PERSEREC has completed a variety of research projects that have benefited Defense security programs in terms of improving policy and practical procedures, enhancing efficiency, fairness, and due process in the personnel security system.
The following are a few examples of both Technical and Management Reports that have been published.
For additional Technical Reports, please visit the Defense Technical Information Center (DTIC) website.
For additional Management Reports, please contact us directly at firstname.lastname@example.org.
PERSEREC-TR-18-16 (OPA-2018-082) October 2018A Strategic Plan to Leverage the Social & Behavioral Sciences to Counter the Insider Threat
PERSEREC-TR-18-10 (OPA-2018-048) July 2018Mental Health and Help-Seeking in the U.S. Military: Survey and Focus Group Findings
PERSEREC-TR-18-14 (OPA-2018-065) August 2018Modeling Insider Threat From the Inside and Outside: Individual and Environmental Factors Examined Using Event History Analysis
PERSEREC-TR-18-13 (OPA-2018-056) July 2018A Personnel Security Training Program for Clinicians: Phase I
PERSEREC-MR-18-03, OPA-2018-037 April 20182016 RADAR Adjudication Quality Evaluation
TR 18-06 April 2018Tier 1 and Tier 3 eAdjudication Business Rule Validation
TR 18-04 February 2018Postvention in the U.S. Military: Survey of Survivors of Suicide Loss from 2010-2014
TR 17-10 August 2017The Expanding Spectrum of Espionage by Americans, 1947 – 2015
TR 17-07 June 2017Improving Mental Health Reporting Practices in Between Investigations
MR 17-06 September 20172015 RADAR Adjudication Quality Evaluation
TR 16-03 June 2016Early Warning Signs of Suicide in Service Members Who Engage in Unauthorized Acts of Violence
TR 16-01 May 2016Suicide and Violent Cognitions, Emotions, and Behaviors in U.S. Military Personnel
TR 15-01 March 2015A Relevant Risk Approach to Mental Health Inquiries in Question 21 of the Questionnaire for National Security Positions (SF-86)
TR 13-06 November 2013The Evolution of the Automated Continuous Evaluation System(ACES) for Personnel Security
TR 13-05 July 2013Baseline Suitability Analysis
The insider threat is, at its core, a human problem that results from a complex interaction among individual and environmental factors. The social and behavioral sciences (SBS) are well-suited to address this complicated and persistent human problem. In 2016, the Office of the Under Secretary of Defense for Intelligence partnered with the Defense Personnel and Security Research Center to design a comprehensive research plan and strategy to integrate the SBS into the DoD counter-insider threat mission space. Developed in collaboration with subject matter experts (SME) and approved by the DoD Insider Threat Program Director, this strategic plan has three goals: 1) Align SBS with DoD’s counter-insider threat mission to ensure that the enterprise is well-equipped, trained, and vigilant in protecting DoD resources, personnel, installations, and equities; 2) Present a plan to drive current and future investment in SBS research; and 3) Communicate the SBS vision to senior leadership, stakeholders, and potential partners. The SME interviews resulted in five SBS Research Campaigns that together comprise the SBS Research Plan to counter malicious insider threat behavior: Employee Reporting; Technology, Tools & Data; Individual Factors; Organizational Factors; and Program Evaluation. As part of the interviews, SMEs also explained what is required for researchers to continue forward progress and execute the SBS Research Plan. Several SMEs drew on their own experiences building successful Insider Threat Programs, especially under adverse fiscal and cultural conditions. The two most commonly mentioned SME strategies for success—Tailor the Message and Build Strategic Partnerships—provide valuable lessons for SBS researchers who want to make a meaningful contribution to insider threat detection, prevention, and mitigation efforts.
Download full report Back to list
Despite policies that aim to reduce stigma and access to mental health care within the military, almost half of Service members who may be in need do not seek mental health support. The current study builds on past research on barriers to seeking help for mental health concerns, particularly for suicidal ideation or suicide attempt, by examining factors that promote or prevent help-seeking from the perspective of Service members and suicide prevention gatekeepers. Data from the 2016 Status of Forces Survey of Active Duty Members were analyzed to estimate the prevalence of non-help-seeking, and individual, occupational, and barrier factors associated with non-help-seeking. Focus group interviews with military suicide prevention gatekeepers provided context and further insight into the findings from the survey. In addition, gatekeepers discussed strategies for promoting help-seeking for mental health concerns. Findings from this study indicate that non-help-seeking Service members tend to be male, officers, less knowledgeable about suicide prevention skills, and more concerned about the impact of seeking mental health care on their career. Recommendations include: (1) conducting effective suicide prevention training and mental health awareness campaigns, and evaluating their implementation, (2) establishing programs to encourage Officers to seek help for mental health concerns, and (3) addressing Service members’ concerns that seeking help will have an adverse impact on their careers. Ultimately, this study does not suggest changing the policies impacting career-progression and help-seeking behavior, as many of them have been put into place for reasons such as safety, but instead encourages decision-makers to address the perception of these repercussions.
Insider threat is an ongoing concern for the Department of Defense (DoD). Within the past 8 years, incidents of violence, such as the Fort Hood and Navy Yard shootings, as well as massive unauthorized disclosure of classified information to Wikileaks by Private Manning have caused serious harm to personnel and national security. In addition to policy and procedural changes and implementing programs for improved physical security and continuous evaluation, there have been several attempts at predictive modeling of insider threat events.For this study, analyses focused on individual factors (e.g., marital status and education) combined with environmental factors (e.g., the property crime rate in an individual’s city) in relation to insider threat outcomes that may precede high-impact events. Results demonstrated that event history analysis is a viable approach to examining insider threat behavior using a combination of individual and environmental factors.
