National Background Investigation Bureau Prepares for Launch
The new agency responsible for federal security clearances is looking at a variety of technologies to speed up the process and shrink a massive backlog that’s grown in excess of 500,000.investigations.
The National Background Investigations Bureau (NBIB) is set to take over security clearance screenings from the Federal Investigative Services Oct. 1 and aims to use automation and modern digital technology to “transform the federal investigative process,” said Jim Onusko, the NBIB’s transition leader.
The Defense Information Systems Agency (DISA) will be responsible for building out the backend systems that undergird NBIB’s work. DISA issued a request for information (RFI) Sept. 13, including a 46-page PowerPoint slide deck in which it provides an overview of the program objectives and describes a modular system architecture incorporating as many commercial off-the-shelf solutions as possible to help speed the design and development process. Security is paramount, the deck emphasizes repeatedly, a nod to the massive security breach at the Office of Personnel Management in 2015, which led to the new agency’s creation.
The NBIB plans to digitize existing records and to use automated data analysis from a plethora of sources, ranging from commercial and government data bases to social media feeds to investigate and clear government and contractor employees.
The agency also plans to introduce continuous monitoring and evaluation to keep tabs on government and industry employees who already have security clearances. Major data leaks caused by cleared personnel, including former CIA contractor Edward Snowden and Army Pfc. Bradley Manning, have highlighted the risk of insider threats from cleared individuals who, for whatever reason, change from trustworthy to dangerous. Continuous monitoring aims to ferret out tell-tale details that might indicate potential risks.
Onusko conceded to intelligence insiders at the Intelligence and National Security Summit in Washington Sept. 7 that getting the records repositories of various federal agencies automated and digitized will be a major challenge.
Nonetheless, he said, a “whole-of-government solution” is needed to “neutralize” the security clearance backlog. Agency records repositories are essential to the background investigating process, and must be made “nimble and responsive.” But ultimately, the government needs “a central repository” for clearance data, Onusko said, both to accelerate security investigations, and to make it easier for cleared employees to move from one agency or program to another, or from private companies to federal agencies and vice versa, he said.
Such moves can take months today, because existing clearances are not accepted. Yet “it would seem to be, logically, just a few days process,” said Tony Cothron, vice president for customer requirements at General Dynamics Information Technology.
Automation to the Rescue
The Federal Investigative Services (FIS) has been struggling to reduce the backlog in its waning days before turning over the process to NBIB. Onusko said FIS tried to speed the process by hiring hundreds of new investigators, only to find that training newcomers slowed down experienced investigators. It tried to rehire retired investigators and to offer overtime as an incentive to staff, also to no avail.
NBIB, meanwhile, has launched a business process reengineering program to develop its electronic solutions that can eliminate much of the labor. In the future, Onusko said, “big data will be able to supplant shoe leather, so to speak.”
NBIB will rely on a range of data sources, from arrest records to credit reports, tax records, automobile and driving records, tax liens and court judgments, consumer purchases and travel records, phone numbers and a torrent of other personal information.
In a white paper on technology that might speed security clearances, the Intelligence and National Security Alliance (INSA) concluded that “commercial technology companies have fully embraced this brave new world of big data, developing and deploying new and profoundly intrusive and ultimately insightful consumer-tracking technologies.” It’s time for the government to do the same, the report urged.
The availability of big data has “created an entirely new emerging industry of data-gatherers” who use “intensive surveillance of people to sell data about, and predictions of, their interests and activities, in real time,” INSA said.
Case in point: A 2011 study by Massachusetts Institute of Technology showed that by tracking cell phone signals alone, researchers could compile enough information about the phone users to predict “with uncanny accuracy” where they are likely to be at any given time in the future, INSA reported.
A few defense contractors have been early adopters, tracking data daily on their entire workforces. They have the ability to know almost instantly when workers have traveled and where, whether they have declared bankruptcy, been divorced, fallen into financial trouble or whether they’re moonlighting outside the company.
But that doesn’t mean they have the issue licked. Collecting the data is the easy part. Securing and analyzing it are the real challenges. “On continuous monitoring, we’re not there yet,” Cothron told GovTechWorks in a video interview. “We don’t have the instrumentation of all the networks, of all the organizations, to really be on top of it and stop the abnormal behavior and stop insider threats.”
Advocates for tighter government security want the NBIB to follow that lead, subjecting cleared employees to “continuous evaluation” – what INSA describes it as continuous “clearance health” checks on security clearance holders.
That contrasts with current federal practice, where cleared individuals are subjected to re-investigation only once every five years or so.
William Evanina, National Counterintelligence Executive in the Office of the Director of National Intelligence, said that means a cleared employee might have a “law enforcement interaction, a domestic dispute, undocumented travel and a bunch of security violations – and you might not find that out for five years.”
“With continuous evaluation, you find it out now,” he said.
But the federal government has been hesitant. Katherine Pherson, a former CIA intelligence and security analyst and now head of Virginia-based Pherson Associates, a consulting and training company that specializes in analytic tradecraft, counterterrorism, homeland security, law enforcement, and counterintelligence, said there are several pilots underway, including one by at the Army and another in at the office of the director of national intelligence,. But concerns about privacy, security of the information collected and the accuracy of the collected data remain.
Discovering that employees have problems needn’t be solely punitive, Pherson said. When an agency learns an employee faces financial or personal problems could enable the agencies to help them. “You have a population that is valuable and wants to serve the government and you have to take care of them,” she said.
Evanina, meanwhile, is focused on identifying potential insider threats – employees who could be motivated to steal or compromise national security secrets – before those threats become serious.
“The object of continuous evaluation is to get to the left of the action,” Evanina said. Continuous monitoring should identify risks before an employee “decides to do something bad.”