Insider Threat Special Report: Future Snowdens and Harsh Realities

By Mark Kelton

Kelton retired from CIA as a senior executive with 34 years of experience in intelligence operations. He is a partner at the FiveEyes Group; a member of the Board of Trustees of Valley Forge Military Academy and College; member of the National Security Advisory Board of the MITRE Corp.; member of the Day & Zimmermann Government Services Advisory Board; member of the Siemens Government Technologies Federal Advisory Board; and a member of the Board of BigMediaTV.

In the wake of the arrest of Central Intelligence Agency (CIA) officer Aldrich Ames as a spy, then-CIA Chief of Counterintelligence Paul Redmond commented, “There is an actuarial certainty that there are other spies in U.S. national security agencies, and there always will be.”  I recalled that statement when considering the recent arrest by the Federal Bureau of Investigation (FBI) of National Security Agency (NSA) contractor Harold Martin for the theft of highly classified documents and digital files.  While we know very little as yet about Martin’s actions and motivations, his case serves as a chilling answer to a question posed in the title of a recent article in The Atlantic, “Can NSA Stop the Next Snowden?” The simple answer to that question—if what is meant by “stop” is to prevent another malicious insider case akin to that of Edward Snowden from occurring—is no.  Nor can any other government agency give such a categorical assurance.   

At the same time, Martin’s detection and arrest lends support to the qualified judgment of the Director of the National Counterintelligence and Security Center (NCSC), William Evanina, that he was “pretty confident” the Intelligence Community (IC) could detect malicious activity on the scale carried out by Snowden.   Immediately after Snowden’s 2013 flight to the embrace of our adversaries, the IC moved to improve its insider threat defenses.  Great progress has since been made in hardening IC defenses.  A central component of that upgrade is the somewhat ominously titled “continuous evaluation.” 

Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.

Sign Up Log In


Related Articles

Search

Close