Prior DoD personnel security research identified interest in a cadre of personnel-security-trained clinicians (i.e., psychologists and psychiatrists) to consult on mental-health-related background investigation and adjudication issues (Senholzi et al., 2016; Shedler & Lang, 2015). The current initiative assessed this point further by (1) characterizing specific use of and need for clinicians under current mental health vetting procedures, (2) assessing current clinician workload to inform future resource needs, and (3) identifying preexisting personnel security training resources for potential clinician use. Findings confirmed that a cadre of readily accessible consulting clinicians can improve interactions with subjects' mental health providers, interpretation of mental health records, identification of psychological evaluators (particularly for contract employees), and receipt of psychological evaluations based on personnel-security-centric assessment. Although mental health issues are self-reported in only about 15,900 (2.3%) scheduled National Background Investigation Bureau investigations annually (~9,800 initial investigations [1.4%] and ~6,100 periodic reinvestigations [0.9%], respectively), clinician consulting needs applicable to these cases are not inconsequential. Furthermore, this estimate does not include the approximate 3,100 Adjudicative Guideline I: Psychological Condition incident reports that arise in between initial and periodic reinvestigations each year for centrally adjudicated DoD clearances (~6.0% of all DoD incidents reported annually; see Jaros et al., 2017). In many of these instances, a group of consulting clinicians could help to ensure the collection of independent, fair, and standardized psychological feedback. Finally, three preexisting personnel security resources were identified to inform future clinician training program implementation efforts. These three resources are described further in this report along with various "next step" recommendations to move this initiative toward an implementable training solution.
This report outlines the results of the latest Review of Adjudication Documentation Accuracy and Rationales (RADAR) evaluation, conducted on adjudication decisions made during FY16. It is part of an ongoing effort to ensure adjudication documentation quality within DoD. This evaluation builds upon previous RADAR work by assessing continued compliance with standards and providing recommendations for improved metrics and adjudication documentation practice (Nelson & Tadle, 2014; Nelson & Tadle, 2017).
This report documents the validation of business rules for the Office of Personnel Management’s Tier 3 (T3), Tier 3 Reinvestigation (T3R), and Tier 1 (T1) investigation products. The Defense Personnel and Security Research Center collaborated with an interagency working group of personnel security and suitability experts on business rule development for T3 and T3R. The results of rule development and validation provided useful evidence that the proposed T3/T3R rules, while very conservative, could safely electronically adjudicate clean cases. The Security and Suitability Executive Agents approved T3/T3R business rules in September 2016 and DoD’s Consolidated Adjudications Facility subsequently implemented them. Following development of T3 rules, the working group requested that the Defense Personnel and Security Research Center assist in developing rules for T1 electronic adjudication (eAdjudication). The results of validation indicated that the T1 eAdjudication business rules could successfully eAdjudicate both Suitability and Homeland Security Presidential Directive 12 case types. The executive agents approved the business rules in March 2017.
Postvention refers to any activity that aims to alleviate the psychological pain of a suicide loss survivor and to reduce the harmful effects of suicide exposure, especially suicide contagion. The goal of this study was to determine whether suicide loss survivors have any unique psychological needs (compared to accident loss survivors) that are currently unmet by postvention services provided by the DoD. To address this, researchers administered a survey to survivors (next of kin [NOK] and fellow unit members) of suicide or accident loss that assessed survivors’ usage of and satisfaction with DoD postvention programs and services as well as survivors’ current psychological functioning. Results indicated that NOK and fellow unit members of Service members who died by suicide from 2010 to 2014 experienced significantly higher levels of shame and stigma compared to survivors of Service members who died in accidents (e.g., motor vehicle accidents) in the same time frame. This association was not mediated by differences in overall postvention satisfaction. However, higher levels of postvention satisfaction were associated with better psychological outcomes for both suicide and accident loss survivors. Among NOK, suicide loss survivors reported significantly less satisfaction with their experiences around the death investigation than accident loss survivors. Among fellow unit members, suicide loss survivors reported significantly less satisfaction with unit leadership and funeral or memorial services. Open-ended items contextualized these findings and brought forward other important survivor needs. Synthesis of the quantitative and qualitative data yielded nine main findings. Recommendations
The report describes characteristics of 209 Americans who committed espionage-related offenses against the U.S. since 1947. Three cohorts are compared based on when the individual began espionage: 1947-1979, 1980-1989, and 1990-2015. Using data coded from open published sources, analyses are reported on personal attributes of persons across the three cohorts, the employment and levels of clearance, how they committed espionage, the consequences they suffered, and their motivations. The second part of the report explores each of the five types of espionage committed by the 209 persons under study. These include: classic espionage, leaks, acting as an agent of a foreign government, violations of export control laws, and economic espionage. The statutes governing each type are discussed and compared. Classification of national security information is discussed as one element in espionage. In Part 3, revisions to the espionage statutes are recommended in light of findings presented in the report.
The purpose of the current study was to (1) provide an initial examination into mental health-related incident reporting trends and to (2) evaluate associated policy and reporting practices as they occur in the field. To this end, FY10-FY15 Joint Personnel Adjudication System (JPAS) incident reports were analyzed, mental health reporting policies were reviewed, and interviews with personnel security subject matter experts (SMEs) were conducted. Findings uncovered that approximately 6% of all incident reports pertained to Guideline I issues (as entered by security managers [SMs]). Further, the bulk of these incidents encompassed suicide attempts, suicidal ideation, and/or depression. Although the recently released DoD Manual 5200.02 (Procedures for the DoD PSP) now includes “suicide threats, attempts, or gestures or actions” as a specific reportable behavior, it is not clear how SMs should follow-up with subjects once these incident reports are established. Policy review and SME discussions underscore the need to further clarify mental health-related reporting requirements (generally) and to provide guidance to SMs and other involved parties about how best to help subjects when self-harm is a relevant concern. Recommendations are also made to clarify how local personnel security files should be maintained and/or shared across DoD’s personnel security community and to begin tracking frequency and timeliness metrics for all incident reporting. Annual incident reporting metrics would help DoD better understand trends and gaps in both Guideline I and Non-Guideline I vetting procedures alike.
This report outlines the results of the latest Review of Adjudication Documentation Accuracy and Rationales (RADAR) evaluation, conducted on adjudication decisions made during fiscal year (FY) 2015. It is part of an ongoing effort to ensure adjudication documentation quality within the Department of Defense (DoD). The RADAR FY15 evaluation builds upon previous RADAR work by assessing continued compliance with standards and providing recommendations for improved metrics and adjudication documentation practice.
Despite the importance of both suicide and violence prevention in the military, little is known about how these behaviors relate to one another. The current research sought to elucidate the relationship between early warning signs for suicide and violence in a military population. This study included a review of 200 military law enforcement records maintained by the Naval Criminal Investigative Service (NCIS) and identification of early warning signs that may be observable to military law enforcement personnel. Statistical analyses tested for differences in warning signs between cases of suicide, violence, or both suicide and violence. The suicide-only and suicide/violence groups were more likely than the violence-only group to show early warning signs for: (1) psychological issues of depression, anxiety, hopelessness, a mental health diagnosis, and participation in treatment, (2) physical changes and impulsive behaviors, particularly substance abuse, (3) social warning signs, specifically social withdrawal, and (4) occupational issues, including diminished performance and interest at work. By contrast, the suicide/violence group was more likely than the other groups to show early warning signs of anger and aggression. Our findings suggest that Service members at risk for both suicide and violence are similar to those exclusively at risk for suicide, and they each differ from those solely at risk for violence. Our findings also suggest that the emotional trajectory that those who are both suicidal and violent follow is more aggressive, hostile, and angry than those who are either strictly suicidal or violent. The findings from this effort may enhance the ability of law enforcement and command personnel to prevent further acts of suicide and violence among military personnel. Recommendations for policy and future research are discussed.
Rare incidents of violence and suicide are often highly sensationalized in the media. This report describes a research effort to understand the emotions, cognitions, attitudes, and behaviors expressed on social media by Service members who died by suicide and exhibited violent cognitions, emotions, or behaviors (VCEB). Using social media and online news articles, results demonstrated that Service members who showed VCEB were more hostile online, discussed more life stressors, used more substances, and were the subject of greater negative peer influence. In addition, Service members who died by suicide used a significantly more negative tone than Service members who died by other means. Finally, Service members who died by suicide and exhibited VCEB showed many of the same characteristics as those who only showed VCEB; however, they also showed lower self-esteem, suggesting that this is a unique predictor of the combination of violence and suicide. Recommendations for policy are discussed, including possible areas for intervention and training with respect to social media.
Individuals vetted by the government for initial or continuing eligibility to access classified information must fill out a personnel security questionnaire as part of a screening process designed to identify those who are not likely to be trustworthy, reliable, or loyal to the United States. Question 21 in the Questionnaire for National Security Positions (SF-86) currently identifies too many individuals for investigative follow-up who do not have a mental health condition that poses an unacceptable risk, and likely misses other at-risk individuals. A proposed “relevant risk” approach to Question 21—focusing only on standardized clinical conditions that could pose a security risk as well as mental health related hospitalizations—would not represent an obstacle to mental health care for the vast majority of personnel and would be consistent with Department of Defense (DoD) policy to foster a culture of support with respect to mental health. This approach would reduce the costs associated with unnecessary Question 21 follow-up investigative work, as well as much of the stigma related adverse consequences associated with the current Question 21. At the same time, it would be more effective in identifying the small number of individuals with mental health conditions that may pose security risks. In addition, this report evaluates the benefits for both security and clinical care for having separate professionals conduct security fitness evaluations vice individuals’ mental health treatment.
TR 13-06 November 2013
The Automated Continuous Evaluation System (ACES) was developed by the Defense Personnel and Security Research Center (PERSEREC) through iterations of research and application of research findings to improve versions of ACES. ACES is an automated computer system that collects data from over 40 government and commercial databases. It uses an applicant’s personally identifiable information (PII) or the Standard Form 86 (SF-86) to check these data sources, verify what has been submitted, and collect more information. It applies business rules to the data, produces a report that flags issues of potential security concern, and electronically transmits the report to the approved recipient—typically an adjudication facility. Since 2008, the Joint Reform Effort (JRE) of the federal government has identified ACES as a capability for inclusion in the revised federal security clearance process, and various pilot projects have been performed demonstrating ACES’ capabilities for different federal agencies and with different types of investigations. Pilot projects have demonstrated that ACES will streamline the expensive security clearance and suitability vetting process and greatly reduce its cost. ACES can be used between background investigations to replace elements of initial investigations or reinvestigations, to prescreen military recruits, and in counterintelligence investigations. ACES can harness the power of automation to reduce costs, improve timeliness, and expand the range of information available to those who seek reliable, loyal, and trustworthy personnel.Download full reportBack to list
The hiring process for federal civilian employment includes steps to adjudicate applicant background information against standards of character and conduct to identify suitable personnel. DoD largely delegated suitability adjudication to its components and the components implemented unique suitability programs with minimal central oversight. This study gathered information about the DoD component suitability programs and generated a DoD-wide suitability process flow that summarized processes across DoD components, identified important considerations (including agency-unique requirements) for consolidating suitability adjudication at the DoD Central Adjudication Facility (CAF), and found additional research needs.
