We’ve had a flood of interest in the nuts and bolts of the security clearance process as individuals learn more about our procedures around classified information in the face of from sloppy document handling procedures by a flood of politicians (at this point I think Mike Pence may have planted those classified documents in his residence just so he didn’t feel left out). Christopher Burgess gives a great overview of just how those documents can walk out the door. Sometimes it’s malicious, often times its accidental.
The other question we’re getting frequently is how many people have a security clearance, with a bit of criticism harkening back to the 2014 timeframe where some officials started asking – do too many people have a security clearance?
The number of individuals holding some form of security clearance today is still lower than it was back in 2014, when more than 5 million people had clearances (Confidential, Secret, and Top Secret). Today, the number is growing, but sits at approximately 4.8 million. But while the overall number of clearances continues to grow, and government agencies like the Defense Counterintelligence Agency (DCSA) process an average of 17,000 cases each month, the number of individuals actually using that clearance eligibility sits at just 2.1 million. That’s because the government keeps track of not just who has ‘eligibility’ to access classified information – but who is actually doing so.
When breaches happen, they’re not a direct result of too many people having a security clearance – in fact, if anything, they may be as a result of political officials not keeping enough people with an understanding of the security clearance process near them. There are also bigger questions concerning overclassification and classification procedures – such as what gets printed, how it gets transferred, and whether classification markings are being properly used.
When security breaches happen the question shouldn’t immediately go to – why do all of these people have access to classified information? The better question is – why is this information classified and how did it get here (and how could a person with the right classification awareness have established better procedures so classified information isn’t walking out the door?).