Official websites use .mil
Secure .mil websites use HTTPS
PERSEREC has completed a variety of research projects that have benefited Defense security programs in terms of improving policy and practical procedures, enhancing efficiency, fairness, and due process in the personnel security system.
The following are a few examples of both Technical and Management Reports that have been published.
For additional Technical Reports, please visit the Defense Technical Information Center (DTIC) website.
For additional Management Reports, please contact us directly at firstname.lastname@example.org.
PERSEREC-PA-22-33 (OPA Report No. 2022-085) September 2022The Threat Lab Professional Development Unit (PDU) Guide
PERSEREC-RN-21-08 (OPA Report No. 2021-050) July 2022Mitigating Toxic Leadership
PERSEREC-RN-21-02 (OPA Report No. 2021-040) July 2023The Dark Triad: Considerations in Hiring, Employment, and Termination
PERSEREC-PA-23-01 (OPA Report No. 2023-126) May 2023Preventing Targeted Violent Attacks: Best Practices for BystanderIntervention
PERSEREC-PA-21-31, OPA Report No. 2021-083 April 2023Insider Threat: Case Study Card Game
PERSEREC-TR-23-01 (OPA Report No 2023-048) March 2023An Examination of Racial, Ethnic, and Gender Disparities in DON's PersonnelSecurity Program
PERSEREC-RN-21-19 (OPA Report No. 2021-128) February 2023Increasing Workforce Commitment and Loyalty in the 21st Century
PERSEREC-PA-21-38 (OPA Report No. 2021-127) February 202321st Century Manager's Field Guide to Employee Loyalty: Guidebook & EmployeeCareer Stage Cards
PERSEREC-PA-21-16 (OPA Report No. 2021-068) January 2022Structured Professional Judgment Tools: A Reference Guide
PERSEREC-RN-22-05 (OPA Report No. 2022-201) September 2022Results of the Initial Stakeholder Test of the eInterview Mobile App Prototype
PERSEREC-RN-22-01 (OPA Report No. 2022-214) October 2022Compatibility Assessment and Prediction of Misconduct: A Review of the Academic Research Literature
PERSEREC-PA-22-17 (OPA Report No. 2022-177) October 2022Ensuring Fairness and Enhancing the Protection of Privacy in Counter-Insider Threat Programs: Resources and Reflection Activities
PERSEREC-RN-21-13 (OPA Report No. 2021-089) July 2022Teaching Organizational Risk Prevention and Mitigation Using Problem-Based Learning
PERSEREC-PA-21-35 (OPA Report No. 2021-090) September 2022Insider Threat Prevention and Mitigation - A Problem-Based Learning Experience for Organizational
PERSEREC-PA-22-16 (OPA Report No. 2022-175) September 2022Digital Discernment Graphic Novel
PERSEREC-PA-21-13 (OPA Report No. 2021-063) September 2022Counter-Insider Threat (C-InT) Analyst Professionalization Road Map
PERSEREC-PA-22-12 (OPA Report No. 2022-123) September 2022Counter-Insider Threat Professionalization Road Map Video
PERSEREC-PA-21-14 (OPA Report No. 2021-064) September 2022Fundamental Skills for the Counter-Insider Threat (C-InT) Analyst
PERSEREC-PA-22-15 (OPA Report No. 2022-176) September 2022Overview of the Structured Professional Judgment Tools (SPJ) Reference Guide Video
PERSEREC-RN-21-07 (OPA Report No. 2021-043) August 2022Misinformation in the Purple Ridge Mountains: A Navigate Your Fate Story(Report)
PERSEREC-PA-21-08 (OPA-2021-044) August 2022Misinformation in the Purple Ridge Mountains: A Navigate Your Fate Story(Novella)
PERSEREC- PA-20-01 (OPA Report No. 2021-035) November 2021Resources Exist, Asking Can Help-Spouse (REACH-Spouse)
PERSEREC-RN-21-12 (OPA-2021-067) January 2022Structured Professional Judgment Tools
PERSEREC-RN-21-14 (OPA Report No. 2022-087) February 2022Deepfakes and Unintentional Insider Threats
PERSEREC-PA-21-36 (OPA Report No. 2022-088) February 2022Deepfakes – Prepare for the Next Challenge
PERSEREC-PA-21-41 (OPA Report No 2021-123) September 2021Best Practices for K-12 Public School Security Policy
PERSEREC-RN-21-01 (OPA Report No. 2021-038) June 2021"Maybe It's Me"—A Visual Campaign To Encourage Self-Awareness & Self-Improvement in the Workforce
PERSEREC-RN-20-08 (OPA Report No. 2020-107) November 2020Building a Supervisor Guide to Concerning Conduct
PERSEREC-TR-20-02 (OPA Report No. 2020-105) November 2020Shifting the Mindset on Help Seeking in the Military: REACH Field Test Results
PERSEREC-RN-20-09 (PERSEREC-RN-20-09, OPA Report No. 2020-099) October 2020Structured Professional Judgment Tools
PERSEREC-PA-20-01 (OPA Report No. 2020-060) April 2020Dangerous Disclosure Graphic Novel
PERSEREC-RN-20-01 (OPA Report No. 2020-047) March 2020The PAR Capabilities and the Convergence of Workplace Violence Prevention, Counter-Insider Threat, and Personnel Vetting Policies in DoD
PERSEREC-TR-19-07 (OPA Report No. 2020-002) December 2019A Personnel Security Training Program for Clinicians: Phase III
PERSEREC-TR-19-06 (OPA-2019-079) November 2019Personnel Security Underreporting: Establishing Rates and Estimating the Problem
PERSEREC-TR-19-05 (OPA Report No. 2019-067) October 2019An Evaluation of the Utility of Expanding Psychological Screening to Prevent Insider Attacks
PERSEREC-RN-19-03 (OPA Report No. 2019-056, Threat Lab Report No. 2019-003) October 2019On the Right Track: Worker-on-Worker Violence Prevention
PERSEREC-TR-19-03 (OPA Report No. 2019-033) June 2019Enhancing Supervisor Reporting of Behaviors of Concern
PERSEREC-TR-19-04 (OPA Report No. 2019-030) May 2019Improving Automated Clean Case Screening: Tier 3 eAdjudication Business Rule Refinement
PERSEREC-TR-19-02 (OPA-2019-021) March 2019The Resource Exfiltration Project: Findings from DoD Cases, 1985-2017
PERSEREC-TR-19-01 (OPA-2019-016) February 2019A Personnel Security-Training Program for Clinicians: Phase II
PERSEREC-TR-18-18 (OPA-2019-007) January 2019Military Leaders' Use of Behavioral Health Resources: Barriers to Care and Possible Solutions
PERSEREC-TR-18-17 (OPA-2018-087) December 2018Suicide-Related Incident Reporting in DoD's Personnel Security Program
PERSEREC-TR-18-16 (OPA-2018-082) October 2018A Strategic Plan to Leverage the Social & Behavioral Sciences to Counter the Insider Threat
PERSEREC-TR-18-10 (OPA-2018-048) July 2018Mental Health and Help-Seeking in the U.S. Military: Survey and Focus Group Findings
PERSEREC-TR-18-14 (OPA-2018-065) August 2018Modeling Insider Threat From the Inside and Outside: Individual and Environmental Factors Examined Using Event History Analysis
PERSEREC-TR-18-13 (OPA-2018-056) July 2018A Personnel Security Training Program for Clinicians: Phase I
PERSEREC-MR-18-03, OPA-2018-037 April 20182016 RADAR Adjudication Quality Evaluation
TR 18-06 April 2018Tier 1 and Tier 3 eAdjudication Business Rule Validation
TR 18-04 February 2018Postvention in the U.S. Military: Survey of Survivors of Suicide Loss from 2010-2014
TR 17-10 August 2017The Expanding Spectrum of Espionage by Americans, 1947 – 2015
TR 17-07 June 2017Improving Mental Health Reporting Practices in Between Investigations
MR 17-06 September 20172015 RADAR Adjudication Quality Evaluation
TR 16-03 June 2016Early Warning Signs of Suicide in Service Members Who Engage in Unauthorized Acts of Violence
TR 16-01 May 2016Suicide and Violent Cognitions, Emotions, and Behaviors in U.S. Military Personnel
TR 15-01 March 2015A Relevant Risk Approach to Mental Health Inquiries in Question 21 of the Questionnaire for National Security Positions (SF-86)
TR 13-06 November 2013The Evolution of the Automated Continuous Evaluation System(ACES) for Personnel Security
TR 13-05 July 2013Baseline Suitability Analysis
In support of professionalization of Counter-Insider Threat personnel, The Threat Lab has developed two certification programs, both of which require on-going professional development. This guide helps individuals holding those certifications to understand options for professional development opportunities and provides specific examples using activities and opportunities also developed by the Threat Lab.Download ReportBack to list
Toxic leadership behaviors compromise the well-being of the workforce and increase an organization's vulnerability to insider threat incidents. Senior leaders can influence change, but they may not recognize toxic behaviors or know how to deal with them. To meet this need, we designed an online guide, "Step-Up and Step-In," to help senior leaders identify, mitigate, and prevent toxic leadership behaviors in themselves and othersDownload ReportBack to list
People high in psychopathy, narcissism, and Machiavellianism—collectively known as the Dark Triad—are more likely to engage in counterproductive work behavior. These same personality traits, however, may be adaptive or beneficial in certain careers or roles. "The Dark Triad: Considerations in Hiring, Employment, and Termination" is an explainer video that provides supervisors and human resources professionals with techniques to mitigate the challenges associated with these traits in order to maximize employees' positive contributions. This Research Note discusses the video.Download ReportBack to list
Many targeted violent acts are preventable through recognition and reporting. Early reporting increases the chances for successful resolution for all concerned. This brochure aims to help you prevent violent attacks by providing information on what, where, and when to report.Standard Version | Trifold VersionBack to list
Insider Threat: Case Study Cards details 44 real cases of insider threat including information about indicators and warning signs. This card deck also includes a Guide Book with several exercises that individuals and organizations can use to help learn the warning signs and consequences of past Insider Threat incidents, the different types of threats they may face, and ways to prevent and mitigate those threats. Double-sided print versions available upon request.Card Game, Category Cards, Mitigation Cards, Instruction bookBack to list
The Department of Navy (DON) would like to know if inequities in security clearance outcomes exist for protected classes. If they do, these inequities could affect DON's ability to recruit and retain a diverse workforce. In this report, we examine racial, ethnic, and gender disparities in security outcomes to ensure that DON's Personnel Security Program is operating as intended-without disparate impact on racial/ethnic minorities and women. We focus on five personnel security outcomes: receipt of a statement of reasons (indicating intent to deny or revoke clearance), an eligibility determination (favorable, neutral, or unfavorable determination), a local access suspension, a security incident report, or any of these negative actions. We did not detect any conclusive racial, ethnic, or gender differences in personnel security outcomes using demographic and proxy ethnicity (e.g., birth country region) predictors. We posit that the lack of identifiable relationships could be due to highly standardized vetting processes, which are predominantly blind and always subject to significant legal review. We recommend additional analyses examining this research question (a) in the DoD-wide personnel security population and (b) across more nuanced vetting outcomes. This deeper-dive research should consider whether protected classes are more prone to certain adjudicative issues (e.g., criminal disqualifications reflecting criminal justice system bias) or whether their cases take longer to complete. These issues remain problematic for personnel even when outcomes such as final eligibility determinations are ultimately favorable.Download ReportBack to list
Employee commitment and loyalty have significant implications for insider threat and personnel security. While organizations are faced with an unprecedented shift in the generational composition of the 21st Century workforce, research shows that generational differences do not appear to be a primary factor in loyalty and commitment. Instead, our research identified other factors that contribute to employees' ongoing commitment and provide strategies to improve important organizational attributes across career stages. The Threat Lab developed an associated Guidebook and Employee Career Stage Cards to help managers increase organizational commitment and loyalty in the workforce.Download ReportBack to list
This guidebook pulls together evidence-based strategies to assist managers in promoting loyalty and commitment. These strategies are practical, easy to apply, and designed to help managers create positive perceptions about working for the organization.Download GuidebookBack to list
As Counter-Insider Threat (C-InT) programs begin to include concerns about workplace violence, they must be equipped to effectively assess and manage the associated risks. The current gold standard is structured professional judgment (SPJ), an evidence-based approach that combines empirically validated tools with professional judgment. The objective of this project was to produce a Reference Guide to educate C-InT professionals about the use of SPJ tools in violence risk assessment (VRA) and threat assessment (TA).Download ReportBack to list
PERSEREC was tasked with creating and testing a prototype eInterview mobile application that could be used to help expedite the background investigation process. The PERSEREC project team worked closely with stakeholders from multiple Federal agencies to develop a question set and a mobile application to automate the collection of delinquent debt information. This report details the development of the prototype eInterview mobile app, the stakeholder test process, results of the user testing, and recommendations for next steps based on those findings.Download ReportBack to list
The Personnel Security and Research Center (PERSEREC) conducted a comprehensive review of applicant compatibility assessments on behalf of DoD's Office of the Under Secretary for Personnel and Readiness (OUSD P&R) Accession Policy Directorate, Sexual Assault Prevention and Response Office (SAPRO), and the Office of Force Resiliency (OFR). The goal of this review was to identify best practices for assessingand selecting DoD military applicants. Compatibility assessments are used to determine whether an applicant is likely to be a good "fit" for an organization and to estimate an applicant's risk of engaging in future misconduct, violence, or other problematic behavior. These assessments may evaluate aspects of an applicant's character, personality, values, opinions, decision-making, or behavioral and legal history.Download ReportBack to list
The resources and activities included in this collection are intended to encourage Counter-Insider Threat professionals to reflect on the ethical execution of their responsibilities. The questions and scenarios explored here are designed to provoke thought and inquiry, and the resources offer opportunities for further exploration of the topic.Download ReportBack to list
This Research Note describes the development of a Problem-Based Learning experience that uses an insider threat case study to educate current and future leaders about the types of organizational vulnerabilities and risks posed by insiders, the responsibilities they have to mitigate these risks, and the consequences of failing to do so.Download ReportBack to list
Malicious or careless insiders can intentionally or unwittingly compromise an organization and threaten the safety and well-being of its workforce. To protect an organization and its employees, it is imperative that current and future leaders understand how to detect and mitigate these potential threats. This problem-based learning experience provides a case synopsis of a known insider threat incident for you to analyze from the perspective of organizational risk prevention and mitigation.Download: Facilitator Guide, Participant Guide, SlidesBack to list
The Threat Lab created this graphic novel to raise awareness of the tactics and features that make internet disinformation and misinformation so compelling and to present some strategies for evaluating the content consumed online.Download NovelBack to list
Government counter-insider threat (C-InT) programs are widening their scope to address workplace violence. Structured professional judgment (SPJ) is an evidence-based approach that combines empirically validated tools with professional judgment. This video provides an overview of the SPJ Tool Reference Guide, which was created to educate C-InT professionals on the variety of SPJ tools available to assess risk for different types of insider threat. The video was intended to increase awareness of Guide and the use of SPJ tools in violence risk assessment (VRA) and threat assessment (TA).Watch VideoBack to list
This Reference Guide intended to serve as a source of information about some of the knowledge and skill areas that are fundamental to the C-InT analyst and is part of larger efforts to professionalize the growing C-InT analyst workforce. The Guide defines the role of the C-InT analyst in successful hub operations. It includes sections on C-InT policy, a C-InT analyst's role and key skills, and relevant foundational behavioral models.Download full reportBack to list
This professionalization Road Map for C-InT Analysts is intended to support the evolution of the role of C-InT Analysts from a series of tasks to a profession of its own. It is designed to (a) define the role of the C-InT Analyst in a C-InT Hub; (b) define a core knowledge base that support's an organization's understanding of the C-InT Analyst's role; and (c) establish expectations for foundational knowledge and professional advancement.Download full reportBack to list
This video is intended to increase awareness of the Counter-Insider Threat Professionalization Road map (PA-21-13) and the ways that counter-insider threat analysts at all levels can use the Road Map to develop and advance in their careers; the Road Map can also help counter-insider threat program leadership determine selection criteria,advance their people, and identify relevant training.Watch VideoBack to list
Misinformation and disinformation represent persistent challenges to the integrity and safety of our organizations and institutions. If we want to protect against these threats, we need to develop and sustain robust critical thinking skills. This research note describes the development of the first installment in the Navigate Your Fate series-a series of pathway novels designed to train the general workforce. This novel, Misinformation in the Purple Ridge Mountains, leads readers through a fictional story and asks them to use critical thinking skills to successfully navigate their way to the conclusion.Download full reportBack to list
Misinformation and disinformation represent persistent challenges to the integrity and safety of our organizations and institutions. If we want to protect against these threats, we need to develop and sustain robust critical thinking skills. This research note describes the development of the first installment in the Navigate Your Fate series-a series of pathway novels designed to train the general workforce. This novel, Misinformation in the Purple Ridge Mountains, leads readers through a fictional story and asks them to use critical thinking skills to successfully navigate their way to the conclusion.Download NovellaBack to list
EACH-S is an initiative for military spouses designed to destigmatize mental health challenges, normalize help-seeking and connect those in need with support. REACH-S is implemented through small-group discussions with military spouses divided into two sessions. Session One focuses on military spouses' barriers to seeking mental health care, solutions to these barriers and self-care practices. Session Two focuses on the service member's barriers to seeking mental health care and teaches suicide prevention skills to military spouses. Prospective facilitators will need to download and familiarize themselves with the Facilitator's Manual, REACH-S Slides, Resources Handout, and Demonstration Videos before leading a REACH-S session.Download resources hereBack to list
As Counter-Insider Threat (C-InT) programs begin to include concerns about workplace violence, they must be equipped to effectively assess and manage the associated risks. The current gold standard is structured professional judgment (SPJ), an evidence-based approach that combines empirically validated tools with professional judgment. The objective of this project was to produce a Reference Guide to educate C-InT professionals about the use of SPJ tools in violence risk assessment (VRA) and threat assessment (TA).Download full reportBack to list
Deepfakes are digital forgeries that use artificial intelligence to create believable but misleading images, audio, and videos. When organizational insiders interact with this manipulated media, they may inadvertently take actions that compromise their organization's security. To address this problem, we've developed a short video to raise awareness of deepfakes and provide guidance on how to counteract them. The purpose of this effort is to decrease unintentional insider threat by building greater awareness of deepfakes and how they are used to influence workforce behavior.Download full reportBack to list
The Threat Lab presents a short video on the emerging threat of deepfakes, a form of digitally altered media that uses artificial intelligence to create believable messaging engineered to encourage people to provide access to information or systems they would otherwise protect.https://vimeo.com/602102971/f1f1012cf5Back to list
Tragic events like the shootings at Columbine, Sandy Hook, and Parkland have a very low probability of occurring, but their consequences demand constant dedication to prevention. As part of previous work, the Defense Personnel and Security Research Center (PERSEREC) researchers conducted a systematic review of academic, professional, and government publications to identify evidence-based best practices for security programs associated with active shooter prevention and response, managing threats made by students, post-crisis family reunification, and mental health interventions (Beneda et al., 2020).Download full reportBack to list