Accurate identification and assessment of employees with risky personality disorders is imperative for programs that involve access to nuclear materials, weapons, and biological select agents which depend on personnel maintaining mental health and reliable behavior. Certain risky personality disorders, however, are especially difficult to diagnose with routine assessment tools that rely on the subject’s self-report. To combat this issue, PERSEREC, in collaboration with Department of Energy, initiated a field test that examined whether an improved screening tool has utility for clinicians who routinely evaluate personnel in a high-risk program. Five clinicians used the Shedler-Westen Assessment Procedure (SWAP), along with its Dispositional Indicators of Risk Exposure (DIRE) subscale developed earlier, for a period of 4 months to evaluate 26 new candidates and current employees of concern. Debriefing interviews indicated that SWAP/DIRE was more effective than clinicians’ existing tools for establishing a positive rapport with the subject, assessing personality disorders, and making legally-defensible recommendations. Findings also include recommendations for using SWAP/DIRE methodology for identifying risky personnel.
The Adjudicative Guidelines serve several important and related functions in the Department of Defense. They describe the standards by which applicants are evaluated for eligibility for access to classified or sensitive information and for Sensitive Compartmented Information. They also guide adjudicators in their function of evaluating the information collected about applicants in background investigations and other records checks. This study traces the evolution of the guidelines through their various revisions, compares them to the Director of Central Intelligence Directive 1/14 guidelines for Sensitive Compartmented Information, and discusses the core issues that have persisted and those that have changed over time with changes in attitudes and social expectations.
This report presents the results from an ethnographic examination of a popular virtual social environment, Second Life, as the second part of a larger effort to study the impact of participation in cyber activities on personnel security and safety. Research has shown that cyber participation can spill over into individuals’ offline lives, which could be of security concern to the extent that their online behavior demonstrates poor judgment and/or undermines their reliability. Several immersive ethnographic methods were used in the present study, including participation observation, group discussions, and one-on-one interviews with 148 Second Life users who resembled the demographics of clearance holders. The reported findings include a description of behaviors of potential concern, a set of case studies that outline the behaviors of actual users, and a framework of user personas that attempts to distinguish between innocuous use of no apparent security concern from problematic use that may pose risks to national security. These findings contain implications for updating personnel security policy regarding cyber involvement.
Computers and related technologies, such as smart phones and video games, are now a common part of everyday life. Many people spend a large portion of their waking hours using and socializing through these devices, forming what is known as a cyberculture. Personnel security investigative and adjudicative standards were developed before these products were widely available; however, cyberculture bears relevance to personnel security due both to the presence of existing security issues and potential effects on psychological outcomes and workplace performance. Although cyberculture has many beneficial effects, this project evaluates how participation can negatively affect personnel security and employee performance. This initial report provides context, outlines presently actionable findings and strategies, highlights some questions that cannot yet be answered, and draws on outside research to guide future research. Information from many sources was examined, including academic research journals, other federal organizations, news reports, and cyber environments, to understand cyber activities relevant to personnel security. Participation is widespread in U.S. society and popular among all age groups. Some cyber activities, such as foreign associations, can be reportable per existing investigative criteria, so procedures should be updated appropriately and promptly. Other topics require research before action is recommended. One concern is how online disinhibition, where people who become more willing to disclose personal information, deceive, or become hostile, affects personnel security. Increased willingness to disclose may amplify the counterintelligence concerns for individuals targeted by hostile parties. There are also many potential negative effects on impulse control, mental health, physical health, and workplace behavior. Future research is intended to further guide policy, workforce awareness, investigations, and adjudications.
Social networking sites, blogs, and other online postings may provide relevant and useful information about people applying for, or serving in, law enforcement positions. Online content may corroborate or contradict personal data listed on a resume or other employment forms. Furthermore, information posted on the Internet could reveal that the subject of interest has engaged in behaviors that call into question his or her ability to serve in a public safety position. Today, conducting electronic searches for information on a specific person is relatively cheap and easy because of increased access to the Internet, use of online search engines, accessibility of public records, and use of social networking and picture-sharing websites. The International Association of Chiefs of Police and PERSEREC worked collaboratively to identify the benefits and drawbacks of cybervetting and to provide guidance to law enforcement administrators on the development and implementation of a cybervetting strategy.
The material in this document covers important considerations for measuring investigation quality and reviews two investigation quality measurement approaches. PERSEREC assembled the material into document format in September 2009, at the request of the Office of the Under Secretary of Defense for Intelligence. The material was initially prepared in December 2008 for presentation to staff from the Office of the Director of National Intelligence, who were serving as representatives of the Performance Accountability Council (PAC), Performance Measures and Management Subcommittee (PMMS). PMMS developed the first approach covered in this document. The PMMS approach relies on a paper-based investigation quality measure and collects information about a sample of all investigations, including both deficient and satisfactory investigations. The Department of Defense (DoD) developed the second approach. The DoD approach uses a computer-based investigation quality tool called the Rapid Assessment of Incomplete Security Evaluations (RAISE). RAISE collects more systematic information about deficient investigations. A review of the two approaches shows that the PAC approach has several significant weakness and that RAISE assessments will be more timely, complete, accurate, reliable, and actionable. RAISE best supports the investigation quality assessment, longitudinal tracking, and continuous improvement needs of the Joint Suitability and Security Reform Team.
