HomeNewsArticle Display

Air Force hub uncovers insider threats

Courtesy photo illustration

(U.S. Air Force Courtesy photo illustration)

JOINT BASE SAN ANTONIO-LACKLAND, Texas (AFNS) --

“If you make a mistake, it is better to acknowledge that one small mistake than let it snowball into something more significant.” This, according to Jason Barron, Air Force Insider Threat Hub deputy director for operations, is the key to safeguarding important information and resources.

As the Air Force’s defense against insider threats, identifying indicators of potential risk is the hub’s primary mission, but not all indicators they detect are symptoms of espionage or intentional wrongdoing. According to Barron, most indicators are unintended exposures, or the result of policy and training gaps.

“If someone is issued a speeding ticket, it does not necessarily mean they did something to indicate they are an insider threat; it all depends on the severity and quantity of unique indicators,” Barron said. “We may look for other indicators that, when put together, could mean something more substantial – even then, the team does not act individually against indicators discovered.”

According to Barron, personnel in the insider threat hub identify, aggregate, analyze and refer potential risk indicators. The teams relay their findings to other agencies for review and possible action. Additionally, the hub has a lawyer on staff to ensure any referrals are in accordance with established policies and laws.

“We provide information we find to authorities within the Air Force. When we identify something on an individual within the Air Force who might be a risk, whether intentional or otherwise, we provide that information to a decision maker in higher authority who is in place to determine whether an action needs to result,” Barron said.

Hub personnel also receive threat information from other sources.

“We might have a point of contact in the field who relays risk concerns to us,” Barron said. “The team in the hub can look into a reported concern and determine whether there is enough to consider it a viable threat.”

Workplace violence is another insider threat concern for the team.

“If someone commits a security violation but is cleared of espionage, that does not mean there is not a policy issue we could address,” said J.T. Mendoza, Air Force Insider Threat Hub deputy director for strategy and integration. “While it is difficult to quantify the damage someone caused when documents or classified items are taken, an act of violence is often more damaging due to human life being involved.

When Barron and his team established the 25th Air Force Insider Threat Program in 2014, their goal was to stop technical related insider threats before they grew into major breaches for the Air Force intelligence community.

Within the program, a myriad of staff members from varying backgrounds sifted through data in an attempt to locate indicators of threats and vulnerabilities. In April 2017, Air Force officials had enough confidence in the program capabilities that it became the services interim hub until a permanent Air Force hub could be established.

“During the year we were the interim hub, we put a lot of processes into place. We built a solid foundation from internal analysis, data integration, increases in manpower and capabilities and the implementation of reporting procedures,” Barron said.

The Air Force made a decision in October 2018 to transition the organization from being the interim hub to the permanent insider threat epicenter, while the team continued to prepare for the transition and acquire more space and personnel. Significant support and coordination from local 25th Air Force and Air Staff leadership was required to achieve this milestone.

“Preparations for the transition also included establishing the policies and documentation required to run a cooperative matrix organization,” Barron said. “We more than tripled the hub staff and added coordinating representatives within each major command.”

“One of the challenges we face is finding the right people and being able to train and develop them into what we believe is the right skill set,” he said. “There is no specialty code within the Air Force or department at large for what we do; we are creating most of our procedures as we go. We are where cyber was 10 to 15 years ago.”

Another challenge for hub personnel is figuring out how to share data between multiple agencies who might help connect indicators.

“Sharing information between organizations that have different authorities or conduct different missions is difficult,” Barron said. “The root of this mission is sharing risk information, just like commanders share information on the battlefield. It is a challenge across any mission set; how do I share the right information, at the right time, at the right level to make a decision?

“What we have done is partner within our matrix organization to put people from different agencies in the same place to allow ease and speed of sharing critical information,” he said. “Having that proximity to each other really helps speed up processes. If information is not documented and shared in an appropriate manner, you are going to have a hard time piecing dots together to look at information over time and mitigating threats.”

Since its inception, the Air Force Insider Threat Program has experienced many successes, ranging from notifying organizations of security shortfalls and identifying indicators of suicide, to de-conflicting individuals’ identities in reporting. Its next milestone will be reaching full operational capability status, expected in the next 12 months according to Barron.

The Air Force Insider Threat team encourages all Airmen, military, civilian and contractor, to contact their security office or appropriate chain of command to report potential insider threat incidents, including accidental or unintentional indicators; it could resolve potential incidents before they become legitimate threats.

