Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Feds to unveil insider threat defense plan by year end

In the aftermath of the embarrassing leak of hundreds of thousands of sensitive government and military documents to the whistleblower website WikiLeaks, the Obama administration formed an interagency task force to refine the government's defenses against insider threats.

That effort, which could inform private-sector security practices and will have a significant impact on security-cleared defense contractors, is set to wrap up this year, with an initial report expected to be issued to the White House and senior national security authorities in the next month or two, and a final set of standards and guidance for implementation likely to roll out to the departments and agencies in October, federal officials said Wednesday here at the FOSE government IT conference.

"If you were going to put it in one word, it's focusing on the threat posed by malicious insiders," said John Swift, senior policy advisor to the Insider Threat Task Force for the office of the director of national intelligence.

President Obama issued the executive order establishing the task force in October in response to the alleged exfiltration of huge stores of classified documents by Pfc. Bradley Manning, and their subsequent publication in various global media outlets.

The executive order directs all agency heads who deal with classified information to designate a senior official to oversee the organization's activities surrounding the sharing and protecting of sensitive files, and to implement a program to detect insider threats once the task force issues its final guidelines. Those agencies will also be charged with conducting self-assessments of their compliance with the new standards and policies, and required to submit those reports to a new steering committee that the executive order established. Affected agencies will also be expected to dispatch staff, as needed, to the task force and a new Classified Information Sharing and Safeguarding Office.

That will mean a variety of new mandates for cash-strapped agencies -- always a source of concern in the government -- though the president's executive order allows that implementation of the directive is subject to the availability of funding.

Officials formulating the guidelines for deterring insider threats sought to downplay the impact their work would have on agency operations, and noted that they are seeking input from all corners of government to ensure they arrive at a practical implementation strategy that will prevent another WikiLeaks-like episode without establishing an onerous compliance burden or trampling on government employees' privacy or civil rights.

"On a macro level almost you can't be looking at one aspect of this directive. You have to be looking at systems and people," said the FBI's Diana Braun. "In other words, nobody's sitting in an ivory tower and coming up with policies that aren't possible to implement in the field."

Braun explained that the task force is not approaching the issue of insider threats with a "one-size-fits-all" mentality, but will provide agencies with some flexibility to implement the standards in accordance with the nuances of their organization.

What's more, members of the task force are urging agency heads to continue to evaluate and strengthen their existing procedures for detecting insider threats ahead of the final directive, noting that any government arm that handles or accesses classified data should already be acting in concert with a set of best practices. Even though the final standards and guidelines from the task force aren't due out until October, the administration has already tasked agencies with firming up their stance on other factors often involved in a data breach, such as the policies governing removable media, online identity management, access control and enterprise auditing.

"No agency is starting from scratch. That's the good news," Swift said. "It's going to take a while before agencies have a hard set of written standards to follow."

The precise impact that the forthcoming insider threat standards will have on the private sector is unclear, but it will likely be limited. While defense contractors with access to classified military networks will almost certainly have to hew to the forthcoming guidelines for insider threat detection, Swift explained that the president's executive order explicitly does not extend to private companies writ large. At the same time, the guidelines the government develops could inform or serve as a template for the best practices that businesses put in place, just as the task force is doing its work in consultation with the private sector.

"The executive order applies to federal agencies and departments. It doesn't apply to the private sector as a separate entity. Now, the insider threat standards that will be developed will be of use to individual companies and corporations. There's no reason why they wouldn't be of use," he said. "Having said that, the task force itself and others are reaching out to bring in the expertise of private-sector corporations so those standards are not developed in the blind."

Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for CIO.com.

Read more about government in CIO's Government Drilldown.

Related Articles

  1. CMO interview: Becoming a change agent

    CMO

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: FBI
References show all

Comments

insulation wall jablite

1

Thanks for finally talking about >Feds to unveil insider threat defense plan by year end - wikileaks, security, obama, Management Topics | Government, Management Topics, government, Feds, data leaks, business - CIO <Liked it!

Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
Whitepapers
  • Advanced Malware Exposed
    This handbook shines a light on the dark corners of advanced malware, both to educate as well as to spark renewed efforts against these stealthy and persistent threats. By understanding the tools being used by criminals, we can better defend our nations, our critical infrastructures and our citizens. This ebook will provide readers with a new understanding of the rapidly developing cyber threat landscape and practical insights into how they can protect their data and computing infrastructures. Download now.
    Learn more »
  • Android Malware Exposed
    Take an in-depth look at the evolution of android malware. The world of malware targeting the Android OS is similar yet very different from malware affecting Windows. Explore the rapidly evolving world of android malware and shed light on the various techniques used to exploit devices using this OS.
    Learn more »
  • CSO Spotlight: Security-as-a-Service Gaining Popularity
    Organizations that are looking for security features including identity management, encryption and access control — and at the same time want to take advantage of the cost and flexibility benefits of the cloud —might check into security-as-a-service offerings available now from several vendors. Download now to find out more.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments