U.S. Government Takes Steps to Improve Federal Background Investigations

Upon the successful completion of the 90-Day Suitability and Security Review , that was initiated by the Obama Administration after the increase in cybersecurity attacks last year, the Administration recently announced the implementation of two major changes that will help “modernize and strengthen the way we conduct background investigations and protect sensitive data.”

In a statement co-authored by James Clapper (Director of National Intelligence), Beth Cobert (Acting Director of the U.S. Office of Personnel Management (OPM)), Marcel Lettre (Under Secretary of Defense for Intelligence), Tony Scott (U.S. Chief Information Officer), and J. Michael Daniel (Special Assistant to the President and Cybersecurity Coordinator), the group outlined the forthcoming changes.  These include the creation of the National Background Investigations Bureau (NBIB) and transitioning control and management of the of the background investigations IT systems to the Department of Defense (DoD).

Per the accompanying fact sheet, the NBIB will assume the mission and responsibilities of the OPM’s Federal Investigative Services (FIS), which currently conducts approximately 600,000 background investigations per year for over 100 government agencies.  The NBIB will also be headquartered in Washington D.C. and report to the OPM Director. 

Though creating a new organization to better manage the background investigation process is a move in the right direction, one could argue that the real focus should be on the IT security backend/infrastructure.  That’s where the Department of Defense comes in.  Due to the DoD’s “significant national security, IT, and cybersecurity expertise” the Administration decided to leverage that expertise and will have the DoD design, build, secure, and operate the NBIB’s IT systems going forward.  In order to assist with this effort the Administration will request $95 million in funding in the President’s Fiscal Year 2017 Budget.

While the Administration works out the details on how best to implement these two major changes, it will continue to “build on the security measures that were implemented in response to the 2015 OPM cyber incidents.”  This entails: “expanding implementation of strong authentication for all users; increasing the number of scans for indicators of compromise; patching critical vulnerabilities; tightening policies and practices for privileged users; and identifying and prioritizing high value assets for additional security.”  With the implementation of these two new efforts along with updating current policies and procedures, the Administration is showing the nation and the employees/contractors that work for the federal government that keeping their personal information secure and private continues to be a national priority.

Article formerly posted at https://www.hsdl.org/blog/newpost/view/strong-u-u-s-government-takes-steps-to-improve-federal-background-investigations-u-strong