The National Background Investigation Bureau is making efforts to create an insider threat score that could determine a person’s security clearance when doing secretive government work.
The insider threat score will be very similar to that of a FICO score to determine trustworthiness. An individual would be checked up on in the same fashion that a person would be checked on to see what the chances are that they would default on a loan. In this case, people with security clearance for classified information would be given a score to see what the chances are that they would go rogue and divulge the information.
The process would be a change in checking up on intelligence and military staff. Instead of checking up on these personnel every five years, these people will undergo occasional searches of things like mortgage transactions, court records and even social media posts.
The way that this insider threat score would be created would be to reverse engineer the activities of people that have gone rogue and leaked information. Actuaries would then build a model based on the behavioral components of these leakers and then every employees data would be analyzed to determine what their score would be.
Instead of having to probe these individuals, computers and electronic equipment will analyze the data and determine a person’s overall threat to leak information. Employees that require security clearance to classified information undergo background checks where a polygraph test is administered. The majority of the important information needed comes from the polygraph test.
NSA has previously used a social media test on 175 spy agency employees. The test was successful and 45% of the searches had information that the NSA uses to judge candidates.
Previously, there have been some weaknesses in evaluations of people that have knowledge of classified information. There have been multiple critics that have had concerns about the quality of investigations done by contractors, especially when it comes to those that did the background checks on Edward Snowden, Navy Yard shooter Aaron Alexis, and others that have been insider threats.
As a result of some of this criticism, the information will be handled by the Defense Information Systems Agency as opposed to private vendors. Despite this, the majority of investigative work will be done by contractors.
Do you think that there should be a shift in the process of finding potential insider threats? Let us know in the comments below.