Today Secretary Panetta, Chairman Dempsey and General Counsel Johnson testified before the House Armed Services Committee in a closed hearing on the unauthorized disclosure of classified information.
The Secretary and Chairman Dempsey believe that the vast majority of the millions of defense personnel with security clearances would never leak classified material. However, they believe we must do more to protect sensitive information.
The Department of Defense has taken a comprehensive approach to address the issue of national security leaks. Personnel in all components are continuously working to protect classified information and identify those who do not uphold their obligations to protect national defense information.
Recent reforms at the department include:
- Improved training on handling and protecting classified information
- Issuance of new guidance on the protection of classified information
- Improvement of security on classified computer networks
- Implementation of President Obama’s Executive Order establishing an Insider Threat Task Force
- Mandating use of a department wide incident report system to track unauthorized disclosures
In addition, Secretary Panetta has directed that the department establish a new “top down” reporting system for monitoring national-level disclosures.
Current regulations mandate that every component within the department report unauthorized disclosures to a security officer for a preliminary review. The matter is also sent to the Under Secretary of Defense for Intelligence, who in coordination with the General Counsel, may refer matters to the Department of Justice for potential prosecution. This “bottom up” system requires that individuals report potential violations up the chain of command.
To ensure greater accountability and tracking of unauthorized disclosures, Secretary Panetta is directing a new “top down” approach as well. The Undersecretary of Defense for Intelligence, in consultation with the Assistant Secretary for Public Affairs, will monitor all major, national level media reporting for unauthorized disclosures of defense department classified information.
The Undersecretary of Defense for Intelligence will ensure that the appropriate component of the department has been tasked with investigating leaks and initiates the process for appropriate referrals to the Department of Justice.
Secretary Panetta also reiterated guidance issued by Secretary Gates that the Assistant Secretary for Public Affairs is the “sole release authority for all DoD information to news media in Washington.”
Finally, Secretary Panetta directed the Under Secretary of Defense for Intelligence, in consultation with the Assistant Secretary of Defense for Legislative Affairs to ensure the prompt and complete notification of these matters to Congress, when required.
The unauthorized disclosure of classified information jeopardizes national security and is a violation of department regulation, policy, and, in certain cases, a criminal act that should be prosecuted. The new actions directed by Secretary Panetta today, in addition to the many steps taken by department personnel in recent months, are aimed at ensuring that the department upholds the important requirement to safeguard America’s national security secrets.
Department of Defense Fact Sheet
Recent Actions to Counter Unauthorized Disclosures of Classified Information
The Department of Defense has taken a comprehensive approach to reducing unauthorized disclosures of classified information. The department is continuously improving its security posture and overall capability to prevent unauthorized disclosures. Today, Secretary Panetta directed:
- A new “top down” approach to improve reporting leaks of classified information. The Undersecretary of Defense for Intelligence, in consultation with the Assistant Secretary of Defense for Public Affairs, will monitor all major, national media reporting for unauthorized disclosures of defense department classified information. The Undersecretary of Defense for Intelligence will ensure that the appropriate component of the department has been tasked with investigating leaks and that the required legal referrals to the Department of Justice and Congressional notifications are made.
In addition, over the past months, the following actions have been taken to help safeguard classified information:
- Improved personnel training on how to handle and protect classified information. The department has updated its information assurance and information security training courses that all personnel are required to take each year. The department has developed training designed to help individuals know what to do if they suspect a threat from an insider or observe security incidents such as leaks of classified information.
- Clarification of Information Security Policy. The department published the 5200.1M Information Security Program Manual which contains clearer instructions as to what constitutes an unauthorized disclosure, reporting requirements, the conduct of preliminary inquiries and other investigations, as well as roles and responsibilities across the department.
- Automated Security Incident Reporting System. The department has put into effect for the first time an online reporting system for significant security incidents for use across the department. This capability went into full operation in December of 2011 and is currently under evaluation for improvements in data management and tracking of investigations and other associated actions.
- Lockdown of removable storage device use on the Defense Secure Network (SIPRNET). The department has deployed a host-based security system (HBSS) tool to virtually monitor every defense department computer. HBSS prevents the downloading of information onto removable storage like DVDs, CDs, and memory sticks, with very limited exceptions. The tool also sends an alarm any time someone tries to write classified information to such removable storage. For authorized exceptions, the tool audits any downloads of information.
- Improved monitoring of DoD networks. The department issued a cyber identity credential (Public Key Infrastructure certificate) to every person operating on the department unclassified network. That process is underway for the classified network as well. Department personnel are working with other federal departments and agencies to help them issue the same cyber identity credential to all employees who need to access any of the government’s secret networks.
- Improving the auditing of information accesses so as to spot anomalous behavior. Department information officers are assessing the use of HBSS and other tools to collect and centralize data about information accesses to more quickly improve detection of malicious insiders.
- Stepping up internal oversight and assessment programs. The department has established the first Defense Security Oversight and Assessment Program (DSOAP) to conduct on-site interviews and staff assistance visits to determine and proliferate best practices as well as assess security policy affects on components. The effort identifies policy changes and gaps and provides data to the Defense Security Enterprise to effect policy remedies.
- An “Enterprise Approach” to managing Defense Department security. In response to findings of the DoD IG and issues raised during the WikiLeaks investigation, the department is publishing the DoD Directive 5200.LL, Managing the Defense Security Enterprise. This issuance stands up an executive level governance structure aimed at creating strategic management of department investments in security resources. It is the first body to bring the functions of security, counterintelligence, and information assurance together for decision-making and proponency of the security mission and for its workforce.
- Comprehensive Insider Threat Program. The department has now initiated a comprehensive DoD Insider Threat Program which includes elements from Physical Security, Cyber Security, Counterintelligence, Antiterrorism, and Force Protection. A forthcoming DoD directive (2000.rr) will codify this approach to address aspects of the insider threat.
- Unauthorized Disclosure Working Group (UDWG) and Unauthorized Disclosure Action Plan. The Under Secretary of Defense for Intelligence has commissioned the UDWG in April 2012 to develop a strategy and plan of action and milestones aimed at improving our ability to prevent accidental and deter intentional public disclosure of classified national security information. The group has its plan in draft and is in the process of overseeing its execution.