The Government Wants You to Stop the Next Edward Snowden

NSA leaker Edward Snowden appears on a live video feed broadcast from Moscow at an event sponsored by the ACLU Hawaii in Honolulu on Saturday, Feb. 14, 2015.

Marco Garcia/AP

AA Font size + Print

NSA leaker Edward Snowden appears on a live video feed broadcast from Moscow at an event sponsored by the ACLU Hawaii in Honolulu on Saturday, Feb. 14, 2015.

New rules mean you could lose your security clearance if you don’t Say Something when you See Something.

If you have spent any time in Washington recently, you’re probably quite familiar with the ‘If you see something say something’ slogan promoted by the Homeland Security Department. For security clearance holders, the slogan is now more than a catchphrase. It’s a mandate.

Security Executive Agent Directive 3, or SEAD 3, is a part of the Insider Threat Program created by President Obama. It was signed on December 14, 2016, and will be implemented June 12. SEAD 3 standardizes reporting requirements for individuals with security clearances. Failing to comply with the new policy could cost you your job or your security clearance.

Government’s New Obsession: Insider Threats

At this point almost everyone in government has had some kind of insider threat awareness training. You can thank Chelsea Manning, Edward Snowden and Aaron Alexis for that. The greatest intelligence risks today aren’t necessarily from the outside—they’re from within the government itself, including the federal contractor community. The individuals with access to America’s secret hold the crown jewels. If they decide not to protect them, that creates serious problems.

Most research has determined insider threats aren’t born, they’re made. That means issues don’t generally present themselves upon an initial background investigation. In the five to 10 years between investigation and reinvestigation, a lot can happen. Uncle Sam is now making sure the policy is clear—it’s up to other cleared coworkers to report potentially troubling information; not just the clearance holders themselves.

What Needs to Be Reported?

This is not the time to start narking on your coworker who is repeatedly late. SEAD 3 outlines eight reportable issues coworkers should be aware of. They directly relate to the 13 adjudicative criteria all security clearance holders should be familiar with from filling out their SF86. They include:

  • Violating agency rules or security policies
  • Unexplained affluence
  • Alcohol or drug abuse
  • Misuse of government property or systems

You might wonder why SEAD 3 creates a separate list of reportable issues outside of the 13 adjudicative criteria at all. SEAD 3 does more than distill some of the security concerns addressed in the clearance application process, it calls out some of the issues research shows are common in insider threat cases. Specifically, a coworker known for following the rules who suddenly starts asking coworkers for their passwords could pose a security risk. Likewise, an individual who has always been careful to take care of government property who is now carelessly leaving it in his or her car may be more than forgetful. And just like the security clearance process itself generally includes multiple violations (a pattern of behavior), patterns of negative behavior are what the government is looking for in tracking the next insider threat.

Does the concept seem awkward to you? Many office conversations are, but just like telling Dave to please stop cooking fish in the office microwave, telling your security officer when your coworker suddenly starts asking for access to classified information they don’t need, or is driving a Corvette on a GS-11 salary is about the greater good.

And also keep in mind, reporting a potential issue is not going to get anyone fired. But if you see a pattern of behavior and knowingly, willingly look away because you don’t want to get a coworker in trouble, you could now be the one out of a job.

Lindy Kyzer is the editor of and a former Defense Department employee.

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Top 5 Findings: Security of Internet of Things To Be Mission-Critical

    As federal agencies increasingly leverage these capabilities, government security stakeholders now must manage and secure a growing number of devices, including those being used remotely at the “edge” of networks in a variety of locations. With such security concerns in mind, Government Business Council undertook an indepth research study of federal government leaders in January 2017. Here are five of the key takeaways below which, taken together, paint a portrait of a government that is increasingly cognizant and concerned for the future security of IoT.

  • Coordinating Incident Response on Posts, Camps and Stations

    Effective incident response on posts, camps, and stations is an increasingly complex challenge. An effective response calls for seamless conversations between multiple stakeholders on the base and beyond its borders with civilian law enforcement and emergency services personnel. This whitepaper discusses what a modern dispatch solution looks like -- one that brings together diverse channels and media, simplifies the dispatch environment and addresses technical integration challenges to ensure next generation safety and response on Department of Defense posts, camps and stations.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation


When you download a report, your information may be shared with the underwriters of that document.