Marcel Lettre | Defense One | March 14, 2017 | 0 Comments

I Ran Intel at the Pentagon. Here’s My Advice on Insider Threats

Andrea Danti/

After last week’s posting by WikiLeaks of thousands of pages of information purported to describe cyber intelligence-gathering tools, I have been thinking about how the director of national intelligence and the secretary of defense should respond.  

I recently stepped down after eight years at the Pentagon, where I last served as the top civilian intelligence adviser to Secretary of Defense Ash Carter and the top defense adviser to Director of National Intelligence James Clapper. Our time was often dominated by managing responses to a series of devastating security breaches at the hands of trusted insiders, including releases of sensitive data, espionage incidents, and tragedies on government installations, including at Fort Hood and the Washington Navy Yard.  

If I were still in government, this is what I would be telling my two bosses.

First, as chief executive officers, you should insist on finding new ways to thwart insider threats. You have only enough bandwidth for a small number of priorities, but this should be one of them. We must transform our security approaches to protect against cyber hacking, espionage and insider threats if we’re going to preserve our national security advantages. We expend great cost and effort to build precious military and intelligence advantages for America over our adversaries.

Time after time, these advantages have evaporated when the blueprints or secret know-how have been stolen by our adversaries or revealed publicly by the likes of WikiLeaks. Every time you consider investing in a new capability or technological advantage, ask your team to also show you how it will be protected against adversaries who want to steal, copy, or reveal it. And hold one member of your senior team accountable for ensuring there is a comprehensive, enterprisewide strategy in place.

Second, satisfy yourself that privacy and civil liberties protections are strong. Ensure you are personally confident you can reassure the American public that cyber and intelligence tools used by the military and the intelligence community are used to protect them, with appropriate privacy and civil liberties protections in place. I am confident this is the case, but you should be, too. So take a fresh look at this with your technical experts and lawyers, make your own judgments and share with the American people your assessment, frequently and loudly.

Third, you should invest heavily in modernizing and hardening our information technology infrastructure. As we move more information technology systems into cloud architectures, not only are we seeing greater operational gains that help our warfighters and our intelligence officers, but also security is improving as we can more rapidly deploy new protections across the full network, improve our ability to tag sensitive data and content, automate access by need to know, and track that access. 

Rapid changes in the application of data science, to include promising advances in artificial intelligence and deep machine learning, will enhance our ability to hunt for anomalous or alarming behavior while further limiting the impacts on those in our community who are doing nothing wrong and focused on the mission.

Fourth, you must transform our personnel security clearance system. For decades, we have relied on managing our personnel reliability risks through human-intensive background investigations conducted every five or 10 years, based upon a lengthy form—the Standard Form-86—filled out by the individual. This system has failed to catch insider threats who have done great harm. At the same time, it drives tremendous waste and inefficiency into managing our cleared workforce across government and the defense industry. 

For example, a current backlog of more than half a million individuals awaits the completion of background investigations in order to be able to put their skills and talents to work for the national security. Insist we move expeditiously to a system that relies less on manual background investigations and increasingly on automated records checks, continuous evaluation and artificial intelligence-enabled data analytics to monitor the reliability of people who hold classified security clearances and access our facilities across government and industry.

Finally, keep asking for help from industry and technology leaders and other key stakeholders outside of government. In my experience, most corporate leaders want to help make government more effective and want to find ways to contribute to the national security. A dialogue at the CEO level can help catalyze creative partnerships to find those solutions.

A breach such as last week’s release to WikiLeaks can gravely weaken national security; the response to it is deserving of the attention of our nation’s most senior leaders. As we seek innovation in military and intelligence capabilities to build an edge over our adversaries, we need in parallel to innovate in our protections against insider threats—to protect our people and our national security advantages from devastating security breaches.


Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.