President Obama has directed federal agencies to install programs to thwart internal threats, including espionage, violent acts against the government, unauthorized disclosures of classified information and sensitive data stored on government computer networks and systems. (Mandel Ngan / AFP via Getty Images)
The White House on Wednesday issued new minimum standards for agencies to guard against insider security threats such as those that led to the 2010 WikiLeaks breach.
In a memo, President Obama directed agencies to install programs to thwart internal threats, including espionage, violent acts against the government, unauthorized disclosures of classified information and sensitive data stored on government computer networks and systems.
According to the memo, minimum standards for a governmentwide insider threat program should include:
The ability to gather, integrate and centrally analyze and respond to key threat-related information.
The ability to monitor employees’ use of classified networks.
Insider threat awareness workforce training.
Protections of civil liberties and privacy of all personnel.
Obama called for new programs and policies in the wake of the massive public release by WikiLeaks in 2010 of hundreds of thousands of sensitive government cables, reports and other military and diplomatic materials.
At a Washington conference earlier this year, government officials said the maturity of insider threat programs varies across government and agencies would not be expected to implement the standards overnight.
“We are going to have to give agencies a considerable amount of time to implement those standards,” said John Swift III, senior policy adviser to the task force that worked on the draft policy.
Swift said defense contractors and others that have access to classified networks would also likely be expected to adhere to insider threat policies and standards.