A trusted reporting and response process is only one piece of a comprehensive Counter-Insider Threat Program. Employees should also feel motivated and be incentivized to monitor and mitigate their own concerning behavior, especially if it interferes with the overall well-being of the organization. "Maybe It's Me" is a visual campaign designed to address this difficult topic in a non-confrontational manner and encourage both self-awareness and self-improvement to benefit individuals and organizations.Download full report, Bullying Infographic, Remote InfographicBack to list
Unauthorized disclosure is an ongoing national security concern DoDM 5200.01. In collaboration with DoDs Counter-Insider Threat Program and the National Insider Threat Task Force, the Threat Lab created this graphic novel to raise awareness of the harm that unauthorized disclosures may cause and help to prevent these damaging events. (https://vimeo.com/530462391)Download full reportBack to list
The Threat Lab, operating under The Defense Personnel and Security Research Center (PERSEREC), a division within the Office of People Analytics, created a prototype job aid, or guide, to help supervisors identify concerning behaviors, institutional resources to address concerning behaviors, and employee-oriented resources for supervisors to share with employees.User testing showed that supervisors and subject matter experts found the guide helpful and easy to use. As the largest Federal agency, DoD is too big and diverse for a single application to cover all existing information about behaviors of concern and supervisor reporting requirements. But there are DoD-wide resources that supervisors should be aware of, and an application, such as this one, that ties these resources together can help supervisors overcome obstacles to maintaining a productive and safe workplace.Download full reportBack to list
Despite the prevalence of DoD and Service branch resources to support Service members who are dealing with stressful situations, approximately half of all military personnel who need mental health support, particularly for suicide risk, do not access it. In FY19, the Defense Personnel and Security Research Center, a division of the Office of People Analytics, developed an upstream suicide risk intervention entitled Resources Exist, Asking Can Help (REACH), in coordination with Military Community and Family Policy, Defense Suicide Prevention Office, and the military Service branches. REACH is an intervention designed to normalize help seeking among Service members by reducing barriers to care, increasing comfort with seeking help, and increasing knowledge of resources. REACH includes an interactive icebreaker; a short video modeling stressors and problems that all Service members face; a small group discussion about barriers, solutions, and resources; and a practice call to Military OneSource. The current study is a field test to evaluate the effectiveness of REACH using a formative approach. Participants in the field test came from the Navy, Air Force, and Army Service branches. Researchers trained facilitators who then led REACH sessions with groups of 6 to 20 Service members. Results from three of the four sites demonstrate that REACH sessions lowered perceptions of barriers, increased Service members' comfort with seeking help, and increased their knowledge of resources. Data from the fourth site were analyzed separately and models were underpowered to detect the effect of the REACH session on the outcomes of interest. Recommendations are discussed for how to bring REACH up to scale across the total military force.Download full reportBack to list
Unauthorized disclosure is an ongoing national security concern. In collaboration with DoD's Counter-Insider Threat Program and the National Insider Threat Task Force, the Threat Lab created this graphic novel to raise awareness of the harm that unauthorized disclosures may cause and help to prevent these damaging events.Download full reportBack to list
As part of a recent assessment of DoD's workplace violence prevention programs, researchers reviewed the implementation status of the mandatory Prevention, Assistance, and Response (PAR) capabilities. The review found a number of barriers to implementation, many due to the fact that the PAR concept emerged from a complex array of insider threat events and policies related to workplace violence prevention, counter-insider threat, and personnel vetting. The purpose of this Research Note is to analyze this history to help policymakers move forward with efforts to integrate various stakeholders' needs into a comprehensive strategy to protect the DoD workforce.Download full reportBack to list
Download full reportBack to list
Download full reportBack to list
DoD personnel who pose a threat or experience personal problems may show early warning signs but supervisors do not always recognize indicators or report their concerns through proper channels. A literature review and subject matter expert (SME) interviews collected information about barriers to reporting, strategies for overcoming these barriers, and tools to assist with the reporting process. This study also evaluated the utility and feasibility of using the United Kingdom Centre for Protection of National Infrastructure Employee Assessment Tools to supplement automated continuous evaluation and to provide supervisors an early intervention channel for at-risk employees. Literature review findings suggest that a comprehensive approach to prevention and mitigation of misconduct may increase the likelihood of reporting, and vice versa. Increased reporting may be achieved by providing a clear, easily used, and trusted reporting system, along with a positive organizational culture that makes felt responsibility to report stronger than the psychosocial impediments. SMEs interviewed for this study recommended clarifying reporting policy, providing additional scenario-based training, and improving relationships between supervisors and security managers. Some SMEs also emphasized the importance of holding personnel accountable for reporting security concerns. They suggested that accountability is currently inadequate, which may contribute to underreporting. The researchers concluded that the Employee Assessment Tools are not appropriate for the entire DoD cleared population, but are an excellent example of a reporting tool for individuals in high-risk positions.
This report presents the rules of tests modifying the electronic adjudication (eAdjudication) business rules to attempt to reduce the rate of false alarms and to incorporate potential applications of natural language processing (NLP). eAdjudication is a tool used by the Federal Government to automatically grant favorable eligibility determinations to clean cases. Because the rules are quite conservative, eAdjudication frequently generates false alarms, incorrectly transferring clean cases to human adjudication rather than granting a favorable determination. This report presents the results of tests to reduce this false alarm rate without increasing the risk of incorrect favorable determinations. In addition, preliminary NLP results are presented that reproduce certain business rules using the unstructured text contained within the background investigation. Results of the business rule testing suggest two potential modifications to reduce false alarms without increasing security risk. First, modifying the rule that selects only cases with a case seriousness code of "G" to include cases with case seriousness codes of "R" and "A" as well. Second, deactivating the rule that checks the results of the question on the Standard Form 86 about Selective Service registration. Making these changes reduced false alarms by 8.4%. In addition, NLP results show that criminal history can be predicted with some reliability using the unstructured text from the Report of Investigation. Future research should explore the possibility of including NLP or other avenues for increased complexity of business rules in order to further reduce the rate of false alarms.
In recognition of the persistent and evolving insider threat to the integrity of DoD resources, the Defense Personnel and Security Research Center expanded its flagship research project on espionage to include all publicly known cases of resource exfiltration, or cases that involved the intentional and unauthorized removal of DoD resources from authorized locations regardless of classification level. The objective of this study was to identify common themes and behavioral indicators that preceded individuals' arrests in order to prevent and mitigate future incidents. In total, 83 cases of DoD resource exfiltration were included in this study, and researchers collected information related to 392 variables of interest, to include pre-arrest behavior that matched disqualifying factors of the Adjudicative Guidelines and/or behavioral threat assessment themes. Researchers concluded that there is no demographic profile of individuals who exfiltrate DoD resources, but there are common behavioral indicators that represent intervention points, or those points in a person's transformation from a trusted employee to an insider threat when DoD could take action to hopefully bring that person back into the productive workforce.
Personnel security investigators and adjudicators require assistance to address cases involving mental health concerns (Dickerhoof, Wortman, Osborn, & Smith, 2017; Senholzi, Langham, Smith, & Shechter, 2016). Staff psychologists at DoD's Consolidated Adjudication Facility (DoD CAF) are available to consult with adjudicators, but investigators do not have an equivalent resource. Furthermore, CAF psychologists do not perform psychological assessments; instead, adjudicators request these assessments through community clinicians when needed. Because these clinicians are rarely trained in the nexus between mental health and national security they often fail to provide necessary information, causing delays in the clearance process. Another procedural problem involves the collection of mental health information from the subject's treatment provider. This has long been protocol for investigators, but the treatment provider experiences a conflict of interest and often has concerns about what can or should be shared. Given this, obtaining mental health opinions from treatment providers can be time-consuming and confusing for investigators and providers alike. To address these points, prior Defense Personnel and Security Research Center (PERSEREC) studies recommended an independent cadre of clinicians trained to assess judgment, reliability, and trustworthiness on behalf of the Federal Government. To continue this initiative, PERSEREC engaged SMEs to determine the pre-selection qualifications and recommended skill standards needed to operate in this role. Additionally, PERSEREC explored training program implementation strategies and assessed interest and concerns from other Departments and Agencies (D&As) regarding shared use of this service. Results indicate that a clinician cadre should be initially developed for clearances adjudicated at DoD CAF. Once established, the cadre can be offered to other D&As who could also benefit from it.
