Many policy objectives were ardently debated throughout the 2016 presidential election cycle and became polarizing issues, dividing people chiefly along party lines. By contrast, the twin issues of improved insider threat detection and security clearance reform have retained broad bipartisan support.
This Friday, President Obama will hand over the keys to the US government to President-elect Trump and his new administration. While both sides will work to ensure a degree of continuity and stability, the incoming team will quickly prioritize its objectives and begin shifting policy and programs to align with its stated goals.
Incoming transition teams craft their agendas within the first 90 to 180 days of taking office. We hope that President-elect Trump and his team will keep insider-threat detection improvements and security-clearance reform near the top of theirs, to ensure the government’s critical information and assets are protected from malicious insiders. In their absence we have seen a steady stream of damaging data breaches, leaked classified information and even active-shooter situations. At the same time, according to National Background Investigations Bureau (NBIB) transition leader Jim Onusko, there is an estimated security clearance backlog of over 500,000 cases. (The NBIB was itself established in the wake of the massive Office of Personnel Management data breach revealed in 2015.)
In all likelihood these challenges will continue to be serious enough to prompt the Trump administration to act with a sense of urgency, keeping its collective foot on the pedal to develop a better risk framework for the essential processes surrounding security clearances and insider threats.
Over the past few years the US government has made progress on the building blocks of new systems and processes they indicate will form the foundation of a stronger, more secure and analytical insider threat program. While laying this groundwork has allowed organizations to think about long-term strategic plans, however, they have failed to implement near-term solutions designed to mitigate insider risk. The most recent White House Performance.Gov assessment of insider threat program implementations notes for example that deadlines to establish baseline criteria and initial operating capability (IOC) were both missed, while full operational capability (FOC) is deemed ‘at risk’ and is expected to be missed.
On the plus side, the 2017 National Defense Authorization Act, which was recently signed into law by President Obama, reinforces the insider threat requirement and highlights many of the attributes agencies need to adhere to at FOC.
So with all of this policy, law and foundation already laid, the incoming Trump administration is well-positioned to accelerate insider-threat program implementation and the security-clearance transformation effort. Much heavy lifting has already been accomplished and the new administration has an opportunity to finish what has been a challenge to both Democratic and Republican leaders in the past.
By pushing this twin effort, the Trump administration can:
- Better protect the sensitive data and assets held by the government
- Enable enhanced insider threat detection by creating mechanisms for combining disparate data sets (physical data, personnel data and network data)
- Improve risk assessment and decrease the total cost of programs by applying advanced analytics
As the newly inaugurated president looks for ways to drive home his message of security and accountability, he and his team will find success early in his term by accelerating clearance reform efforts and making the country safer from rogue insiders.
Adam Lurie is Director of Predictive Analytics at Haystax Technology.