Engage

Twitter
“Agility Prime is about creating a new path to adopt advanced technologies in the Department of Defense by working… https://t.co/rzS29Cvhd8
Twitter
During a visit to @TeamMinot, @GenCQBrownJr had the opportunity to see how Airmen maintained operations during the… https://t.co/Jot5OwF6sm
Twitter
RT @AirNatlGuard: .@PANationalGuard Medical Airmen with the 171st Air Refueling Wing honed lifesaving skills as part of an Ability To Survi…
Twitter
Registration for Hack-A-Sat 2, which enables security researchers of all levels to focus their skills and creativit… https://t.co/nxUKmkhiTA
Twitter
The Installation Resilience Operations Center prototype is a game-changing solution for enhancing base security, em… https://t.co/ATHhejDoQJ
Twitter
“It’s important that you will be able to lead through complex challenges,” @GenCQBrownJr said. “I really want to ch… https://t.co/UI86usPVtO
Twitter
VCSAF Gen David W. Allvin visited various @AFResearchLab facilities to see how the 711th Human Performance Wing is… https://t.co/F5tpk0Mabc
Twitter
Invisible Wounds: Signs and Symptoms The Invisible Wounds Initiative, an @AFW2 Support Program, leads in creating… https://t.co/4SeYhlQuua
Twitter
Maggie Gee and Hazel Ying Lee were two of the first Chinese-American aviators to join the Women Airforce Service Pi… https://t.co/txl43oLLRs
Twitter
RT @USAFCENT: Listen to SrA Francis Andrew, assigned to the 332nd Air Expeditionary Wing, tell his story as one of the 'Lost Boys of Sudan.…
Twitter
#ICYMI Aircraft loaded with #COVID19 supplies left @Travis60AMW, California, bound for India. This shipment was jus… https://t.co/YdYFniZyok
Twitter
“While there are a lot of people who have done great things in the #AirForce, we wanted to recognize diversity and… https://t.co/bTH2aP5emk
Twitter
“It is a real honor, and I wish I could be there in person,”@GenCQBrownJr said during his acceptance speech. “I’d r… https://t.co/DH5Ou832K5
Twitter
RT @RealAFOSI: 1/ OSI's Guam based Detachment 602 recently spent time strengthening relationships throughout the Commonwealth of the North…
Twitter
RT @grandslamwing: Mobilizing to assist - anywhere, anytime. Members from #TeamAUAB aboard a C-17 from @TeamCharleston took off to assist t…
Twitter
RT @AirNatlGuard: .@HiAirGuard Airmen deployed to California to participate in exercise Sentinel Response 2021 alongside @CalGuard Airmen a…
Twitter
.@GenCQBrownJr and @cmsaf_official discuss the best ways to help Airmen's talent to bloom. #Airmen #Questionshttps://t.co/GGDHJkiOOb
Twitter
Airmen at the 149th Fighter Wing, Texas, demonstrated an autonomous machine solution for an @AFWERX innovation init… https://t.co/5ZGnnOPfYi
Twitter
During a quarterly senior leader review, @KesselRunAF & @USAF_ACC leaders agreed the Air Operations Center Weapon S… https://t.co/FnXQYIiG86
Facebook
The newest Air Force Podcast recently dropped. Listen to a small snippet of CMSAF Kaleth O. Wright talk with Staff Sgt. New about resiliency. Listen to the entire podcast on Youtube: https://go.usa.gov/xpnAD or Subscribe to The Air Force Podcast on iTunes: https://podcasts.apple.com/podcast/the-air-force-podcast/id1264107694?mt=2
Facebook
Our mantra, "Always ready!" It's the spirit we fly by! #B2Tuesday
Facebook
Need some motivation to get your week started off right? Listen as CMSAF Kaleth O. Wright weighs in...
Facebook
The U.S. Air Force Academy gives its cadets some unique opportunities. Ride along one of this opportunities.
Facebook
A United States Air Force KC-135 Stratotanker refuels an F-22 Raptor over northern Iraq, Nov. 6, 2019. U.S. Central Command operations deter adversaries and demonstrate support for allies and partners in the region. (Video by Staff Sgt. Daniel Snider)
Facebook
Although the Silver Star is the third-highest military medal, it's not given often. Today, TSgt Cody Smith was the 49th Special Tactics Airman to receive this medal since Sept. 11th, 2001. Read more of TSgt Smith's amazing story: https://www.airforcespecialtactics.af.mil/News/Article-Display/Article/2024815/special-tactics-airman-battled-through-injuries-awarded-silver-star/fbclid/IwAR2LZWwx1VHdTnQe39rIEBOuJS_0JvMQBBGt7I-E6zsxxn-Lx9387yu43Bc/ Cannon Air Force Base Air Force Special Operations Command United States Special Operations Command (USSOCOM) U.S. Department of Defense (DoD)
Facebook
Tune in as our Air Force musicians along with other military musicians are awarded the National Medal of Arts.
Facebook
Like Us
Twitter
1,346,623
Follow Us