Insider Threat Detection

What If the Insider Threat Memo Is about David Petraeus?

In a holiday document dump, President Obama transmitted Minimum Standards for Insider Threat Detection Programs. As mere citizens, we don’t get to see those standards. We only get to see the memo accompanying them, which leaves us guessing what–if anything–to make of the timing and content of the memo. In addition to Steven Aftergood’s general overview, Falguni Sheth, Kevin Gosztola, and Jesselyn Radack have some thoughts.

The simplest explanation for the timing of the memo is that’s when the Insider Threat Task Force developing them finished the Standards. The Standards were due a year after Obama ordered the creation of them on October 7, 2011.

Sec. 6.3. The Task Force’s responsibilities shall include the following:

(a) developing, in coordination with the Executive Agent, a Government-wide policy for the deterrence, detection, and mitigation of insider threats, which shall be submitted to the Steering Committee for appropriate review;

(b) in coordination with appropriate agencies, developing minimum standards and guidance for implementation of the insider threat program’s Government-wide policy and, within 1 year of the date of this order, issuing those minimum standards and guidance, which shall be binding on the executive branch;

That would mean they were due 45 days before Obama transmitted them. Perhaps the delay can be explained by either the election or a review within the White House (and I’m wonder whether Obama’s victory influenced how Obama received these Standards).

So it could well be that this memo was released as a holiday dump through sheer chance, Obama finishing up business before taking time with the family.

The timing of the transmittal might also be explained by personnel changes. James Clapper and Eric Holder (or their designees) would be the mandatory co-Chairs of the Task Force. While reports suggest Holder will stick around for another year, it’s unclear whether Clapper will be.

But then there’s the possibility that the Petraeus scandal influenced this release.

As a threshold matter, the EO mandating these Standards includes CIA involvement (by designees of but not the Director himself) on both the Task Force and Steering Committee on Insider Treats. It also reserves the authority of the Director of CIA with regards to security of information systems under an earlier EO and a National Security Directive. What happens where you’re in the middle of rolling out an Insider Threat Detection Program and one of the key players involved in it is embroiled in an insider threat investigation himself?

The EO also allows the Director of National Intelligence to “issue policy directives” to help the agencies of the Intelligence Community comply with this.

With respect to the Intelligence Community, the Director of National Intelligence, after consultation with the heads of affected agencies, may issue such policy directives and guidance as the Director of National Intelligence deems necessary to implement this order.

Perhaps such “policy directives” no longer seem like such a good idea if the CIA Director can’t even limit his threat profile.

Then there’s the possibility that the behavior of one of the players in the scandal demonstrated that the Standards are not yet being met. While reportedly Petraeus and Paula Broadwell only shared a GMail account–and therefore there is no allegation that they used the classified networks addressed in the EO–we have fewer details about what network General Allen was using to exchange sexy-time emails with Jill Kelley. Furthermore, whlie we know Broadwell had classified information on her computer and in her house, we don’t have much detail on this, either. As a Reserve Officer, her behavior may well have demonstrated holes in the program implemented by DOD.

In other words, it may be that the Standards had been languishing for 45 days after they were completed, but the Petraeus scandal identified that the Insider Threat Detection should have but did not identify some of the activities going on. That might have created some urgency for Obama to transmit them, so he could start cracking heads at the agencies where they standards were not being met. Obama’s memo also promises the standards will “provide the workforce with insider threat awareness training,” so it’s possible the Administration believes that if just its top Generals had a bit more training they might not destroy their careers by compromising security. Though, as Marc Ambinder explained, because he was in the chain of command for the nuclear football, Petraeus would have had extensive indoctrination on potential threats.

Or maybe it’s something else entirely.

Continue reading

Emptywheel Twitterverse
emptywheel @LarryAkey "It's not secret law bc Exec did it w/NO law for years in secret." /Intelligence @timstarks
5mreplyretweetfavorite
emptywheel RT @rj_gallagher: That awkward moment when the US govt has to issue an alert about malware it & its allies likely created: https://t.co/IeS
5mreplyretweetfavorite
emptywheel RT @JasonLeopold: Filed a new #FOIA lawsuit against DOJ for all files/docs on new AG pick Lorretta Lynch's handling of HSBC case https://t.…
15mreplyretweetfavorite
emptywheel RT @ChMadar: Many thanks to @WalterWKatz for his immense legal expertise on police violence in writing this: http://t.co/PPjyWiEfT7 via @th
17mreplyretweetfavorite
emptywheel @puellavulnerata "Virulent." Because if an attack bugs them it must be "virulent." Maybe "throbbing" even.
19mreplyretweetfavorite
emptywheel RT @just_security: Guest Post by @CatoInstitute's @PGEddington: "#NSA Reform—The Consequences of Failure" http://t.co/tE2zKfVf2h cc: @ggree
20mreplyretweetfavorite
emptywheel @puellavulnerata Do you mind if I start calling you "virulent assault"? Just about sums this all up, that you're perceived as such
22mreplyretweetfavorite
emptywheel RT @MarshallProj: Unorthodox police procedures in grand jury docs: Darren Wilson put his gun into an evidence bag himself. http://t.co/BTt0
26mreplyretweetfavorite
bmaz @rortybomb @MasaccioFDL It's a bald modern bromance!
34mreplyretweetfavorite
emptywheel RT @elizabeth_joh: UN adopts resolution for protection of privacy in digital era--but not backed by 5 Eyes countries by @SominiSengupta htt…
36mreplyretweetfavorite
emptywheel RT @BaFana3: Surprisingly little media reaction to claim that for the first time, US troops launched a combat mission on the ground in #Yem
40mreplyretweetfavorite
emptywheel RT @wizardkitten: The hilarious hypocrisy of Republicans complaining about the imperial presidency http://t.co/Zaa60O5694 // Certain R guvs…
1hreplyretweetfavorite
November 2014
S M T W T F S
« Oct    
 1
2345678
9101112131415
16171819202122
23242526272829
30