Hi everyone; it’s Kevin. Today is Wednesday, October 13th (date recorded). Over the weekend, the news broke that a Navy nuclear engineer, someone employed by Naval Reactors in Washington, and his wife are facing espionage charges for selling military secrets to people who they thought were representatives of a foreign country.
This hits pretty close to home and serves as a stark reminder on how important it is that we do everything we can to ensure EB technology remains U.S. technology. We want to continue to have an unfair overmatch against those who would do us harm, and it’s critical that we minimize any potential of insider threats here at EB.
Joining me on the podcast today are Mark Rayha, our Chief Financial Officer, and Matt Luxton, our General Counsel. Our IT organization, which provides the infrastructure behind our cybersecurity program, reports up though Mark. Our Security team, who actively monitors all potential threats, reports up through Matt.
Thank you both for joining me today to remind our listeners about the proactive measures we take to prevent insider threats here at Electric Boat. Matt, let’s talk about the general incidence of insider threats and what motivates people to commit these kinds of acts.
ML: Thanks Kevin. As this most recent case illustrates, rogue employees are a very real threat, and one that’s been increasing of late. In the last two years, we’ve seen a 50% rise in cases globally. Earlier this year, Eric Rommal, our Director of Security, was on the podcast with you, and he talked about how COVID has added additional stress, financial concerns and a political element to our lives that has driven people to behave very differently than they used to. And while the early reports of this most recent case mention money, I wouldn’t be surprised to find out these people felt like victims or held some sort of belief about our country that, in their minds, justified what they allegedly did.
I’m sure we’ll learn a lot more as this case unfolds, but personally, I can’t imagine how anyone could justify being a traitor to our country. Let’s talk about the behaviors that may indicate an employee or contractor could be an insider threat.
ML: Our team looks for odd behavior or changes in behavior. For example, is someone suddenly working odd or unsupervised work hours? Are they expressing anti-government and/or extreme political views? Do they express hostile behavior toward our company or our country? Are they spending a lot of time at the printer? Do they ask questions outside of their “need to know” topics? Do they seem to be living beyond their means? Are they having performance issues or expressing anger often?
There are, of course, life situations that can drive people to engage in these behaviors. Perhaps someone has a substance abuse or gambling problem, or maybe they have financial difficulties. Clearly, not all people suffering with these issues will turn to selling secrets, but these are the red flags that warrant further investigation. Once we’re made aware, we proactively intervene to help employees who may be going through a rough period in their lives. It’s a multi-disciplinary effort led by Security and supported by HR, Medical, Legal and IT; we use all of these resources to help employees who may be struggling with their emotional or financial health. Once we are made aware, we find that the vast majority of these cases are indeed employees dealing with personal issues, but with the remaining cases, where behaviors are more suspicious, we work with law enforcement, including the FBI and NCIS (Naval Criminal Investigative Service), to further investigate. The bottom line is we take the steps that are necessary to protect our employees, our company and our assets.
We’ve done a lot of work recently to cultivate a better working relationship with the FBI, NCIS and other investigative agencies to make sure that we understand the threats that are out there and are doing everything we can to protect ourselves. Mark, let’s talk about how our IT infrastructure is designed to protect us from these insider threats.
MR: In IT, we operate in conjunction with Security’s cyber team to formulate and enforce a set of guiding principles which ensures the security of our information. First and foremost, together we take a layered approach and duplicate protection in each one of those layers to the greatest extent possible. We want to be sure that we’re striking the right balance between protecting our information while minimizing the impact to our business. That’s what drives the principle behind giving employees the least amount of access necessary to perform their business function.
When it comes to storage devices and media, we are extremely careful and make it clear to employees about what they can and cannot do from day one of their EB careers. For example, all storage media, including USBs, external hard drives and CD ROMs and DVDs must be procured through the EBIT Service Portal; departments cannot use devices such as these that are procured through department office supplies. Storage medium must be encrypted before first use by our Information Technology Services team. Users who require these types of storage devices must be vetted by IT and approved by Security. The media cannot be connected to any unauthorized computers, it must be accounted for at all times, and it cannot be taken outside of the U.S. without the written approval of both the Legal and Security departments.
Thanks Mark. I know that for some of our folks who are new to working in a classified environment, the IT safeguards we put in place can seem like a heck of a burden, but we have to keep the big picture in mind. As this case demonstrates, our adversaries–in this case people who actually worked for Naval Reactors–work diligently and play the long game to gather our technology and intellectual assets in any way they can, including recruiting company insiders. We need to do whatever we can to prevent these threats—so what can employees do to help, Matt?
ML: Simply put, employees should be aware, not paranoid. Be aware of behavioral changes in a colleague, or someone acting hostile towards the company—you can report it through the Security team’s Insider Threat webpage. If it is someone struggling with personal issues, we can get them the help they need. But if it’s someone looking to do the U.S. harm, we can take appropriate steps to hopefully prevent it.
I agree; look, we don’t want people to be paranoid, but we do need people to be aware that threats to our national security are real and they are pervasive as we’ve learned from our relationships with NCIS and the FBI. When it comes to insider threats, we all share responsibility for being observant. The weapons systems that we build, submarines in particular, are in high demand and they are the unfair advantage that our enemies can’t replicate. So you can bet they covet the information that puts one of these together. So if you see changes in a colleague’s behavior, let Security know. As we’ve learned today, in most cases that just means someone may need some help in getting through a rough patch in their lives.
Thanks everyone, for all you do and for contributing to the security of our nation, in the submarines you design, build and maintain, and for keeping our technology American technology.
We’ll talk again soon; thanks for listening.