PERSEREC and the Department of State (DOS) collaborated to test whether background investigators are able and willing to conduct interviews with a tablet computer. Discussions were held with seven DOS investigators to understand the current DOS vetting process and needs. Following this, realistic simulated cases and prototype tablet software were created through consultation with two investigators. Finally, independent 3-4 hour test sessions were held with eight participating investigators to: (1) teach them how to use the tablet computer, (2) perform a simulated interview on paper in the normal fashion, (3) perform a simulated interview using the tablet computer, and (4) complete questionnaires and provide feedback on the system. The findings were very favorable for tablet computers. The tablets required minimal training, seven of the eight participants preferred the tablet to the paper method, and many investigators were eager to use tablets as soon as possible. The suggested next steps include (1) reevaluating what is possible and appropriate for field interviews with computerized workflow, and (2) developing tablet and case management software.
This report documents the rationale and process for developing the Insider Risk Evaluation and Audit Tool to be used for assessing insider risk within an organization. Based on past studies of insider behavior, the authors identify several areas of effective management intervention to mitigate the probability of damaging behaviors. For each area, a series of self-audit questions point to the presence or absence of policies, safeguards, or best practices that should be considered as proactive measures to minimize insider risk. The tool itself, which can be read or downloaded from the products section of this website, was developed for use by security managers and their counterparts in human resource departments. The goal of self evaluation is to minimize the risk of a broad range of adverse insider behaviors from misuse of IT systems to espionage. The study recommends that the tool, which this report describes, can be used to assess an organization’s current level of vulnerability to adverse insider behavior and as an aid to the formulation of an insider risk mitigation plan that is both preventative and proactive.
The purpose of the work described in this report was to develop performance measures and gather baseline performance data for the DoD Personnel Security Program. The performance measures addressed DoD interest in program performance and also met requirements of the Office of Management and Budget (OMB) Program Assessment Rating Tool (PART). Performance measures targeted three stages of the personnel security program: (1) Personnel Security Questionnaire (PSQ) submission, (2) investigation, and (3) adjudication. For each stage, measures were identified or developed to measure cost, quality, and timeliness. The research further targeted three types of personnel security cases: (1) Secret cases, (2) Top Secret/ Sensitive Compartmented Information (SCI) - Initial cases, and (3) Top Secret/SCI - Periodic Reinvestigation (PR) cases. The data collection verified that the measures were useful and provided information about program performance in important areas. Three key performance areas were identified for the DoD Personnel Security Program: (1) cost, (2) quality, and (3) timeliness to provide DoD with useful performance information for program oversight and management. Staff at the Office of the Under Secretary of Defense for Intelligence, Security Directorate, received updates and result summaries at earlier stages in the project, as needed to meet PART reporting requirements.
This review of social science and policy literature explores the assessment of allegiance to a nation state during a period of globalization, when many trends appear to change or undermine earlier assumptions about allegiance. It discusses global mobility and immigration trends, and the impact of transportation and communications on patterns of mobility such as “transnational” life or the “sojourner.” It explores the impact of increasingly common dual or multiple citizenships on the meaning of allegiance based on territorial citizenship. It surveys social psychological studies of group processes and political socialization. It lists insights these studies offer for ways to think about allegiance and proposes further research and discussion on how to adjust personnel security procedures to the challenges posed by globalization.
Espionage by Americans is the worst outcome of insider trust betrayal. PERSEREC monitors and analyzes espionage by Americans in order to improve understanding of such trust betrayal by a tiny minority of citizens. This is the third in a series of technical reports on espionage based on the PERSEREC Espionage Database, files of information from the press, and scholarship on espionage. The focus of this report is on changes and trends in espionage by Americans since 1990, compared with two earlier cold War periods. Findings include: offenders since 1990 are more likely to be naturalized citizens, and to have foreign attachments, connections, and ties, and therefore they are more likely to be motivated to spy from divided loyalties; money has declined as a primary motive for espionage although it is still common, and since 2000 no American is known to have received payment for spying; many recent spies have relied on computers, electronic information retrieval and storage, and the Internet. The most recent cases suggest that global terrorism is influencing the crime of espionage by Americans, and that espionage statutes need revision.
The present research is the second in a series of studies to evaluate preliminary decision rules and provide automated approval estimates for a DoD Adjudication Decision Support (ADS) system. The long-term goal of the ADS program is to develop a system that will automatically evaluate completed personnel security investigations in accordance with the Adjudicative Guidelines for Determining Eligibility for Access to Classified Information (December 29, 2005) and using decision logic comparable to the logic of expert adjudicators. The ADS system will process closed personnel security investigations in accordance with national guidelines before distribution to the DoD central adjudication facilities (CAFs). The system will identify information that is relevant to clearance eligibility determinations based on decision rules established by policy, senior adjudicators, other personnel security experts, and empirical research on past determinations. Cases that contain appropriately little adverse information will qualify for automatic approval. This should greatly shorten case processing times for the cleanest cases, facilitate the initial review of complex cases by adjudicators, reduce the overall workload at the CAFs, increase adjudication consistency, and facilitate case assignment.