Prior research indicates that military officers are less likely than enlisted personnel to seek mental or behavioral health support when such services would be beneficial (e.g., when experiencing suicidal ideation or after a suicide attempt; Ho et al., 2018; OPA, 2017). Barriers to behavioral health resource utilization in the military include public stigma, internalized self-stigma, concerns regarding peer and leader perceptions of work-related abilities, preference for self-reliance, negative attitudes toward behavioral health treatment, and operational barriers (Britt et al., 2016; Greene-Shortridge, Britt, & Castro, 2007; Hines et al., 2014; Kim, Britt, Klocko, Riviere, & Adler, 2011; Nash, Silva, & Litz, 2009; Vogt, 2011). However, research is limited regarding the help-seeking experiences, barriers, and available resources for senior leaders, such as non-commissioned and commissioned officers. This report addresses this gap in the literature. Specifically, we interviewed 32 subject matter experts (SMEs) affiliated with the Army, Navy, Marine Corps, Air Force, and the Office of the Undersecretary of Defense for Personnel and Readiness. Results of SME interviews indicated that, although several behavioral health resources are available to officers, few are tailored specifically to the needs of officers. SME-identified barriers to officer help-seeking behavior were consistent with those previously described in military studies, but SMEs indicated that the concerns were heightened for senior leaders. Based on SME-identified solutions to address barriers, this study concludes with a list of recommendations for changes to the military behavioral health system and officer professional development as well as increases to spouse and family involvement in officer help-seeking and the creation of messaging campaigns targeted specifically to leaders and senior officers.
Download full report Back to list
This study explored data trends, field procedures, and policy requirements associated with DoD suicide-related incident reports. Research considered scope and consequences of suicide-related incident reporting, circumstances leading to reporting, and recommendations to improve protections for vulnerable personnel who undergo this process. Analysis of Joint Personnel Adjudication System (JPAS) incident data found that approximately 3.9% (i.e., 1,683) of 42,708 FY16 incidents were suicide-related. Furthermore, suicide-related incidents were more likely to be reported within the military (5.5% of military incidents) relative to civilian and contractor populations (1.5% and 0.5% of their incidents). Access suspensions were slightly more common among suicide versus non-suicide-related incidents (16.0% vs. 14.2%), but unfavorable eligibility outcomes did not differ between these groups (11.9% vs. 12.6% for eligibility loss; 1.1% vs. 1.4% for denials/revocations, specifically). However, suicide-related incidents took longer to adjudicate (7.9 vs. 5.4 months). Additionally, these reports were more likely to be associated with hospitalizations but less likely to involve assaults or arrests. Finally, researchers spoke with subject matter experts (SMEs; security officials, commanders, and psychologists) to understand how suicide-related incidents are addressed in the field. SMEs discussed ramifications of reporting these events as security concerns, common ways these events become known and are handled, reporting obstacles, use of psychological evaluations, and treatment referral processes. Research findings suggest more guidance, training, and policy specificity for reporting suicidal behavior is needed. If these behaviors remain required reporting per policy, stakeholders should focus stigma reduction efforts on improving adjudication timeliness. One way to achieve this goal is to introduce timeliness metrics for these sensitive incident-reporting events.
The insider threat is, at its core, a human problem that results from a complex interaction among individual and environmental factors. The social and behavioral sciences (SBS) are well-suited to address this complicated and persistent human problem. In 2016, the Office of the Under Secretary of Defense for Intelligence partnered with the Defense Personnel and Security Research Center to design a comprehensive research plan and strategy to integrate the SBS into the DoD counter-insider threat mission space. Developed in collaboration with subject matter experts (SME) and approved by the DoD Insider Threat Program Director, this strategic plan has three goals: 1) Align SBS with DoD's counter-insider threat mission to ensure that the enterprise is well-equipped, trained, and vigilant in protecting DoD resources, personnel, installations, and equities; 2) Present a plan to drive current and future investment in SBS research; and 3) Communicate the SBS vision to senior leadership, stakeholders, and potential partners. The SME interviews resulted in five SBS Research Campaigns that together comprise the SBS Research Plan to counter malicious insider threat behavior: Employee Reporting; Technology, Tools & Data; Individual Factors; Organizational Factors; and Program Evaluation. As part of the interviews, SMEs also explained what is required for researchers to continue forward progress and execute the SBS Research Plan. Several SMEs drew on their own experiences building successful Insider Threat Programs, especially under adverse fiscal and cultural conditions. The two most commonly mentioned SME strategies for success—Tailor the Message and Build Strategic Partnerships—provide valuable lessons for SBS researchers who want to make a meaningful contribution to insider threat detection, prevention, and mitigation efforts.
Despite policies that aim to reduce stigma and access to mental health care within the military, almost half of Service members who may be in need do not seek mental health support. The current study builds on past research on barriers to seeking help for mental health concerns, particularly for suicidal ideation or suicide attempt, by examining factors that promote or prevent help-seeking from the perspective of Service members and suicide prevention gatekeepers. Data from the 2016 Status of Forces Survey of Active Duty Members were analyzed to estimate the prevalence of non-help-seeking, and individual, occupational, and barrier factors associated with non-help-seeking. Focus group interviews with military suicide prevention gatekeepers provided context and further insight into the findings from the survey. In addition, gatekeepers discussed strategies for promoting help-seeking for mental health concerns. Findings from this study indicate that non-help-seeking Service members tend to be male, officers, less knowledgeable about suicide prevention skills, and more concerned about the impact of seeking mental health care on their career. Recommendations include: (1) conducting effective suicide prevention training and mental health awareness campaigns, and evaluating their implementation, (2) establishing programs to encourage Officers to seek help for mental health concerns, and (3) addressing Service members' concerns that seeking help will have an adverse impact on their careers. Ultimately, this study does not suggest changing the policies impacting career-progression and help-seeking behavior, as many of them have been put into place for reasons such as safety, but instead encourages decision-makers to address the perception of these repercussions.
Insider threat is an ongoing concern for the Department of Defense (DoD). Within the past 8 years, incidents of violence, such as the Fort Hood and Navy Yard shootings, as well as massive unauthorized disclosure of classified information to Wikileaks by Private Manning have caused serious harm to personnel and national security. In addition to policy and procedural changes and implementing programs for improved physical security and continuous evaluation, there have been several attempts at predictive modeling of insider threat events.For this study, analyses focused on individual factors (e.g., marital status and education) combined with environmental factors (e.g., the property crime rate in an individual's city) in relation to insider threat outcomes that may precede high-impact events. Results demonstrated that event history analysis is a viable approach to examining insider threat behavior using a combination of individual and environmental factors.
Prior DoD personnel security research identified interest in a cadre of personnel-security-trained clinicians (i.e., psychologists and psychiatrists) to consult on mental-health-related background investigation and adjudication issues (Senholzi et al., 2016; Shedler & Lang, 2015). The current initiative assessed this point further by (1) characterizing specific use of and need for clinicians under current mental health vetting procedures, (2) assessing current clinician workload to inform future resource needs, and (3) identifying preexisting personnel security training resources for potential clinician use. Findings confirmed that a cadre of readily accessible consulting clinicians can improve interactions with subjects' mental health providers, interpretation of mental health records, identification of psychological evaluators (particularly for contract employees), and receipt of psychological evaluations based on personnel-security-centric assessment. Although mental health issues are self-reported in only about 15,900 (2.3%) scheduled National Background Investigation Bureau investigations annually (~9,800 initial investigations [1.4%] and ~6,100 periodic reinvestigations [0.9%], respectively), clinician consulting needs applicable to these cases are not inconsequential. Furthermore, this estimate does not include the approximate 3,100 Adjudicative Guideline I: Psychological Condition incident reports that arise in between initial and periodic reinvestigations each year for centrally adjudicated DoD clearances (~6.0% of all DoD incidents reported annually; see Jaros et al., 2017). In many of these instances, a group of consulting clinicians could help to ensure the collection of independent, fair, and standardized psychological feedback. Finally, three preexisting personnel security resources were identified to inform future clinician training program implementation efforts. These three resources are described further in this report along with various "next step" recommendations to move this initiative toward an implementable training solution.
This report outlines the results of the latest Review of Adjudication Documentation Accuracy and Rationales (RADAR) evaluation, conducted on adjudication decisions made during FY16. It is part of an ongoing effort to ensure adjudication documentation quality within DoD. This evaluation builds upon previous RADAR work by assessing continued compliance with standards and providing recommendations for improved metrics and adjudication documentation practice (Nelson & Tadle, 2014; Nelson & Tadle, 2017).
