Marcel Lettre | Defense One | March 14, 2017 | 0 Comments

I Ran Intel at the Pentagon. Here’s My Advice on Insider Threats

Andrea Danti/

After last week’s posting by WikiLeaks of thousands of pages of information purported to describe cyber intelligence-gathering tools, I have been thinking about how the director of national intelligence and the secretary of defense should respond.  

I recently stepped down after eight years at the Pentagon, where I last served as the top civilian intelligence adviser to Secretary of Defense Ash Carter and the top defense adviser to Director of National Intelligence James Clapper. Our time was often dominated by managing responses to a series of devastating security breaches at the hands of trusted insiders, including releases of sensitive data, espionage incidents, and tragedies on government installations, including at Fort Hood and the Washington Navy Yard.  

If I were still in government, this is what I would be telling my two bosses.

First, as chief executive officers, you should insist on finding new ways to thwart insider threats. You have only enough bandwidth for a small number of priorities, but this should be one of them. We must transform our security approaches to protect against cyber hacking, espionage and insider threats if we’re going to preserve our national security advantages. We expend great cost and effort to build precious military and intelligence advantages for America over our adversaries.

Time after time, these advantages have evaporated when the blueprints or secret know-how have been stolen by our adversaries or revealed publicly by the likes of WikiLeaks. Every time you consider investing in a new capability or technological advantage, ask your team to also show you how it will be protected against adversaries who want to steal, copy, or reveal it. And hold one member of your senior team accountable for ensuring there is a comprehensive, enterprisewide strategy in place.

Second, satisfy yourself that privacy and civil liberties protections are strong. Ensure you are personally confident you can reassure the American public that cyber and intelligence tools used by the military and the intelligence community are used to protect them, with appropriate privacy and civil liberties protections in place. I am confident this is the case, but you should be, too. So take a fresh look at this with your technical experts and lawyers, make your own judgments and share with the American people your assessment, frequently and loudly.

Third, you should invest heavily in modernizing and hardening our information technology infrastructure. As we move more information technology systems into cloud architectures, not only are we seeing greater operational gains that help our warfighters and our intelligence officers, but also security is improving as we can more rapidly deploy new protections across the full network, improve our ability to tag sensitive data and content, automate access by need to know, and track that access. 

Rapid changes in the application of data science, to include promising advances in artificial intelligence and deep machine learning, will enhance our ability to hunt for anomalous or alarming behavior while further limiting the impacts on those in our community who are doing nothing wrong and focused on the mission.

Fourth, you must transform our personnel security clearance system. For decades, we have relied on managing our personnel reliability risks through human-intensive background investigations conducted every five or 10 years, based upon a lengthy form—the Standard Form-86—filled out by the individual. This system has failed to catch insider threats who have done great harm. At the same time, it drives tremendous waste and inefficiency into managing our cleared workforce across government and the defense industry. 

For example, a current backlog of more than half a million individuals awaits the completion of background investigations in order to be able to put their skills and talents to work for the national security. Insist we move expeditiously to a system that relies less on manual background investigations and increasingly on automated records checks, continuous evaluation and artificial intelligence-enabled data analytics to monitor the reliability of people who hold classified security clearances and access our facilities across government and industry.

Finally, keep asking for help from industry and technology leaders and other key stakeholders outside of government. In my experience, most corporate leaders want to help make government more effective and want to find ways to contribute to the national security. A dialogue at the CEO level can help catalyze creative partnerships to find those solutions.

A breach such as last week’s release to WikiLeaks can gravely weaken national security; the response to it is deserving of the attention of our nation’s most senior leaders. As we seek innovation in military and intelligence capabilities to build an edge over our adversaries, we need in parallel to innovate in our protections against insider threats—to protect our people and our national security advantages from devastating security breaches.


Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.