Accurate annual predictions of personnel security investigation (PSI) requirements are important for the DoD budgeting process and for ensuring that the necessary resources are available. The Defense Security Service (DSS) currently obtains PSI prediction estimates through an annual survey of cleared industrial facilities. However, actual PSI requirements often differ substantially from PSI predictions. At the request of DSS, PERSEREC reviewed DSS prediction methods, explored supplementary data that might enhance predictions, then developed and tested a new, adjusted prediction method. The new method holds promise for improving PSI prediction accuracy.
Government, government contractors, and the military services need to field well-trained and competent security personnel. Adequate training is essential for competent performance. Despite this fact, several national-level security reviews and audits performed in the last decade have criticized the training and performance of security personnel. In 2002, the Joint Security Training Consortium (JSTC) requested PERSEREC to conduct research and development work to improve the training and professional development of security personnel. The work covered in the present report was driven by a subsequent JSTC tasking to develop skill standards for security practitioners, a logical extension of PERSEREC’s earlier project to develop a baseline definition of the security profession. Panels of subject-matter experts developed taxonomies describing the work performed by security practitioners in seven security disciplines: physical security, information security, personnel security, security investigations, security management, communications security, and information systems security. The seven taxonomies were intended to be the first step in developing an authoritative description of what security personnel do on the job. The skill standards appended to this report were intended for federal-wide application. More recently, skill standards for work in four core security disciplines were developed by the DoD on which to base a comprehensive professional certification program for its security practitioners.
This report identifies and explains the rationale for the more significant changes to the Adjudicative Guidelines as approved by the President on December 29, 2005. The revised guidelines update the Adjudicative Guidelines that were previously approved by the President in 1997. The initial draft of the updated guidelines was prepared by and coordinated within the DoD by PERSEREC. That draft was then reviewed and revised by a subcommittee of the Personnel Security Working Group prior to submission to the National Security Council Policy Coordinating Committee.
The report provides an analysis and overview of findings based on 10 detailed case studies of IT insider offenses that are contained in a companion report, “Ten Tales of Betrayal: The Threat to Corporate Infrastructures by Information Technology Insiders Report 2 – Case Studies. (FOUO)” These case studies describe the actions of disgruntled or malicious insiders who attack or misuse a corporate information system for personal motives. In most cases there is a clear intent to inflict damage to the system. In Report 2, the authors discuss and compare background factors that contributed to the damaging event under five headings: Subject and Attack Characteristics, Personnel Screening, Attack Detection, Organizational and Social Environment, and Personnel Management Issues. Although this research is confined to a limited number of cases, it offers general observations that have clear implications for policies and best practices that address the threat posed by at-risk employees. The level of risk in any organization appears to rise with the level of personnel stress and an adverse social climate. Furthermore, a limited window of opportunity is open for management to intervene when personal disgruntlement surfaces. The authors also identify a lack of preemployment screening, poor termination policies, unmonitored remote access to the system, inadequate security training, and weak or unenforced security policies as factors that intensify risk of insider abuse.
PERSEREC has conducted a series of studies aimed at improving the use of investigative resources. Following research that showed that investigative sources differ substantially in terms of their ability to yield issue-relevant information, a new reinvestigation model was developed and tested—a two-phase Single Scope Background Investigation-Periodic Reinvestigation (SSBI-PR). In a two-phase periodic reinvestigation, Phase 2 sources (developed and listed references, residence interviews, and residence records) are used only in cases in which Phase 1 sources (all other sources) yield issue-relevant information. Findings of the initial phasing study, and subsequent research, showed that phasing saves substantial resources with very little loss of derogatory information. In the summer of 2002, the Deputy Assistant Secretary of Defense (Security and Information Operations), with the support of the intelligence community, approved implementation of a phased SSBI-PR for a 1-year test period. In October of Fiscal Year 2003, Defense Security Service (DSS) implemented phasing. This study documents the findings of an evaluation of phasing as implemented by DSS. Similar to findings of previous phasing studies, results of this evaluation show that the most productive sources can be used to identify SSBI-PRs where the least productive sources are most likely to yield derogatory information— that it is unnecessary and not cost-effective to use the least productive sources in all SSBI-PRs. Findings of this study suggest that whatever the cost of conducting the 15,668 periodic reinvestigations in Fiscal Year 2003 would have been without the implementation of a phased SSBI-PR, in implementing phasing, DSS reduced these resource requirements by approximately 22%.
This study explores technological, social, and economic trends in the United States and globally that are serving to increase opportunity and motivation for espionage. Findings suggest that American insiders have an unprecedented level of access to classified and proprietary information due to technological advances in information storage and retrieval. American employees have greater opportunity to establish contact with foreign entities and to transfer information to them through traveling internationally more often and by participating in international research and business ventures more frequently. Internet use is expanding globally and computer users are becoming more culturally and linguistically diverse. The Internet can be used to transmit massive amounts of digitized information to multiple foreign parties simultaneously. Finally, the market for U.S. information is expanding. American insiders can sell more types of information to a broader range of foreign buyers than ever before. In addition to these new opportunities for espionage, American employees are more often encountering situations that can provide motivation for this crime. More insiders are experiencing financial problems and gambling addiction, both of which can provide impetus for workplace theft. Loyalty to organizations is diminishing and a greater proportion of American workers are at risk for becoming disgruntled. A growing number of insiders have emotional and financial ties to other countries. Under some circumstances, insiders with loyalties to other peoples may be less inclined to view espionage as morally wrong. It is possible that some insiders with a global orientation to world affairs will view espionage as morally justifiable if they feel that sharing information will benefit the “world community” or prevent armed conflict.