This report documents the validation of business rules for the Office of Personnel Management’s Tier 3 (T3), Tier 3 Reinvestigation (T3R), and Tier 1 (T1) investigation products. The Defense Personnel and Security Research Center collaborated with an interagency working group of personnel security and suitability experts on business rule development for T3 and T3R. The results of rule development and validation provided useful evidence that the proposed T3/T3R rules, while very conservative, could safely electronically adjudicate clean cases. The Security and Suitability Executive Agents approved T3/T3R business rules in September 2016 and DoD’s Consolidated Adjudications Facility subsequently implemented them. Following development of T3 rules, the working group requested that the Defense Personnel and Security Research Center assist in developing rules for T1 electronic adjudication (eAdjudication). The results of validation indicated that the T1 eAdjudication business rules could successfully eAdjudicate both Suitability and Homeland Security Presidential Directive 12 case types. The executive agents approved the business rules in March 2017.
Postvention refers to any activity that aims to alleviate the psychological pain of a suicide loss survivor and to reduce the harmful effects of suicide exposure, especially suicide contagion. The goal of this study was to determine whether suicide loss survivors have any unique psychological needs (compared to accident loss survivors) that are currently unmet by postvention services provided by the DoD. To address this, researchers administered a survey to survivors (next of kin [NOK] and fellow unit members) of suicide or accident loss that assessed survivors’ usage of and satisfaction with DoD postvention programs and services as well as survivors’ current psychological functioning. Results indicated that NOK and fellow unit members of Service members who died by suicide from 2010 to 2014 experienced significantly higher levels of shame and stigma compared to survivors of Service members who died in accidents (e.g., motor vehicle accidents) in the same time frame. This association was not mediated by differences in overall postvention satisfaction. However, higher levels of postvention satisfaction were associated with better psychological outcomes for both suicide and accident loss survivors. Among NOK, suicide loss survivors reported significantly less satisfaction with their experiences around the death investigation than accident loss survivors. Among fellow unit members, suicide loss survivors reported significantly less satisfaction with unit leadership and funeral or memorial services. Open-ended items contextualized these findings and brought forward other important survivor needs. Synthesis of the quantitative and qualitative data yielded nine main findings. Recommendations
The report describes characteristics of 209 Americans who committed espionage-related offenses against the U.S. since 1947. Three cohorts are compared based on when the individual began espionage: 1947-1979, 1980-1989, and 1990-2015. Using data coded from open published sources, analyses are reported on personal attributes of persons across the three cohorts, the employment and levels of clearance, how they committed espionage, the consequences they suffered, and their motivations. The second part of the report explores each of the five types of espionage committed by the 209 persons under study. These include: classic espionage, leaks, acting as an agent of a foreign government, violations of export control laws, and economic espionage. The statutes governing each type are discussed and compared. Classification of national security information is discussed as one element in espionage. In Part 3, revisions to the espionage statutes are recommended in light of findings presented in the report.
The purpose of the current study was to (1) provide an initial examination into mental health-related incident reporting trends and to (2) evaluate associated policy and reporting practices as they occur in the field. To this end, FY10-FY15 Joint Personnel Adjudication System (JPAS) incident reports were analyzed, mental health reporting policies were reviewed, and interviews with personnel security subject matter experts (SMEs) were conducted. Findings uncovered that approximately 6% of all incident reports pertained to Guideline I issues (as entered by security managers [SMs]). Further, the bulk of these incidents encompassed suicide attempts, suicidal ideation, and/or depression. Although the recently released DoD Manual 5200.02 (Procedures for the DoD PSP) now includes “suicide threats, attempts, or gestures or actions” as a specific reportable behavior, it is not clear how SMs should follow-up with subjects once these incident reports are established. Policy review and SME discussions underscore the need to further clarify mental health-related reporting requirements (generally) and to provide guidance to SMs and other involved parties about how best to help subjects when self-harm is a relevant concern. Recommendations are also made to clarify how local personnel security files should be maintained and/or shared across DoD’s personnel security community and to begin tracking frequency and timeliness metrics for all incident reporting. Annual incident reporting metrics would help DoD better understand trends and gaps in both Guideline I and Non-Guideline I vetting procedures alike.
This report outlines the results of the latest Review of Adjudication Documentation Accuracy and Rationales (RADAR) evaluation, conducted on adjudication decisions made during fiscal year (FY) 2015. It is part of an ongoing effort to ensure adjudication documentation quality within the Department of Defense (DoD). The RADAR FY15 evaluation builds upon previous RADAR work by assessing continued compliance with standards and providing recommendations for improved metrics and adjudication documentation practice.
Despite the importance of both suicide and violence prevention in the military, little is known about how these behaviors relate to one another. The current research sought to elucidate the relationship between early warning signs for suicide and violence in a military population. This study included a review of 200 military law enforcement records maintained by the Naval Criminal Investigative Service (NCIS) and identification of early warning signs that may be observable to military law enforcement personnel. Statistical analyses tested for differences in warning signs between cases of suicide, violence, or both suicide and violence. The suicide-only and suicide/violence groups were more likely than the violence-only group to show early warning signs for: (1) psychological issues of depression, anxiety, hopelessness, a mental health diagnosis, and participation in treatment, (2) physical changes and impulsive behaviors, particularly substance abuse, (3) social warning signs, specifically social withdrawal, and (4) occupational issues, including diminished performance and interest at work. By contrast, the suicide/violence group was more likely than the other groups to show early warning signs of anger and aggression. Our findings suggest that Service members at risk for both suicide and violence are similar to those exclusively at risk for suicide, and they each differ from those solely at risk for violence. Our findings also suggest that the emotional trajectory that those who are both suicidal and violent follow is more aggressive, hostile, and angry than those who are either strictly suicidal or violent. The findings from this effort may enhance the ability of law enforcement and command personnel to prevent further acts of suicide and violence among military personnel. Recommendations for policy and future research are discussed.
Rare incidents of violence and suicide are often highly sensationalized in the media. This report describes a research effort to understand the emotions, cognitions, attitudes, and behaviors expressed on social media by Service members who died by suicide and exhibited violent cognitions, emotions, or behaviors (VCEB). Using social media and online news articles, results demonstrated that Service members who showed VCEB were more hostile online, discussed more life stressors, used more substances, and were the subject of greater negative peer influence. In addition, Service members who died by suicide used a significantly more negative tone than Service members who died by other means. Finally, Service members who died by suicide and exhibited VCEB showed many of the same characteristics as those who only showed VCEB; however, they also showed lower self-esteem, suggesting that this is a unique predictor of the combination of violence and suicide. Recommendations for policy are discussed, including possible areas for intervention and training with respect to social media.
Individuals vetted by the government for initial or continuing eligibility to access classified information must fill out a personnel security questionnaire as part of a screening process designed to identify those who are not likely to be trustworthy, reliable, or loyal to the United States. Question 21 in the Questionnaire for National Security Positions (SF-86) currently identifies too many individuals for investigative follow-up who do not have a mental health condition that poses an unacceptable risk, and likely misses other at-risk individuals. A proposed “relevant risk” approach to Question 21—focusing only on standardized clinical conditions that could pose a security risk as well as mental health related hospitalizations—would not represent an obstacle to mental health care for the vast majority of personnel and would be consistent with Department of Defense (DoD) policy to foster a culture of support with respect to mental health. This approach would reduce the costs associated with unnecessary Question 21 follow-up investigative work, as well as much of the stigma related adverse consequences associated with the current Question 21. At the same time, it would be more effective in identifying the small number of individuals with mental health conditions that may pose security risks. In addition, this report evaluates the benefits for both security and clinical care for having separate professionals conduct security fitness evaluations vice individuals’ mental health treatment.
TR 13-06 November 2013
The Automated Continuous Evaluation System (ACES) was developed by the Defense Personnel and Security Research Center (PERSEREC) through iterations of research and application of research findings to improve versions of ACES. ACES is an automated computer system that collects data from over 40 government and commercial databases. It uses an applicant’s personally identifiable information (PII) or the Standard Form 86 (SF-86) to check these data sources, verify what has been submitted, and collect more information. It applies business rules to the data, produces a report that flags issues of potential security concern, and electronically transmits the report to the approved recipient—typically an adjudication facility. Since 2008, the Joint Reform Effort (JRE) of the federal government has identified ACES as a capability for inclusion in the revised federal security clearance process, and various pilot projects have been performed demonstrating ACES’ capabilities for different federal agencies and with different types of investigations. Pilot projects have demonstrated that ACES will streamline the expensive security clearance and suitability vetting process and greatly reduce its cost. ACES can be used between background investigations to replace elements of initial investigations or reinvestigations, to prescreen military recruits, and in counterintelligence investigations. ACES can harness the power of automation to reduce costs, improve timeliness, and expand the range of information available to those who seek reliable, loyal, and trustworthy personnel.Download full reportBack to list
The hiring process for federal civilian employment includes steps to adjudicate applicant background information against standards of character and conduct to identify suitable personnel. DoD largely delegated suitability adjudication to its components and the components implemented unique suitability programs with minimal central oversight. This study gathered information about the DoD component suitability programs and generated a DoD-wide suitability process flow that summarized processes across DoD components, identified important considerations (including agency-unique requirements) for consolidating suitability adjudication at the DoD Central Adjudication Facility (CAF), and found additional research needs.
