US memo on insider threats leaked

A White House memo on how to improve data security in the wake of the publication of hundreds of thousands of leaked US documents on Wikileaks has been leaked.

The memo (PDF), which was circulated to the heads of US government departments and agencies on 3 January, was handed to MSNBC news. The document was formulated in response to leaks to the Wikileaks website by whistleblowers, and is designed for use by agencies handling classified material.

The memo asks whether government agencies that handle national security documents have adequate data security practices in place, including appropriate access controls. The document provides a checklist, with questions including whether disparate information about employee evaluations, polygraph tests, and IT auditing of user activities, are pieced together to give indicators of insider threats. The memo also asks whether the agency uses psychiatrists and sociologists to gauge employee 'despondence and grumpiness as a means to gauge waning trustworthiness'.

On 28 November, 2010 the White House asked agencies that handle classified national security information to review safeguards using teams of counterintelligence, security, and information assurance experts. The deadline for answers to the checklist is 28 January.

In December the UK government began its own information security review in the light of Wikileaks publishing sensitive US documents.