the leaks of Edward Snowden and the Navy Yard shooting, government officials called for the urgent need to establish a Continuous Evaluation (CE) program for cleared professionals. With periodic reinvestigations occurring only every 5-10 years (and often delayed due to budget constraints), CE was seen as a way to put technology to use to help establish a better barometer of trustworthiness. And unlike current procedures, which require self-reporting potentially adverse information, including financial difficulties or illegal activity, CE would rely on automatic triggers to provide this information directly to the government.
In the second quarter of Fiscal Year 2015 the Office of Management and Budget completed a Continuous Evaluation pilot on approximately 100,000 cleared Department of Defense employees, according to a progress update published on the website Secrecy News. They also “initiated development of IT tools/capabilities to detect falsification.”
The report notes the Office of the Director of National Intelligence is on track with its efforts to roll out Continuous Evaluation to 500,000 by the end of 2016 and one million by the end of 2017. It has not yet accomplished the goal of developing CE for the most sensitive TS and TS/SCI populations. And despite the ‘urgency’ behind the effort, it’s far from a silver bullet to prevent insider threats.
“The Insider Threat problem is a difficult one particularly since the fraction of employees who are spies, terrorists, or leakers is minuscule,” Steven Aftergood of Secrecy News notes. “Nor does this tiny contingent have a simple, readily identifiable profile. (Convicted spy Aldrich Ames and fugitive unauthorized-discloser Edward Snowden, for example, seem to have few traits in common, although both apparently passed their polygraph examinations without difficulty.)”
And it appears the government may already be looking to what’s beyond CE. The Intelligence Advanced Research Projects Agency (IARPA) released a broad agency announcement last week calling for proposals for its Scientific advances to Continuous Insider Threat Detection (SCITE) Program. SCITE focuses on ‘active indicators’ where responses are “evoked from potential insider threats,” according to the announcement. For a very human problem (espionage and insider threats), IARPA is hoping it can find a very big-data centric solution.