PERSEREC recently conducted a study of supervisor and coworker reporting of security-related information. Explanations were offered by security managers and by focus group participants as to why many security-related behaviors are underreported. The main problem is that people are hesitant to report suitability behaviors, such as excessive drinking, because they are not able to see a direct link between the particular human problem and national security. Consequently, PERSEREC developed a clear, succinct list of behaviors that could pose a potential threat to national security and thus should be reported if observed. Members of various counterintelligence agencies in the government reviewed and edited this list. PERSEREC developed a brochure based on these items as an educational tool to help DoD components and other departments that have need of security education materials on supervisor and coworker reporting or for counterintelligence briefings.
Download full reportBack to list MR 05-05 April 2005
The Intelligence Authorization Act for Fiscal Year 2004 required the Director of Central Intelligence, the Secretary of Defense, the Attorney General, the Director of the Office of Personnel Management, and the heads of other appropriate Federal departments and agencies (as determined by the President) to jointly submit a report to Congress that evaluates and makes recommendations regarding (1) the utility and effectiveness of personnel security background investigations and clearance procedures of the Federal government, (2) the costs and benefits of conducting background investigations for Secret clearances with those of full-field investigations, and (3) the standards governing the denial and revocation of security clearances. At the request of senior staff at the Director of Central Intelligence Special Security Center and the Counterintelligence and Security office of the Under Secretary of Defense for Intelligence, PERSEREC reviewed relevant personnel security literature, such as executive orders, commission reports, Congressional testimony, and research and policy papers, to summarize information and make recommendations that address the Congressional report objectives stated above.
In early 2004, PERSEREC was tasked and sponsored by the Office of the Secretary of Defense Accession Policy Directorate to identify what the Armed Forces are doing to screen for terrorists in the enlistment process. The authors (1) reviewed recent literature and intelligence reports to identify and understand active anti-American groups of concern for military enlistment, (2) reviewed all relevant executive orders, DoD directives, and Armed Forces instructions and regulations, and (3) visited recruiting and military entrance processing facilities across the United States, interviewing personnel at each. The report focuses primarily on individuals joining the enlisted ranks rather than on those entering the U.S. Army’s 09L Military Occupational Specialty (MOS), officers, and direct commissions (chaplains, nurses, lawyers, engineers, etc.). In many ways, however, findings from the study bear on these other groups as well. Findings in the report are presented within the following areas: arriving at a working definition of a terrorist; characterizing the threat; suspicion indicators of potential terrorist allegiances; policies; screening procedures; suspicious incident reporting procedures; and training and education. The research found some evidence of small numbers of persons enlisting in the Armed Forces who are sympathetic to or participants in terrorist groups. At the same, the Armed Forces have implemented many policies and practices designed to specifically, or by default, enable detection of and response to such individuals. Some areas where these policies and procedures can be made more efficient or effective are also addressed.
PERSEREC developed and implemented the Professional Development Survey on behalf the Joint Security Training Consortium (JSTC). The purpose of this research was to assess the views of the general security workforce concerning the state of the profession and the need for training and professional development programs. Previous PERSEREC research examined the opinions of high-level security managers from five sectors of the Federal security workforce (military departments, Defense agencies, intelligence community agencies, and non-DoD agencies). This report summarizes the results of general survey data from security practitioners at all grade levels in the department. However, the authors believe there is currently little uniformity among training programs. Contrary to managers’ expectations, practitioners support the use of certification as a requirement for advancement. Results of this study will be useful in evaluating and improving security training and development programs.
PERSEREC examined government requirements that cleared supervisors and employees report to security managers behavior they observe among subordinates and coworkers that they believe to be security-relevant. Despite formal policies, very few reports are made. Authors reviewed research literature and discussed the topic with personnel security and management personnel in 20 government agencies and with supervisors and coworkers in focus groups. While supervisors and employees are not averse to reporting genuine security infractions, they rarely report other behaviors. They are confused about precisely what to report and they anguish over reporting gray-area behaviors they do not consider to be necessarily connected to security. The study recommends that DoD Directive 5200.2-R be modified to include supervisor and coworker reporting as a priority and to protect the confidentiality of people who report, if requested. It recommends that PERSEREC, with the help of counterintelligence and security personnel, develop a list of behaviors that pose a palpable threat to national security and must be reported, if observed. The list will contain behavioral examples to clarify what is considered egregious and critical to national security. It is also recommended that the ASD(C3I) issue a memorandum advising certain changes be made in the government’s philosophy, i.e., that the personnel security community be more proactive in ensuring that personal problems get addressed before they become security problems.
Analyses of 150 cases of espionage against the United States by American citizens between 1947 and 2001 provide detailed data on the demographic and employment characteristics of American spies, the means and methods they used to commit espionage, their motivations, and the consequences they suffered. Collected materials on the cases supplement the analyses conducted with a database that allows comparison of groups and the identification of trends. Factors highlighted include changes in espionage by Americans since the end of the Cold War and the impact of globalization and networked information systems on the practice of espionage.
PERSEREC, together with the Defense Security Service (DSS), conducted a pilot test of a phased reinvestigation. In a phased reinvestigation, information collected during Phase 1 is used to determine what additional investigative steps are appropriate for Phase 2. If Phase 1 turns up issue-relevant information, Phase 2 is conducted to complete a full-scope reinvestigation. If Phase 1 turns up no issue-relevant information, the investigation is considered clean and no further investigation is done. This is the final report on that test. The test confirmed that a phased reinvestigation can save substantial investigative resources while missing very little information. No information at all would be missed in any case on which some adjudicative action would be taken.
