Nearly half the agencies handling classified data on their networks lack capabilities to thwart damaging information leaks by disgruntled insiders, according to an annual report released today.
Some 39 departments and agencies, including Homeland Security, Justice and Defense, handle classified government data on their networks. Of those, 44 percent said they have not yet met the minimum standards required for an effective insider threat program; 56 percent say they have met the standards.
Those standards include the ability to gather, integrate and centrally analyze and respond to key threat-related information; monitor employee use of classified networks; provide the workforce with insider threat awareness training; and protect the civil liberties and privacy of all personnel, according to the Information Sharing Environment’s 2013 annual report to Congress.
The Information Sharing Environment is the national office charged with planning, coordinating and monitoring the progress of information-sharing across federal, state and local governments, and the private sector. The report is an assessment of agencies’ progress to securely share information through various programs and initiatives.
The report also reveals agencies’ progress in managing the use of removable media devices, one of several indicators used to measure how well agencies protect their classified networks. Seventy-four percent of agencies have implemented removable media practices while 26 percent have not.
Meantime, foreign adversaries are also working to access federal data and gain political, military and economic advantages, the report said.
“Foreign intelligence service collection efforts target nearly every entity involved in classified and unclassified high-end research throughout the United States.”
The “foreign intelligence services are leveraging the placement of individuals from all walks of life in a broad range of professions to achieve their objectives: as employees at U.S. firms, students and researchers at universities, and scientists at national laboratories.”
In November, the White House released an insider threat policy calling on all agencies to develop programs to thwart internal threats, including espionage, violent acts against the government, and unauthorized disclosures of classified information and sensitive data on government computer networks and systems. The policy was issued largely in response to the 2010 scandal in which Army Pfc. Bradley Manning stole and leaked large volumes of classified and sensitive materials to the website Wikileaks.
“The increasing interconnection of classified systems and the flow of information across systems will increase the potential impact of compromises to the security of this information,” the report noted.
While progress has been made, considerable work remains to address gaps in implementing insider threat programs and removable media policies, according to the report. Specifically, agencies must improve security by identifying people who access classified data, use technical controls to limit what people can access on agency networks and improve auditing capabilities. More details on agencies’ security gaps and vulnerabilities are outlined in a classified supplement to the 212-page report.