WASHINGTON – All Defense Department clearance holders are now under “continuous vetting” as part of a reform to the personnel security process that determines who should have access to classified information and secure facilities, the director of the Defense Counterintelligence and Security Agency said Tuesday.
The automated system constantly checks criminal records, credit ratings and other pertinent information for those with security clearances to “ensure the trustworthiness of the national security workforce” and “identify and address factors that may lead to insider threat incidents,” DCSA director William Lietzau told reporters at the Pentagon.
Continuous vetting replaces the prior process of periodic reinvestigations for clearance holders every five to 10 years. The idea is that the new program will identify potential security threats as they occur in real time, allowing risks to surface sooner to enable earlier intervention.
“If you get [charged with driving under the influence], that’ll come in the next day,” Lietzau said, explaining how fast the new system works.
Once the automated system alerts of a risk factor, staff at the agency then initiate an investigation to analyze whether the issue should be further analyzed or considered an active threat, he said.
In addition to criminal conduct, the system also analyzes suspicious financial transactions, domestic and foreign travel records, terrorism and counterterrorism databases and other public records for indicators of insider threats, Lietzau said.
The initiative is part of the director of National Intelligence’s Trusted Workforce 2.0, an interagency effort launched in 2018 to modernize the security clearance system to “deliver stronger security, faster processing and better information sharing,” the agency said in a statement issued Tuesday.
“It replaces a suite of outdated legacy IT systems that no longer meet the needs of the U.S. government,” DCSA said in the statement.
While all troops, Defense Department civilians and defense contractors with clearances are now in the system, Lietzau said 29 other federal agencies, including the Federal Aviation Administration and Department of Health and Human Services, are also vetting their clearance holders this way.
The system is already working, Lietzau said. In January, it detected a federal employee was under “an active investigation by another agency for potential terrorism activities, including a plan targeting United States facilities and ties to know or suspected terrorists,” he said.
In another case, the system alerted the DCSA that an arrest warrant was issued for a federal employee accused of attempted murder and felonious assault, Lietzau said. The agency then contacted law enforcement to validate the employee was the wanted person and provided information that helped police apprehend the suspect.
“The key is that the alert information developed through the DCSA continuous vetting system was received and validated five and a half years before the subject’s next periodic reinvestigation,” Lietzau said.
The DCSA is continuing to enroll other federal agencies in the program and working to expand data sources from which the vetting system can pull information, Lietzau said.
The agency is now running pilot programs to test how social media information could be included, Lietzau said. One day, biometrics beyond standard fingerprint analysis could be used, as well.
Whether or not that kind of information will be used, though, will be up to policymakers, he said.
“We’re building into the IT systems -- with a view toward the future – the ability to collect biometric data,” Lietzau said. “But there are all of the concerns that you can imagine that we work through and policymakers are working through.”