Protecting against Insider Threats at DOD

Posted on November 05, 2015
Thirteen people were killed and dozens more injured when a gunman opened fire at Fort Hood, Texas, 6 years ago today. In what’s known as an insider threat, the gunman, a Department of Defense employee, had authorized access to the military base. Today’s WatchBlog looks at how DOD fights against various types of insider threats, whether they’re attacks like the Fort Hood tragedy, the Washington Navy Yard shooting, or the unauthorized release of classified information. The danger within Insider threats are familiar with their target. They know the layout, the rules, the routines, the vulnerabilities. They may not raise any suspicions because, unlike outside threats, they belong. Insider threats can even be accidental—an unlocked door or a dropped access badge. Threats don’t have to be violent to be grave, either. Unauthorized releases of classified information damage national security and potentially put the lives of military servicemembers at greater risk. Alarmingly, these threats are becoming much more common. Joe Kirschbaum, a director in our Defense Capabilities and Management team, explains:
Addressing the threat    DOD has a program to identify and prevent insider threats, whether physical or virtual. But when we reviewed DOD’s efforts to protect classified information against our insider threat framework, we found that DOD’s efforts didn’t line up with our 25 key elements.

insider threats(Excerpted from GAO-15-544)

We recommended that DOD provide more information to its services, improve guidance, and take other steps to help better protect classified information and systems. We also looked at what steps DOD took to address problems identified after the 2009 Fort Hood shooting, as well as the 2013 Washington Navy Yard shooting. We recommended that DOD encourage information sharing, and improve how it tracks the implementation of recommendations from the 2009 Fort Hood review.