DoD Could Better Use its Existing Info Sharing Systems on Insider Threat Protections

Increasing the sharing of threat information and protecting against insider threats are major topics of conversation these days in federal cybersecurity as well as in physical security. A recent Government Accountability Office (GAO) report concluded that the Department of Defense (DoD) could do more to leverage the information sharing systems they already have in place when it comes to protecting defense personnel from physical insider threats like we saw at Ft. Hood in 2009 and at the Navy Yard in 2003.

In the aftermath of the 2009 Ft. Hood and 2013 Navy Yard shootings, DoD and the component services have undertaken measures to better protect their uniformed and non-uniformed personnel from insider threats. GAO was tasked by Congress to assess how the DoD was doing in their antiterrorism and force protection efforts to address insider threats. In their latest report, GAO found that while DoD is in the process of implementing recommendations from the official reviews from the 2009 Ft. Hood and 2013 Navy Yard shootings, the department could do more to share such information and do it more consistently.

More specific to IT systems, GAO determined that DoD officials are not consistently using the following two existing IT mechanisms to share information:

• Lessons-learned information systems – The Joint Staff and each of the military services have established various information systems to that allow them to exchange information on lessons learned from training, exercises, and combat operations across the department. However, GAO was told by military service and installation officials that they do not consistently use these joint or military service lessons-learned information systems. Reasons DoD officials gave GAO for the inconsistent use included: the belief that the information within the systems focuses more on military combat operations, that there is not a requirement to use the systems to share information on insider threats, and that there is limited time or desire to use these systems. Still, when GAO examined the joint lessons-learned information system, they found information that installations could use to enhance their efforts to protect against insider threats.
  
  
• Antiterrorism web-based portals – The Joint Staff established a secure web-based antiterrorism portal in 2003 to provide a collaborative environment for the defense community to share antiterrorism and force protection information across the military services, combatant commands, and other DOD agencies. The portal contains links to various antiterrorism organizations, communities, and other force protection portals. However, GAO was told by service and installation officials they either were not aware of or did not use the Joint Staff’s antiterrorism portal. The Marine Corps and Army told GAO that they use their own service-specific antiterrorism portals and GAO found examples of information contained in the Army system that installations could use to enhance their efforts to protect against insider threats.
   

Not surprisingly, GAO concluded that unless the military services consistently use their existing mechanisms to share information on insider threats – including the IT systems that have been created specifically to share information across the branches – U.S. military installations may miss opportunities to enhance their ability to protect their personnel against these deadly threats and others. One of GAO’s recommendations was that the Secretary of Defense should direct the military services to share information about actions the various U.S. installations have taken to address insider threats by consistently using existing mechanisms like the lessons-learned information systems and antiterrorism web portals.