Accurate identification and assessment of employees with risky personality disorders is imperative for programs that involve access to nuclear materials, weapons, and biological select agents which depend on personnel maintaining mental health and reliable behavior. Certain risky personality disorders, however, are especially difficult to diagnose with routine assessment tools that rely on the subject’s self-report. To combat this issue, PERSEREC, in collaboration with Department of Energy, initiated a field test that examined whether an improved screening tool has utility for clinicians who routinely evaluate personnel in a high-risk program. Five clinicians used the Shedler-Westen Assessment Procedure (SWAP), along with its Dispositional Indicators of Risk Exposure (DIRE) subscale developed earlier, for a period of 4 months to evaluate 26 new candidates and current employees of concern. Debriefing interviews indicated that SWAP/DIRE was more effective than clinicians’ existing tools for establishing a positive rapport with the subject, assessing personality disorders, and making legally-defensible recommendations. Findings also include recommendations for using SWAP/DIRE methodology for identifying risky personnel.
The Adjudicative Guidelines serve several important and related functions in the Department of Defense. They describe the standards by which applicants are evaluated for eligibility for access to classified or sensitive information and for Sensitive Compartmented Information. They also guide adjudicators in their function of evaluating the information collected about applicants in background investigations and other records checks. This study traces the evolution of the guidelines through their various revisions, compares them to the Director of Central Intelligence Directive 1/14 guidelines for Sensitive Compartmented Information, and discusses the core issues that have persisted and those that have changed over time with changes in attitudes and social expectations.
This report presents the results from an ethnographic examination of a popular virtual social environment, Second Life, as the second part of a larger effort to study the impact of participation in cyber activities on personnel security and safety. Research has shown that cyber participation can spill over into individuals’ offline lives, which could be of security concern to the extent that their online behavior demonstrates poor judgment and/or undermines their reliability. Several immersive ethnographic methods were used in the present study, including participation observation, group discussions, and one-on-one interviews with 148 Second Life users who resembled the demographics of clearance holders. The reported findings include a description of behaviors of potential concern, a set of case studies that outline the behaviors of actual users, and a framework of user personas that attempts to distinguish between innocuous use of no apparent security concern from problematic use that may pose risks to national security. These findings contain implications for updating personnel security policy regarding cyber involvement.
Computers and related technologies, such as smart phones and video games, are now a common part of everyday life. Many people spend a large portion of their waking hours using and socializing through these devices, forming what is known as a cyberculture. Personnel security investigative and adjudicative standards were developed before these products were widely available; however, cyberculture bears relevance to personnel security due both to the presence of existing security issues and potential effects on psychological outcomes and workplace performance. Although cyberculture has many beneficial effects, this project evaluates how participation can negatively affect personnel security and employee performance. This initial report provides context, outlines presently actionable findings and strategies, highlights some questions that cannot yet be answered, and draws on outside research to guide future research. Information from many sources was examined, including academic research journals, other federal organizations, news reports, and cyber environments, to understand cyber activities relevant to personnel security. Participation is widespread in U.S. society and popular among all age groups. Some cyber activities, such as foreign associations, can be reportable per existing investigative criteria, so procedures should be updated appropriately and promptly. Other topics require research before action is recommended. One concern is how online disinhibition, where people who become more willing to disclose personal information, deceive, or become hostile, affects personnel security. Increased willingness to disclose may amplify the counterintelligence concerns for individuals targeted by hostile parties. There are also many potential negative effects on impulse control, mental health, physical health, and workplace behavior. Future research is intended to further guide policy, workforce awareness, investigations, and adjudications.
Social networking sites, blogs, and other online postings may provide relevant and useful information about people applying for, or serving in, law enforcement positions. Online content may corroborate or contradict personal data listed on a resume or other employment forms. Furthermore, information posted on the Internet could reveal that the subject of interest has engaged in behaviors that call into question his or her ability to serve in a public safety position. Today, conducting electronic searches for information on a specific person is relatively cheap and easy because of increased access to the Internet, use of online search engines, accessibility of public records, and use of social networking and picture-sharing websites. The International Association of Chiefs of Police and PERSEREC worked collaboratively to identify the benefits and drawbacks of cybervetting and to provide guidance to law enforcement administrators on the development and implementation of a cybervetting strategy.
The material in this document covers important considerations for measuring investigation quality and reviews two investigation quality measurement approaches. PERSEREC assembled the material into document format in September 2009, at the request of the Office of the Under Secretary of Defense for Intelligence. The material was initially prepared in December 2008 for presentation to staff from the Office of the Director of National Intelligence, who were serving as representatives of the Performance Accountability Council (PAC), Performance Measures and Management Subcommittee (PMMS). PMMS developed the first approach covered in this document. The PMMS approach relies on a paper-based investigation quality measure and collects information about a sample of all investigations, including both deficient and satisfactory investigations. The Department of Defense (DoD) developed the second approach. The DoD approach uses a computer-based investigation quality tool called the Rapid Assessment of Incomplete Security Evaluations (RAISE). RAISE collects more systematic information about deficient investigations. A review of the two approaches shows that the PAC approach has several significant weakness and that RAISE assessments will be more timely, complete, accurate, reliable, and actionable. RAISE best supports the investigation quality assessment, longitudinal tracking, and continuous improvement needs of the Joint Suitability and Security Reform Team.
PERSEREC and the Department of State (DOS) collaborated to test whether background investigators are able and willing to conduct interviews with a tablet computer. Discussions were held with seven DOS investigators to understand the current DOS vetting process and needs. Following this, realistic simulated cases and prototype tablet software were created through consultation with two investigators. Finally, independent 3-4 hour test sessions were held with eight participating investigators to: (1) teach them how to use the tablet computer, (2) perform a simulated interview on paper in the normal fashion, (3) perform a simulated interview using the tablet computer, and (4) complete questionnaires and provide feedback on the system. The findings were very favorable for tablet computers. The tablets required minimal training, seven of the eight participants preferred the tablet to the paper method, and many investigators were eager to use tablets as soon as possible. The suggested next steps include (1) reevaluating what is possible and appropriate for field interviews with computerized workflow, and (2) developing tablet and case management software.
This report documents the rationale and process for developing the Insider Risk Evaluation and Audit Tool to be used for assessing insider risk within an organization. Based on past studies of insider behavior, the authors identify several areas of effective management intervention to mitigate the probability of damaging behaviors. For each area, a series of self-audit questions point to the presence or absence of policies, safeguards, or best practices that should be considered as proactive measures to minimize insider risk. The tool itself, which can be read or downloaded from the products section of this website, was developed for use by security managers and their counterparts in human resource departments. The goal of self evaluation is to minimize the risk of a broad range of adverse insider behaviors from misuse of IT systems to espionage. The study recommends that the tool, which this report describes, can be used to assess an organization’s current level of vulnerability to adverse insider behavior and as an aid to the formulation of an insider risk mitigation plan that is both preventative and proactive.
The purpose of the work described in this report was to develop performance measures and gather baseline performance data for the DoD Personnel Security Program. The performance measures addressed DoD interest in program performance and also met requirements of the Office of Management and Budget (OMB) Program Assessment Rating Tool (PART). Performance measures targeted three stages of the personnel security program: (1) Personnel Security Questionnaire (PSQ) submission, (2) investigation, and (3) adjudication. For each stage, measures were identified or developed to measure cost, quality, and timeliness. The research further targeted three types of personnel security cases: (1) Secret cases, (2) Top Secret/ Sensitive Compartmented Information (SCI) - Initial cases, and (3) Top Secret/SCI - Periodic Reinvestigation (PR) cases. The data collection verified that the measures were useful and provided information about program performance in important areas. Three key performance areas were identified for the DoD Personnel Security Program: (1) cost, (2) quality, and (3) timeliness to provide DoD with useful performance information for program oversight and management. Staff at the Office of the Under Secretary of Defense for Intelligence, Security Directorate, received updates and result summaries at earlier stages in the project, as needed to meet PART reporting requirements.
This review of social science and policy literature explores the assessment of allegiance to a nation state during a period of globalization, when many trends appear to change or undermine earlier assumptions about allegiance. It discusses global mobility and immigration trends, and the impact of transportation and communications on patterns of mobility such as “transnational” life or the “sojourner.” It explores the impact of increasingly common dual or multiple citizenships on the meaning of allegiance based on territorial citizenship. It surveys social psychological studies of group processes and political socialization. It lists insights these studies offer for ways to think about allegiance and proposes further research and discussion on how to adjust personnel security procedures to the challenges posed by globalization.
