全球智库信息集成服务系统

The current investigation and adjudication process is time-consuming

• There is a large backlog of investigations and periodic reinvestigations. As of 2018, there were approximately 416,000 unprocessed security clearance investigations and approximately 156,000 unprocessed periodic reinvestigations.
• The Office of Personnel Management, the organization that has had primary security clearance investigating responsibility, has faced resource reductions.

There are limitations and challenges to using CE in the federal government

• There is no commonly shared definition of insider threat across the government.
• Neither CE nor insider threat has been defined in statute.
• There are limited behavioral or technical data available to develop and deploy an effective and predictive CE monitoring tool.
• There is no centralized or authorized facility to receive anonymous reporting streams for individuals in either cleared or uncleared populations.
• There are privacy concerns for CE programs related to sharing personal or privileged individual data.

The cost over the long term for CE might be lower than the cost over the same period using current practices

• While exact costs and savings depend on CE packages selected and population size, estimates revealed that savings might be realized after six years and could be substantial (in the billions of dollars) over a longer period.

CE could be less invasive for the cleared population than current approaches

• The substance of the data CE reviews is not new; only the frequency with which the data are reviewed is.

The United States currently employs a periodic and aperiodic investigative and adjudicative security clearance process with origins in the Second World War. Information systems and data — e.g., financial, legal, travel — on individuals have improved dramatically since the creation of this process. This exploratory project examines various continuous evaluation (CE) approaches to detecting insider threats that are available to the U.S. government and assesses the relevance of these approaches to the challenges posed by such insider threats. The authors considered CE cost estimates, examined efficacy and best practices, and assessed some of the practicalities of employing CE.

This report defines CE as a vetting and adjudication process to review on an ongoing basis the background of an individual who has been determined eligible for access to classified information or to hold a sensitive position at any time during the period of eligibility. There are potential benefits from CE in effectiveness and cost over the current method of granting security clearances to personnel based on periodic reinvestigation and readjudication. While exact costs and savings depend on CE packages selected and population size, estimates revealed that savings might be realized after six years and could be substantial (in the billions of dollars) over a longer period. While the process of CE would be new, the substance is not, and, thus, if executed properly, CE would be no more invasive than current processes.

• Chapter One

  Introduction

• Chapter Two

  Insider Threat and Continuous Evaluation Defined

• Chapter Three

  Background: Addressing Insider Threats

• Chapter Four

  What Capabilities Exist to Combat Insider Threats?

• Chapter Five

  How Is Continuous Evaluation Implemented Today?

• Chapter Six

  Conclusion