Monday, March 10, 2014

Intelligence Association Calls For Security Clearance Process Overhaul By: Kylie Bull, Contributing Editor

Read the current issue of Homeland Security Today.

Read the Fall 2013 Education Guide.
Intelligence Association Calls For Security Clearance Process Overhaul
By: Kylie Bull, Contributing Editor
03/10/2014 (10:52am)


Reforming the way security clearances are granted is one of the urgent steps that needs to be taken to improve periodic reinvestigation (PR) of persons holding a security clearance. In addition, fundamental improvements are needed throughout the overall security clearance process, the Intelligence and National Security Alliance (INSA) said in a new Security Reform Policy Council (SPRC) white paper.

The SPRC’s white paper, “Leveraging Emerging Technologies in the Security Clearance Process,” outlined an approach using promising new technologies to augment PRs through a process of “continuous monitoring and evaluation” (CME) that will increase the regularity and consistency of the security clearance reinvestigation process; improve the overall relevance and accuracy of PR data collection and analysis; and allow for greater portability of clearance holder data.

“The need for an enhanced PR system is immediate. An improved system would provide better quality investigations, more detailed and deeper analysis of individuals in the system, and real-time evaluations of security clearance holders. It could fill gaps in the current PR process leading to a better quality investigation and ‘whole person’ adjudications,” said INSA Senior Intelligence Advisor and SPRC Chair Charlie Allen, former head of the Department of Homeland Security’s (DHS) Intelligence & Analysis Directorate and a long-time CIA officer.

Merging CME capabilities with current PR requirements could permit an evolutionary way to implement a state-of-the-art process that provides an ongoing perspective on cleared individuals rather than a snapshot every five years or more.

The continuous updating and near real-time reporting of results would also allow for the flagging of suspicious behavior inconsistent with a security clearance or job assignment. This process could provide for better-informed risk-management decisions and increased opportunities to mitigate and resolve clearance holders’ problems.

The white paper also sets out recommendations for an enhanced PR solution. These include moving to an online clearance information reporting application and making use of internal agency databases.

The central use of self-reported data would allow agencies to maintain risk profiles for all clearance levels and establish escalation flags matched with levels of clearance access that could prove useful when staff members are cleared at multiple levels on differing contracts or at multiple agencies. Risk markers could also be set for when one person gains access to multiple, classified networks or other advanced caveats.

An enhanced PR through the online reporting application would also make it easier to self-report personnel security-relevant issues and encourage individual accountability because clearance holders will understand the CME capabilities to uncover errors or omissions.

As an interim measure, itcould involve “greater use of randomness as a solution” which may “discourage unwise behavior in the first place or at least cause clearance holders to act with caution if they know they are being continuously monitored and can lose their jobs.”

Another recommendation called for the partnering of enhanced PR with other relevant efforts. The combination of an enhanced PR with insider threat and counterintelligence programs would provide broader access to data that officers can use to spot behavior, travel, contacts and purchases across personnel, contracts, assignments and supervisors worthy of investigation.

“Espionage post mortems could [also] benefit from pre mortem assessments that might identify suspicious behavior in time to deter or interdict illegal activities,” the paper said.

The paper also recommended that expectations involve a cost-benefit analysis, metrics and technology standards, and noted that “early articulation of the problems agencies may face in adopting new systems and applications should make it easier to accommodate exceptions.”

Finally, while the concepts discussed in the paper conform to existing privacy laws and regulations, the authors said full discussion of civil liberties and privacy issues will be essential to designing and implementing a successful CME process. Civil liberties and privacy offices and general counsels must also be active participants from the planning stage, they said.

SPRC Vice Chairman Kathy Pherson said “Improving the security reform process now allows us to take advantage of the promising technologies emerging at this time. INSA encourages timely collaboration between the government and private sector to survey evolving online tools and technologies and define best practices for improving our nation’s security clearance process
http://www.hstoday.us/industry-news/general/single-article/intelligence-associations-calls-for-security-clearance-process-overhaul

No comments:

Post a Comment