Secretary of Defense Lloyd J. Austin III has tasked Defense Department components with implementing a series of recommendations aimed at improving classified information safeguards. This action follows the Pentagon’s review of departmentwide security programs and policies undertaken after the unauthorized disclosure of sensitive information discovered online in the spring.
The secretary's directive follows his approval of the initial findings of the 45-day review led by the undersecretary of defense for intelligence and security and the DOD chief information officer and director of administration and management.
"While the review found that a majority of DOD personnel with access to classified national security information, or as we call it CNSI, comply with security policies, procedures and processes, and recognize the importance of that information and maintaining our national security, the review also identified a number of areas where the department should seek to improve its security posture and accountability measures," a senior defense department official said today.
"These areas include improving individual and collective accountability for CNSI, the security posture at facilities used to develop, process and store CNSI and information sharing to ensure both appropriate security clearance eligibility determinations by the Defense Counterintelligence and Security Agency and appropriate access management by unit commanders, supervisors and their personnel," the official said.
The Pentagon initiated its review following the alleged unauthorized removal and transmission of classified documents by an airman in the Massachusetts National Guard. The classified documents were discovered in April after being shared in an online messaging platform.
As part of the review, the Defense Department components completed detailed questionnaires to self-assess their personnel security, information safeguarding and accountability, physical security and education and training posture.
Based on the findings from the review, Austin has directed DOD components to reinforce their existing policies and practices surrounding the security of classified information, update processes and procedures to ensure consistency throughout the department and implement new policies to address any gaps found during the review.
Austin has also tasked components with examining opportunities to tailor training and education to address security needs, implement improvements to data management and information sharing practices and to review and assess policies and procedures surrounding the accreditation and management of DOD facilities used to process and store classified information.
The secretary issued the new guidance in a memorandum to all DOD personnel on June 30.
Officials behind the review say they remain mindful of the need to "balance information security with the requirement to get the right information to the right people at the right time to enhance our national security."
"As [Defense Department] implements the recommendations and associated actions from this review, careful consideration will be given to guard against any 'overcorrection' which may impede progress on information sharing and operating models that better enable DOD to execute the National Defense Strategy and its overall mission," the Pentagon said in a release outlining the findings and recommendations.