Espionage by Americans is the worst outcome of insider trust betrayal. PERSEREC monitors and analyzes espionage by Americans in order to improve understanding of such trust betrayal by a tiny minority of citizens. This is the third in a series of technical reports on espionage based on the PERSEREC Espionage Database, files of information from the press, and scholarship on espionage. The focus of this report is on changes and trends in espionage by Americans since 1990, compared with two earlier cold War periods. Findings include: offenders since 1990 are more likely to be naturalized citizens, and to have foreign attachments, connections, and ties, and therefore they are more likely to be motivated to spy from divided loyalties; money has declined as a primary motive for espionage although it is still common, and since 2000 no American is known to have received payment for spying; many recent spies have relied on computers, electronic information retrieval and storage, and the Internet. The most recent cases suggest that global terrorism is influencing the crime of espionage by Americans, and that espionage statutes need revision.
The present research is the second in a series of studies to evaluate preliminary decision rules and provide automated approval estimates for a DoD Adjudication Decision Support (ADS) system. The long-term goal of the ADS program is to develop a system that will automatically evaluate completed personnel security investigations in accordance with the Adjudicative Guidelines for Determining Eligibility for Access to Classified Information (December 29, 2005) and using decision logic comparable to the logic of expert adjudicators. The ADS system will process closed personnel security investigations in accordance with national guidelines before distribution to the DoD central adjudication facilities (CAFs). The system will identify information that is relevant to clearance eligibility determinations based on decision rules established by policy, senior adjudicators, other personnel security experts, and empirical research on past determinations. Cases that contain appropriately little adverse information will qualify for automatic approval. This should greatly shorten case processing times for the cleanest cases, facilitate the initial review of complex cases by adjudicators, reduce the overall workload at the CAFs, increase adjudication consistency, and facilitate case assignment.
Accurate annual predictions of personnel security investigation (PSI) requirements are important for the DoD budgeting process and for ensuring that the necessary resources are available. The Defense Security Service (DSS) currently obtains PSI prediction estimates through an annual survey of cleared industrial facilities. However, actual PSI requirements often differ substantially from PSI predictions. At the request of DSS, PERSEREC reviewed DSS prediction methods, explored supplementary data that might enhance predictions, then developed and tested a new, adjusted prediction method. The new method holds promise for improving PSI prediction accuracy.
Government, government contractors, and the military services need to field well-trained and competent security personnel. Adequate training is essential for competent performance. Despite this fact, several national-level security reviews and audits performed in the last decade have criticized the training and performance of security personnel. In 2002, the Joint Security Training Consortium (JSTC) requested PERSEREC to conduct research and development work to improve the training and professional development of security personnel. The work covered in the present report was driven by a subsequent JSTC tasking to develop skill standards for security practitioners, a logical extension of PERSEREC’s earlier project to develop a baseline definition of the security profession. Panels of subject-matter experts developed taxonomies describing the work performed by security practitioners in seven security disciplines: physical security, information security, personnel security, security investigations, security management, communications security, and information systems security. The seven taxonomies were intended to be the first step in developing an authoritative description of what security personnel do on the job. The skill standards appended to this report were intended for federal-wide application. More recently, skill standards for work in four core security disciplines were developed by the DoD on which to base a comprehensive professional certification program for its security practitioners.
This report identifies and explains the rationale for the more significant changes to the Adjudicative Guidelines as approved by the President on December 29, 2005. The revised guidelines update the Adjudicative Guidelines that were previously approved by the President in 1997. The initial draft of the updated guidelines was prepared by and coordinated within the DoD by PERSEREC. That draft was then reviewed and revised by a subcommittee of the Personnel Security Working Group prior to submission to the National Security Council Policy Coordinating Committee.
The report provides an analysis and overview of findings based on 10 detailed case studies of IT insider offenses that are contained in a companion report, “Ten Tales of Betrayal: The Threat to Corporate Infrastructures by Information Technology Insiders Report 2 – Case Studies. (FOUO)” These case studies describe the actions of disgruntled or malicious insiders who attack or misuse a corporate information system for personal motives. In most cases there is a clear intent to inflict damage to the system. In Report 2, the authors discuss and compare background factors that contributed to the damaging event under five headings: Subject and Attack Characteristics, Personnel Screening, Attack Detection, Organizational and Social Environment, and Personnel Management Issues. Although this research is confined to a limited number of cases, it offers general observations that have clear implications for policies and best practices that address the threat posed by at-risk employees. The level of risk in any organization appears to rise with the level of personnel stress and an adverse social climate. Furthermore, a limited window of opportunity is open for management to intervene when personal disgruntlement surfaces. The authors also identify a lack of preemployment screening, poor termination policies, unmonitored remote access to the system, inadequate security training, and weak or unenforced security policies as factors that intensify risk of insider abuse.
PERSEREC has conducted a series of studies aimed at improving the use of investigative resources. Following research that showed that investigative sources differ substantially in terms of their ability to yield issue-relevant information, a new reinvestigation model was developed and tested—a two-phase Single Scope Background Investigation-Periodic Reinvestigation (SSBI-PR). In a two-phase periodic reinvestigation, Phase 2 sources (developed and listed references, residence interviews, and residence records) are used only in cases in which Phase 1 sources (all other sources) yield issue-relevant information. Findings of the initial phasing study, and subsequent research, showed that phasing saves substantial resources with very little loss of derogatory information. In the summer of 2002, the Deputy Assistant Secretary of Defense (Security and Information Operations), with the support of the intelligence community, approved implementation of a phased SSBI-PR for a 1-year test period. In October of Fiscal Year 2003, Defense Security Service (DSS) implemented phasing. This study documents the findings of an evaluation of phasing as implemented by DSS. Similar to findings of previous phasing studies, results of this evaluation show that the most productive sources can be used to identify SSBI-PRs where the least productive sources are most likely to yield derogatory information— that it is unnecessary and not cost-effective to use the least productive sources in all SSBI-PRs. Findings of this study suggest that whatever the cost of conducting the 15,668 periodic reinvestigations in Fiscal Year 2003 would have been without the implementation of a phased SSBI-PR, in implementing phasing, DSS reduced these resource requirements by approximately 22%.
This study explores technological, social, and economic trends in the United States and globally that are serving to increase opportunity and motivation for espionage. Findings suggest that American insiders have an unprecedented level of access to classified and proprietary information due to technological advances in information storage and retrieval. American employees have greater opportunity to establish contact with foreign entities and to transfer information to them through traveling internationally more often and by participating in international research and business ventures more frequently. Internet use is expanding globally and computer users are becoming more culturally and linguistically diverse. The Internet can be used to transmit massive amounts of digitized information to multiple foreign parties simultaneously. Finally, the market for U.S. information is expanding. American insiders can sell more types of information to a broader range of foreign buyers than ever before. In addition to these new opportunities for espionage, American employees are more often encountering situations that can provide motivation for this crime. More insiders are experiencing financial problems and gambling addiction, both of which can provide impetus for workplace theft. Loyalty to organizations is diminishing and a greater proportion of American workers are at risk for becoming disgruntled. A growing number of insiders have emotional and financial ties to other countries. Under some circumstances, insiders with loyalties to other peoples may be less inclined to view espionage as morally wrong. It is possible that some insiders with a global orientation to world affairs will view espionage as morally justifiable if they feel that sharing information will benefit the “world community” or prevent armed conflict.
PERSEREC recently conducted a study of supervisor and coworker reporting of security-related information. Explanations were offered by security managers and by focus group participants as to why many security-related behaviors are underreported. The main problem is that people are hesitant to report suitability behaviors, such as excessive drinking, because they are not able to see a direct link between the particular human problem and national security. Consequently, PERSEREC developed a clear, succinct list of behaviors that could pose a potential threat to national security and thus should be reported if observed. Members of various counterintelligence agencies in the government reviewed and edited this list. PERSEREC developed a brochure based on these items as an educational tool to help DoD components and other departments that have need of security education materials on supervisor and coworker reporting or for counterintelligence briefings.
Download full reportBack to list MR 05-05 April 2005
The Intelligence Authorization Act for Fiscal Year 2004 required the Director of Central Intelligence, the Secretary of Defense, the Attorney General, the Director of the Office of Personnel Management, and the heads of other appropriate Federal departments and agencies (as determined by the President) to jointly submit a report to Congress that evaluates and makes recommendations regarding (1) the utility and effectiveness of personnel security background investigations and clearance procedures of the Federal government, (2) the costs and benefits of conducting background investigations for Secret clearances with those of full-field investigations, and (3) the standards governing the denial and revocation of security clearances. At the request of senior staff at the Director of Central Intelligence Special Security Center and the Counterintelligence and Security office of the Under Secretary of Defense for Intelligence, PERSEREC reviewed relevant personnel security literature, such as executive orders, commission reports, Congressional testimony, and research and policy papers, to summarize information and make recommendations that address the Congressional report objectives stated above.
