This statement, echoed by many in government and directly by Vice Adm. Jan Tighe, deputy chief of naval operations for information warfare and director of naval intelligence, is a recognition that the insider threat problem is virtually impossible to defend against. “The dirty little secret, especially concerning the insider threat, is that the Navy was already working towards some solution in that regard before Snowden,” Tighe said in a luncheon keynote address on Dec. 7 at the C5ISR Summit in Charleston, South Carolina, regarding the trove of leaked documents from former government contractor Edward Snowden.
Tighe said the Navy was working a few initiatives on its own — though on a much smaller scale than the governmentwide, post-Snowden purge — that started down a path with a checklist of things the service could do to improve on the insider threat problem.
As the Snowden fallout became more clear, the whole of government started focusing on what technologies and alternative tactics can be used inside of the government to address the very real threat of future insiders, said Tighe.
One thing the government discovered, she explained, goes to the often duplicitous nature of cyberspace — many tools can be dual use. “In a lot of cases, the types of technologies that we would need to recognize anomalous behavior inside of our networks by a legitimate government employee is the same types of technology that would help us recognize bad guys that are coming in posing as legitimate users inside of our networks,” she said. There’s a natural nexus between the cybersecurity protections that we want to institute, or that we are instituting inside of our networks, and the insider threat detection.