Assessing Continuous Evaluation Approaches for Insider Threats: How Can the Security Posture of the U.S. Departments and Agencies Be Improved?

Abstract: This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please… Show more

“…8 OPM, "Cybersecurity Resource Center: Cybersecurity Incidents," webpage, 2015. 9 Joseph Marks, "Antiquated Security Clearance Process Earns a Spot on the GAO's High-Risk List," Nextgov, January 25, 2018; Luckey et al, 2019. 10 GAO, "Information Security: Agencies Need to Improve Controls over Selected High-Impact Systems," GAO-16-501, Washington, D.C., June 21, 2016; GAO, "Information Security: OPM Has Improved Controls, but Further Efforts Are Needed," GAO-17-614, Washington, D.C., August 3, 2017a.…”

“…20-21 inLuckey et al, 2019. 2 The RAND research conducted byLuckey et al (2019) also emphasized the importance of negligence in creating national security threats.…”

“…For additional details on employee disgruntlement and its link to insider threat, see pp. 24-25 inLuckey et al, 2019. 4 These background checks occurred at different points in the hiring process, with some occurring postinterview and others occurring after a tentative offer was made.…”

“…A previous RAND report covers CE extensively, including its history, legislative context, theoretical underpinnings, current evidence for effectiveness, and cost(Luckey et al, 2019).11 CV involves automated record checks with agency-specific data sources (e.g., insider threat, self-reporting, incident reports), along with related fieldwork and data checks. The idea behind CV is to build a collaboration between HR, security, and other partner missions across the organization to provide a more holistic vetting and monitoring approach for the USG.…”

“…7 For further discussion of the limitations of automated approaches to threat detection in the CE context, see pp. 31-33 inLuckey et al, 2019.…”

Corporate Knowledge for Government Decisionmakers: Insights on Screening, Vetting, and Monitoring Processes

“…8 OPM, "Cybersecurity Resource Center: Cybersecurity Incidents," webpage, 2015. 9 Joseph Marks, "Antiquated Security Clearance Process Earns a Spot on the GAO's High-Risk List," Nextgov, January 25, 2018; Luckey et al, 2019. 10 GAO, "Information Security: Agencies Need to Improve Controls over Selected High-Impact Systems," GAO-16-501, Washington, D.C., June 21, 2016; GAO, "Information Security: OPM Has Improved Controls, but Further Efforts Are Needed," GAO-17-614, Washington, D.C., August 3, 2017a.…”

“…20-21 inLuckey et al, 2019. 2 The RAND research conducted byLuckey et al (2019) also emphasized the importance of negligence in creating national security threats.…”

“…For additional details on employee disgruntlement and its link to insider threat, see pp. 24-25 inLuckey et al, 2019. 4 These background checks occurred at different points in the hiring process, with some occurring postinterview and others occurring after a tentative offer was made.…”

“…A previous RAND report covers CE extensively, including its history, legislative context, theoretical underpinnings, current evidence for effectiveness, and cost(Luckey et al, 2019).11 CV involves automated record checks with agency-specific data sources (e.g., insider threat, self-reporting, incident reports), along with related fieldwork and data checks. The idea behind CV is to build a collaboration between HR, security, and other partner missions across the organization to provide a more holistic vetting and monitoring approach for the USG.…”

“…7 For further discussion of the limitations of automated approaches to threat detection in the CE context, see pp. 31-33 inLuckey et al, 2019.…”

Corporate Knowledge for Government Decisionmakers: Insights on Screening, Vetting, and Monitoring Processes

National Security, Insider Threat Programs, and the Compliance-Industrial Complex: Reflections on Platformization in Corporate Policing, Intelligence, and Security

Machine learning model for managing the insider attacks in big data