In early 2004, PERSEREC was tasked and sponsored by the Office of the Secretary of Defense Accession Policy Directorate to identify what the Armed Forces are doing to screen for terrorists in the enlistment process. The authors (1) reviewed recent literature and intelligence reports to identify and understand active anti-American groups of concern for military enlistment, (2) reviewed all relevant executive orders, DoD directives, and Armed Forces instructions and regulations, and (3) visited recruiting and military entrance processing facilities across the United States, interviewing personnel at each. The report focuses primarily on individuals joining the enlisted ranks rather than on those entering the U.S. Army’s 09L Military Occupational Specialty (MOS), officers, and direct commissions (chaplains, nurses, lawyers, engineers, etc.). In many ways, however, findings from the study bear on these other groups as well. Findings in the report are presented within the following areas: arriving at a working definition of a terrorist; characterizing the threat; suspicion indicators of potential terrorist allegiances; policies; screening procedures; suspicious incident reporting procedures; and training and education. The research found some evidence of small numbers of persons enlisting in the Armed Forces who are sympathetic to or participants in terrorist groups. At the same, the Armed Forces have implemented many policies and practices designed to specifically, or by default, enable detection of and response to such individuals. Some areas where these policies and procedures can be made more efficient or effective are also addressed.
PERSEREC developed and implemented the Professional Development Survey on behalf the Joint Security Training Consortium (JSTC). The purpose of this research was to assess the views of the general security workforce concerning the state of the profession and the need for training and professional development programs. Previous PERSEREC research examined the opinions of high-level security managers from five sectors of the Federal security workforce (military departments, Defense agencies, intelligence community agencies, and non-DoD agencies). This report summarizes the results of general survey data from security practitioners at all grade levels in the department. However, the authors believe there is currently little uniformity among training programs. Contrary to managers’ expectations, practitioners support the use of certification as a requirement for advancement. Results of this study will be useful in evaluating and improving security training and development programs.
PERSEREC examined government requirements that cleared supervisors and employees report to security managers behavior they observe among subordinates and coworkers that they believe to be security-relevant. Despite formal policies, very few reports are made. Authors reviewed research literature and discussed the topic with personnel security and management personnel in 20 government agencies and with supervisors and coworkers in focus groups. While supervisors and employees are not averse to reporting genuine security infractions, they rarely report other behaviors. They are confused about precisely what to report and they anguish over reporting gray-area behaviors they do not consider to be necessarily connected to security. The study recommends that DoD Directive 5200.2-R be modified to include supervisor and coworker reporting as a priority and to protect the confidentiality of people who report, if requested. It recommends that PERSEREC, with the help of counterintelligence and security personnel, develop a list of behaviors that pose a palpable threat to national security and must be reported, if observed. The list will contain behavioral examples to clarify what is considered egregious and critical to national security. It is also recommended that the ASD(C3I) issue a memorandum advising certain changes be made in the government’s philosophy, i.e., that the personnel security community be more proactive in ensuring that personal problems get addressed before they become security problems.
Analyses of 150 cases of espionage against the United States by American citizens between 1947 and 2001 provide detailed data on the demographic and employment characteristics of American spies, the means and methods they used to commit espionage, their motivations, and the consequences they suffered. Collected materials on the cases supplement the analyses conducted with a database that allows comparison of groups and the identification of trends. Factors highlighted include changes in espionage by Americans since the end of the Cold War and the impact of globalization and networked information systems on the practice of espionage.
PERSEREC, together with the Defense Security Service (DSS), conducted a pilot test of a phased reinvestigation. In a phased reinvestigation, information collected during Phase 1 is used to determine what additional investigative steps are appropriate for Phase 2. If Phase 1 turns up issue-relevant information, Phase 2 is conducted to complete a full-scope reinvestigation. If Phase 1 turns up no issue-relevant information, the investigation is considered clean and no further investigation is done. This is the final report on that test. The test confirmed that a phased reinvestigation can save substantial investigative resources while missing very little information. No information at all would be missed in any case on which some adjudicative action would be taken.
The purpose of this report is to present basic background information and a series of recommendations concerning a problem of growing importance to the DoD: How does DoD encourage people to deal with their personal problems while at the same time maintaining personnel security requirements for people who have access to classified information? This report, designed for the policymaker, answers three questions: what is the problem; why does this problem need to be addressed now; and what can policymakers do about the problem?
This study examined the relationship between DoD security policy and Federally mandated Employee Assistance Programs (EAPs) for civilians and counseling/referral services for military personnel to identify any barriers for cleared DoD employees to using these programs. The study, based largely on interviews, but also on focus-group information and on a review of policy documents and other literature, found that policy is in place to help cleared individuals with personal problems get access to the counseling and treatment they need. However, research showed that cleared employees, civilian or military, often remain suspicious that their attendance at such programs will result in clearance revocation. Thus, some consult counseling programs outside the Federal system, eschewing the very programs that the government has set up to help them. Report 2 documents the research and presents findings and conclusions; it also contains a series of appendices that provides background information for the interested reader on such topics as the EAP movement, military counseling/referral programs, and DoD personnel security policies and programs.
PERSEREC undertook this project to assess the degree of public support for various national security issues. PERSEREC commissioned the National Opinion Research Center at the University of Chicago to include questions on its 1994, 1996, 1998, and 2000 general Social Surveys. PERSEREC collected attitude information relative to seven issues: (1) need for secrecy in various areas of government activity, (2) government’s need to collect information on individuals vs. people’s privacy rights, (3) public support for various security countermeasures, (4) government’s right to know mental health information, (5) loyalty to employer versus coworkers, (6) punishments for various acts of trust betrayal, and (7) perception of threats to the United States.
A six-person team of highly experienced personnel security adjudicators and investigators reviewed 4,721 case files at four agencies routinely conducting the Single Scope Background Investigation Periodic Reinvestigation (SSBI-PR): DoD, Office of Personnel Management (OPM), Central Intelligence Agency (CIA) and National Reconnaissance Office (NRO). Information was obtained regarding subjects’ backgrounds, the sources that were included in the SSBI-PRs, whether sources provided issue and/or mitigating information, and the type and adjudicative value of the information that was provided. Information yield was shown to differ dramatically across sources, and differences in source productivity were consistent across organizations. The SF-86, Subject Interview, and Credit Report consistently yielded issue and mitigating information most frequently. The majority of SSBI-PRs did not contain issue-relevant information and less than 5% of the SSBI-PRs resulted in actionable outcomes by the participating organizations. These and other findings provide a foundation for designing an improved SSBI-PR process. Using data from this study, a second PERSEREC report, A New Approach to the SSBI-PR: Assessment of a Phased Reinvestigation, demonstrates how a phased approach to the SSBI-PR process could achieve a more effective periodic reinvestigation program on a community wide scale.
PERSEREC conducted a study of the efficiency and effectiveness of Adjudicative Guidelines and Investigative Standards approved by the President in 1997. Results indicate that DoD has successfully implemented the Adjudicative Guidelines and Investigative Standards. On a summary measure the guidelines were rated as adequate. Those ranked highest in terms of their adequacy were: Foreign Preference, Emotional/Mental and Personality Disorders, Outside Activities, and Misuse of Information Technology Systems. A workshop attended by senior adjudicators suggested there may be a high level of consistency when applying the guidelines to identical cases.
PERSEREC has worked with the National Opinion Research Center from 1993 until 1998 to define the climate of public opinion in which government security policy is developed. Security-related items have been included in the 1994, 1996, and 1998 General Social Surveys concerning how much protection should be provided for national security information, the appropriate areas of inquiry for establishing eligibility for positions of trust, and acceptable methods for monitoring cleared employees. This report summarizes attitude trends and magnitudes of public support on these issues across the 4-year time span. In general, the data show that there is a solid and sustained endorsement for protecting various categories of national security information and a strong and continuing support for investigative inquiry into personal areas such as finances, mental health, criminal history, and substance abuse. Espionage is clearly perceived to be a serious crime that should warrant severe sentencing after conviction. However, there is mixed and uncertain support for security measures to ensure the continued reliability of cleared employees.
This study was undertaken to provide data on the yield of the sources contacted using the SSBI to policy makers deliberating the feasibility of shortening the scope of the SSBI to 7 years. Arguments for either retaining or changing scoping requirements can be supported by this study. In support of the 7-year scope, it was found that the Subject provides significant issue information in 81% of the cases and that 97.6% of all issues are developed within 7 years of coverage. However, for a small unrepresentative sample, if the Subject is discounted as a source of issue information, between 4 and 13% of denials come from sources beyond 7 years of coverage. Approximately 90% of non-subject disclosed information from the higher yield sources (relatives, employment, developed and listed references, and financial and employment records) was captured with a 7-year scope.
This study was undertaken to develop: (1) policy requirements for personnel security appeal boards (PSABs), and (2) options for incorporating a personal appearance into the process for appealing an adverse personnel security determination in DoD. Policy requirements for PSABs are recommended. Three options for handling personal appearances are presented and Option 2, which provides an appellant the opportunity to appear before a PSAB, is recommended.
The study was undertaken to develop a computer-administered security screening questionnaire for use with applicants to sensitive Navy ratings. A system was designed (Military Applicant Security Screening) and tested and evaluated at nine Military Entrance Processing Stations (MEPS). Data is presented concerning the amount of potentially derogatory information disclosed by questionnaire and the reactions of Navy classifiers who administered the system. Based on the favorable findings of the study, the Navy approved the system for implementation at all the MEPS.