Analytics needed to improve security clearance process

Security clearances are aimed at ensuring that only those who demonstrate they can be trusted, have access to classified information. In recent years, however, there have been a number of high profile cases of individuals with clearances —Edward Snowden, Aaron Alexis and Pfc. Chelsea Manning — who took advantage of their access and called into question the security clearance process.

Although the Office of the Director of National Intelligence (ODNI) has made substantial progress in addressing this threat by reducing the overall number of government-issued security clearances, more must be done to address this multi-faceted problem.

Building on the success already realized by ODNI, the government must now overhaul the process by which existing clearances are reviewed and recertified — implementing analytics-based solutions capable of identifying patterns in data that are indicative of elevated risk. They must do this on a continual basis by incorporating these analytics into agency case management systems, and they must make this a priority.

Karen Terrell is vice president of SAS Federal.
Karen Terrell is vice president of SAS Federal.

Chief among security concerns in the reevaluation process are findings about employee and contractor personal finances. The Code of Federal Regulations (32 C.F.R. Part 147.8) states that “an individual who is financially overextended is at risk of having to engage in illegal acts to generate funds,” and may therefore be a prime target for foreign intelligence agents.

To illustrate the magnitude of this problem, as of June 2012, the Government Accountability Office (GAO) has indicated that more than 80,000 cleared Department of Defense employees and contractors owed $730 million in unpaid federal taxes.

About 31 percent of tax delinquent workers already owed money when the government issued their security clearances.

Rethinking the process

About 5.1 million people hold security clearances – confidential, secret or top secret. Employees with top secret clearance are reviewed every five years; those with secret-level clearance are re-examined every 10 years; and confidential clearance holders are re-checked every 15 years. The downside to these intervals: individuals with security clearances may experience significant life changes in the time period between reinvestigation.

Financial problems, criminal activity, illegal drug behavior and divorce can lead to changes in an individual’s emotional or mental health. Security clearance holders are required by law to self-report such changes, but few actually do.

For years, experts have raised concerns about the masses of people who hold security clearances and the quality of background checks. The Office of Personnel Management (OPM) provides more than 90 percent of the government’s background investigations, conducting more than 2 million investigations annually.

OPM relies on government contractors to conduct about 70 percent of the investigative field work for background checks.

Problems with the security clearance process have made headlines in recent years, most notably the Washington Navy Yard tragedy. Arguments state an incomplete background check on Aaron Alexis was a contributing factor for missing red flags.

A better way

One year ago, an Office of Management and Budget report called for continuous evaluation of clearance-holders as well as increased quality control of background investigations. This is a positive step in the right direction but it is going to take time, money, resources and technology to implement this recommendation. The current manual process of background investigations and periodic reviews every five, 10 or 15 years leaves the door wide open to insider threats.

Because of the backlog of reinvestigations coupled with the volume of new applicants, many clearances currently held by federal employees – roughly 22 percent – have already expired. Yet these personnel still have access to classified or top secret information.

It is time to rethink the process. Embedding data analytics into case management systems is increasingly being considered by federal agencies to strengthen the security clearance program. When it comes time for a reinvestigation, individuals will be assigned risk scores based on behavioral data such as criminal activity gleaned from public records and law enforcement databases instead of the labor intensive manual process of starting the background check from scratch.

Advertisement
These alerts can occur at any time, so the case systems must be adaptable enough to manage disruptions to their investigative workflows by constantly reprioritizing cases through analytic scoring methods.

Through a process called Adaptive Case Management, individuals showing signs of trouble or presenting with risk factors will be prioritized at a higher level than someone with a low risk score until new information arrives to mitigate that risk.

For example, an individual showing signs of unusual behavior, such as taking unreported or numerous international trips or being arrested and charged with a felony, would undergo a deeper level of investigation to reach a determination that the case is either not risky or is ready for rejection.

Through data mining and automated monitoring of public records and state and local law enforcement data, “analytically powered” case management systems can analyze and identify riskier cases, and examine these situations sooner with more scrutiny as a result.

Workload optimization and prioritization of security clearance cases using adaptive case management is a major improvement to the current security clearance process of periodic reviews.

This approach can make a difference addressing one of our most pressing national security issues, as well as preventing threats from the inside.

Karen Terrell is the vice president for SAS Federal.