The federal government is establishing a new agency to handle background checks and investigations, and responsibility for protecting those records is being shifted from the Office of Personnel Management (OPM) to the Defense Department. The decision to change gears follows last year’s revelations of cybersecurity breaches of OPM’s systems, in which the personal information of 22.1 million current, former and potential federal employees was stolen.
Although the new agency, the National Background Investigations Bureau (NBIB), will be housed inside OPM, the DOD will be in charge of the IT systems and security for the bureau. The changes, which the Obama administration announced Jan. 22, come after a 90-day review of the federal background-investigation process, during which ways to enhance security for IT systems and networks were evaluated, according to a White House blog post.
As a White House fact sheet notes, OPM’s Federal Investigative Services (FIS) does the investigations for 100-plus agencies, which represent about 95 percent of all government background investigations. Included in the total are “more than 600,000 security clearance investigations and 400,000 suitability investigations each year.” NBIB will take over this gargantuan task and absorb FIS. And while the bureau will report to the director of OPM, “DOD will assume responsibility for the design, development, security, and operation of the background investigations IT systems for the new entity,” according to the fact sheet.
Speaking with reporters by phone the day of the announcement, Michael Daniel, special assistant to the president and cybersecurity coordinator of the National Cybersecurity Council, explained, “This entity will have a considerable amount of operational autonomy and will be elevated in profile, compared to the current existing structure,” Federal News Radio reports.
The DOD Takes Control
Pointing out the advantages of having Defense take the lead on securing NBIB’s IT infrastructure, the White House says in the blog, “This approach will leverage DOD’s significant national security, IT, and cybersecurity expertise, incorporating security into the fundamental design of the systems, strengthening the security of the data environment, and providing robust privacy protections.”
President Barack Obama will request $95 million for these IT capabilities in his fiscal year 2017 budget, the White House said. Also on the horizon is the creation of an “interagency cybersecurity advisory group to provide advice and counsel on system development and threat mitigation.”
According to the blog, “These efforts are supported by the Federal Chief Information Officer’s call to Federal agencies to phase out the use of legacy IT systems, where possible, and begin utilizing emerging technological tools and capabilities to adequately secure mission functions, systems, and information.”
DOD is confident that it can manage its new IT security responsibilities. “The reworking of the clearance process also gives us an opportunity to redesign the underlying information infrastructure in a way that takes advantage of our experience, technology and cyber defense operations capabilities,” Marcel Lettre, undersecretary of Defense for intelligence, said on the Jan. 22 call with reporters, according to FierceGovernmentIT.
As Nextgov notes, it’s unclear how long it will take to set up NBIB. The White House blog outlined the process, stating that the administration is forming a transition team to develop and put in place a plan to establish the bureau; to ensure the smooth transition of FIS IT system management to DOD; to incorporate FIS employees, responsibilities and support structure into NBIB; and to make sure that federal background checks are not disrupted during the transition.
Daniel told reporters on the call that the differences in the new system will be significant. “These are some really key changes in our view,” he said, according to The Washington Post. “They represent real change from how we’ve been doing business currently.”
“We think it’s a signify enhancement of our ability to modernize IT effectiveness for cybersecurity in this area. This is a great opportunity to leverage modern cutting edge tools and systems at DoD to implement significant reforms to the background investigation process,” Lettre added, according to the Post.