Subscribe to CIO Magazine »

Feds to unveil insider threat defense plan by year end

In the aftermath of the embarrassing leak of hundreds of thousands of sensitive government and military documents to the whistleblower website WikiLeaks, the Obama administration formed an interagency task force to refine the government's defenses against insider threats.

That effort, which could inform private-sector security practices and will have a significant impact on security-cleared defense contractors, is set to wrap up this year, with an initial report expected to be issued to the White House and senior national security authorities in the next month or two, and a final set of standards and guidance for implementation likely to roll out to the departments and agencies in October, federal officials said Wednesday here at the FOSE government IT conference.

"If you were going to put it in one word, it's focusing on the threat posed by malicious insiders," said John Swift, senior policy advisor to the Insider Threat Task Force for the office of the director of national intelligence.

President Obama issued the executive order establishing the task force in October in response to the alleged exfiltration of huge stores of classified documents by Pfc. Bradley Manning, and their subsequent publication in various global media outlets.

The executive order directs all agency heads who deal with classified information to designate a senior official to oversee the organization's activities surrounding the sharing and protecting of sensitive files, and to implement a program to detect insider threats once the task force issues its final guidelines. Those agencies will also be charged with conducting self-assessments of their compliance with the new standards and policies, and required to submit those reports to a new steering committee that the executive order established. Affected agencies will also be expected to dispatch staff, as needed, to the task force and a new Classified Information Sharing and Safeguarding Office.

That will mean a variety of new mandates for cash-strapped agencies -- always a source of concern in the government -- though the president's executive order allows that implementation of the directive is subject to the availability of funding.

Officials formulating the guidelines for deterring insider threats sought to downplay the impact their work would have on agency operations, and noted that they are seeking input from all corners of government to ensure they arrive at a practical implementation strategy that will prevent another WikiLeaks-like episode without establishing an onerous compliance burden or trampling on government employees' privacy or civil rights.

"On a macro level almost you can't be looking at one aspect of this directive. You have to be looking at systems and people," said the FBI's Diana Braun. "In other words, nobody's sitting in an ivory tower and coming up with policies that aren't possible to implement in the field."

Braun explained that the task force is not approaching the issue of insider threats with a "one-size-fits-all" mentality, but will provide agencies with some flexibility to implement the standards in accordance with the nuances of their organization.

What's more, members of the task force are urging agency heads to continue to evaluate and strengthen their existing procedures for detecting insider threats ahead of the final directive, noting that any government arm that handles or accesses classified data should already be acting in concert with a set of best practices. Even though the final standards and guidelines from the task force aren't due out until October, the administration has already tasked agencies with firming up their stance on other factors often involved in a data breach, such as the policies governing removable media, online identity management, access control and enterprise auditing.

"No agency is starting from scratch. That's the good news," Swift said. "It's going to take a while before agencies have a hard set of written standards to follow."

The precise impact that the forthcoming insider threat standards will have on the private sector is unclear, but it will likely be limited. While defense contractors with access to classified military networks will almost certainly have to hew to the forthcoming guidelines for insider threat detection, Swift explained that the president's executive order explicitly does not extend to private companies writ large. At the same time, the guidelines the government develops could inform or serve as a template for the best practices that businesses put in place, just as the task force is doing its work in consultation with the private sector.

"The executive order applies to federal agencies and departments. It doesn't apply to the private sector as a separate entity. Now, the insider threat standards that will be developed will be of use to individual companies and corporations. There's no reason why they wouldn't be of use," he said. "Having said that, the task force itself and others are reaching out to bring in the expertise of private-sector corporations so those standards are not developed in the blind."

Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for

Read more about government in CIO's Government Drilldown.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: FBI
References show all


insulation wall jablite


Thanks for finally talking about >Feds to unveil insider threat defense plan by year end - wikileaks, security, obama, Management Topics | Government, Management Topics, government, Feds, data leaks, business - CIO <Liked it!

Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
Latest Blog Posts
  • IDC Case Study: Convergence with Vblock Systems: A Value Measurement
    This whitepaper details the results of a series of interviews conducted by IDC with 11 IT organizations, enterprises, and major service providers that deployed converged infrastructure systems based on Vblock Systems.
    Learn more »
  • Smarter Data Centre Outsourcing: Considerations for CFOs
    Deloitte explores the business and finance implications associated with managing data centres. This paper outlines the options available to structure an organisations data centre and complementary IT services and provides the key considerations that need to be reviewed when determining which option works best for them.
    Learn more »
  • Modernize Your Business with Oracle ERP Cloud
    If your business has plans that include aggressive growth and aspires to be a best-in-class organization, your IT systems and applications need to be up to the task. Homegrown solutions or outdated software can hamper the execution of your strategic vision. If your IT infrastructure and maintenance costs are affecting your ability to stay competitive, then a cloud-based enterprise resource planning (ERP) suite is well worth exploring. This eBook explores the core components of a cloud-based ERP solution that delivers enterprise-class software without sacrificing functionality or changes to business processes and with no additional cost for infrastructure and complicated integrations.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index