The purpose of this report is to present basic background information and a series of recommendations concerning a problem of growing importance to the DoD: How does DoD encourage people to deal with their personal problems while at the same time maintaining personnel security requirements for people who have access to classified information? This report, designed for the policymaker, answers three questions: what is the problem; why does this problem need to be addressed now; and what can policymakers do about the problem?
This study examined the relationship between DoD security policy and Federally mandated Employee Assistance Programs (EAPs) for civilians and counseling/referral services for military personnel to identify any barriers for cleared DoD employees to using these programs. The study, based largely on interviews, but also on focus-group information and on a review of policy documents and other literature, found that policy is in place to help cleared individuals with personal problems get access to the counseling and treatment they need. However, research showed that cleared employees, civilian or military, often remain suspicious that their attendance at such programs will result in clearance revocation. Thus, some consult counseling programs outside the Federal system, eschewing the very programs that the government has set up to help them. Report 2 documents the research and presents findings and conclusions; it also contains a series of appendices that provides background information for the interested reader on such topics as the EAP movement, military counseling/referral programs, and DoD personnel security policies and programs.
PERSEREC undertook this project to assess the degree of public support for various national security issues. PERSEREC commissioned the National Opinion Research Center at the University of Chicago to include questions on its 1994, 1996, 1998, and 2000 general Social Surveys. PERSEREC collected attitude information relative to seven issues: (1) need for secrecy in various areas of government activity, (2) government’s need to collect information on individuals vs. people’s privacy rights, (3) public support for various security countermeasures, (4) government’s right to know mental health information, (5) loyalty to employer versus coworkers, (6) punishments for various acts of trust betrayal, and (7) perception of threats to the United States.
A six-person team of highly experienced personnel security adjudicators and investigators reviewed 4,721 case files at four agencies routinely conducting the Single Scope Background Investigation Periodic Reinvestigation (SSBI-PR): DoD, Office of Personnel Management (OPM), Central Intelligence Agency (CIA) and National Reconnaissance Office (NRO). Information was obtained regarding subjects’ backgrounds, the sources that were included in the SSBI-PRs, whether sources provided issue and/or mitigating information, and the type and adjudicative value of the information that was provided. Information yield was shown to differ dramatically across sources, and differences in source productivity were consistent across organizations. The SF-86, Subject Interview, and Credit Report consistently yielded issue and mitigating information most frequently. The majority of SSBI-PRs did not contain issue-relevant information and less than 5% of the SSBI-PRs resulted in actionable outcomes by the participating organizations. These and other findings provide a foundation for designing an improved SSBI-PR process. Using data from this study, a second PERSEREC report, A New Approach to the SSBI-PR: Assessment of a Phased Reinvestigation, demonstrates how a phased approach to the SSBI-PR process could achieve a more effective periodic reinvestigation program on a community wide scale.
PERSEREC conducted a study of the efficiency and effectiveness of Adjudicative Guidelines and Investigative Standards approved by the President in 1997. Results indicate that DoD has successfully implemented the Adjudicative Guidelines and Investigative Standards. On a summary measure the guidelines were rated as adequate. Those ranked highest in terms of their adequacy were: Foreign Preference, Emotional/Mental and Personality Disorders, Outside Activities, and Misuse of Information Technology Systems. A workshop attended by senior adjudicators suggested there may be a high level of consistency when applying the guidelines to identical cases.
PERSEREC has worked with the National Opinion Research Center from 1993 until 1998 to define the climate of public opinion in which government security policy is developed. Security-related items have been included in the 1994, 1996, and 1998 General Social Surveys concerning how much protection should be provided for national security information, the appropriate areas of inquiry for establishing eligibility for positions of trust, and acceptable methods for monitoring cleared employees. This report summarizes attitude trends and magnitudes of public support on these issues across the 4-year time span. In general, the data show that there is a solid and sustained endorsement for protecting various categories of national security information and a strong and continuing support for investigative inquiry into personal areas such as finances, mental health, criminal history, and substance abuse. Espionage is clearly perceived to be a serious crime that should warrant severe sentencing after conviction. However, there is mixed and uncertain support for security measures to ensure the continued reliability of cleared employees.
This study was undertaken to provide data on the yield of the sources contacted using the SSBI to policy makers deliberating the feasibility of shortening the scope of the SSBI to 7 years. Arguments for either retaining or changing scoping requirements can be supported by this study. In support of the 7-year scope, it was found that the Subject provides significant issue information in 81% of the cases and that 97.6% of all issues are developed within 7 years of coverage. However, for a small unrepresentative sample, if the Subject is discounted as a source of issue information, between 4 and 13% of denials come from sources beyond 7 years of coverage. Approximately 90% of non-subject disclosed information from the higher yield sources (relatives, employment, developed and listed references, and financial and employment records) was captured with a 7-year scope.
This study was undertaken to develop: (1) policy requirements for personnel security appeal boards (PSABs), and (2) options for incorporating a personal appearance into the process for appealing an adverse personnel security determination in DoD. Policy requirements for PSABs are recommended. Three options for handling personal appearances are presented and Option 2, which provides an appellant the opportunity to appear before a PSAB, is recommended.
The study was undertaken to develop a computer-administered security screening questionnaire for use with applicants to sensitive Navy ratings. A system was designed (Military Applicant Security Screening) and tested and evaluated at nine Military Entrance Processing Stations (MEPS). Data is presented concerning the amount of potentially derogatory information disclosed by questionnaire and the reactions of Navy classifiers who administered the system. Based on the favorable findings of the study, the Navy approved the system for implementation at all the MEPS.