Advertisements

IG Inspection of Diplomatic Security’s Directorate of International Programs: After Benghazi Chaos, Nothing to See Here

Posted: 2:52 am EDT

 

State/OIG inspected the Bureau of Diplomatic Security, Directorate of International Programs (State/DS/IP) from June 2 through July 2, 2015.  The February 2016 report was posted online on February 22, 2016. International Programs is tasked with “managing and directing all Bureau of Diplomatic Security programs and policies that protect the Department of State’s international missions and personnel from the threats of terrorism, espionage (human and technical), and crime.”

The directorate has been headed by DAS Christian Schurman, a Diplomatic Security (DS) Special Agent with 27 years of service since September 2014.  In the aftermath of the Benghazi attack, the State Department created a new Directorate of High Threat Programs which carved out from DS/IP approximately 30 overseas missions and the liaison and coordination responsibilities for 4 of the 7 DoD combatant commands: U.S. Africa Command, U.S. Central Command, Joint Special Operations Command, and the U.S. Special Operations Command.

Structure:

The Bureau of Diplomatic Security (DS) International Programs Directorate (DS/IP) provides leadership, support, and oversight of security and law enforcement programs for 199 regional security offices overseas. A Deputy Assistant Secretary leads a staff of approximately 227 Foreign Service, Civil Service, contract, and retired annuitants and oversees an annual budget of more than $1.6 billion for local guard and personal protective services task orders in the Worldwide Protective Services (WPS) contract at U.S. missions overseas. The directorate consists of three offices with oversight and responsibility, as follows:

— The Office of Special Projects and Coordination provides global oversight of the Marine Security Guard (MSG) program and emergency planning for all U.S. diplomatic missions overseas.

— The Office of Overseas Protective Operations (DS/IP/OPO) provides funding, administrative and management oversight, and operational guidance for local guard and surveillance detection contracts, local guard and surveillance detection forces employed under personal service agreements, as well as the WPS contract and the residential security programs at overseas missions.

–The Office of Regional Directors serves as the directorate liaison between Regional Security Offices in the field, other DS directorates, and regional and functional bureaus.

Leadership:  OIG personal questionnaire results scored the Deputy Assistant Secretary for International Programs within the range of scores for the 66 Deputy Assistant Secretaries in 21 domestic inspections conducted during the past 5 years, in 10 of the 13 leadership attributes. He scored well above the prior averages in the areas of vision and goal setting, clarity, and problem solving.

Screen Shot

Summary of Findings:

  • Eighty-three percent of the Regional Security Officers who responded to an OIG field survey expressed satisfaction with timely guidance, direction, and coordination by the Directorate of International Programs on their behalf.
  • Seventy-nine percent of the Deputy Chiefs of Mission who responded to the field survey expressed satisfaction with the frequency and timeliness of communications and guidance from the Directorate of International Programs relating to Deputy Chief of Mission supervision of Regional Security Officers.
  •  Officials interviewed in five of the six regional bureaus stated that communications and coordination with the Bureau of Diplomatic Security have much improved in the aftermath of the attack on Benghazi in September 2012.
  •   The directorate is in the process of coordinating the updates of memoranda of understanding between the Department and the Department of Defense concerning Force Protection Detachments under Chief of Mission authority and the Marine Security Guard detachments.
  •   The Office of Acquisition Management and the Directorate of International Programs entered into an informal agreement to assign contracting officers and contracting specialists within the directorate Office of Overseas Protective Operations 8 years ago to help desk officers and acquisition management specialists oversee more than $1.6 billion in local guard and personal protective services contracts. However, the Bureau of Diplomatic Security and the Office of Acquisition Management have no service level agreement defining the roles and responsibilities of both staffs, which has caused confusion and some misunderstanding.

State OIG made the following recommendations:

OIG made three recommendations to the Bureau of Diplomatic Security that include establishing or updating memoranda of agreement between the Department and the Department of Defense pertaining to the Marine Security Guard program, issuing guidance to Chiefs of Mission on the availability of U.S. military assets during emergency situations and implementing an orientation program for directorate acquisition staff.

OIG also made two recommendations to the Bureau of Administration relating to the implementation of a service level agreement pertaining to the administration of local guard and personal protective services contracts and updating the Contractor Performance Assessment Reporting System with timely contract performance data.

Read the full report here:

 

#

Related posts:

 

Related items:

Advertisements

State/OIG Issues Report on @StateDept IT Incident Response and Reporting Deficiencies

Posted: 2:03 am EDT

 

An independent accounting firm hired by State/OIG determined that the State Department’s IT incident response and reporting (IR&R) program was not operating effectively. Specifically, of the 25 cyber security incidents evaluated, Williams, Adley found that five were miscategorized, six were not remediated in a timely manner, one was not identified in a timely manner, one was missing incident information, four were not reported to the U.S. Computer Emergency Readiness Team (US-CERT) in a timely manner, and two were not reported to US-CERT as required.

The deficiencies in the IR&R program occurred primarily because of inadequate communication between the Bureau of Information Resource Management (IRM) and the Bureau of Diplomatic Security (DS) and inadequate management oversight that would ensure that personnel within the Department’s incident response team fully complied with prescribed categorization guidelines, reporting requirements, and remediation timelines.

Without an effective IR&R program, the Department may be unable to properly identify weaknesses, restore IT operations in a timely manner, and identify and respond to cyber security incidents, which could potentially lead to interruptions of critical operations and hinder the Department’s ability to achieve its core mission.
[…]
Williams, Adley determined that the Department’s IR&R program was not operating effectively for the months of September and October 2014. Specifically, Williams, Adley reviewed the Department’s handling of 25 cyber security incidents out of 303 incidents (CAT 1 to CAT 6) reported during the scope period8 to determine whether the Department complied with its information security policies and procedures.

Screen Shot

According to the audit, remediation of one denial of service attack took over 200 hours, remediation of four malicious code attacks took between 174 hours and 312 hours, and remediation of one probe attack took over 175 hours.

Here’s the proposed solution according to the audit:

DS officials stated that a proposed solution was currently being developed that would improve the responsiveness of and communications between DS and IRM. Specifically, the Department would create a Joint Concept of Operations, via a Memorandum of Understanding, that would enhance the current capabilities of the DS Foreign Affairs Cybersecurity Center. Although the Memorandum of Understanding was in the initial drafting phase as of the date of this report, it is a proposed solution that, when fully implemented, will allow the Department to approve a Joint Security Operations Center concept that will potentially consolidate core IRM and DS cyber security functions and thus strengthen the responsiveness of and communications between IRM and DS. This effort will serve as the first step in improving communications between IRM and DS.

The State Department’s response to the OIG requests that the two recommendations be closed  due to agency actions but also expressed concerns over the OIG’s use of this press article from nextgov cited in the audit:

Screen Shot

WaPo reported about the down email system due to hacking concerns here and we did a blogpost of the incident here (see  State Department’s Computer Systems Hacked, 5th Known Agency Breach This Year?).

#

 

Seriously perplexed journalist asks: Forgive me for asking, how could he not know?

Posted: 1:19 am EDT

 

Via state.gov/daily press briefing:

QUESTION: Yeah, just a follow-up, please. Patrick Kennedy was recently on the Hill testifying in front of the select committee, and he told members that he knew about the email server really from the get-go but he did not understand the scope of its use. He thought it was clearly just for personal use with her family. But that is really undercut by his email traffic, which shows that he was using that account for government business. So how do you reconcile those two?

MR TONER: Sure. I mean, Catherine, normally I wouldn’t address or read out what was a private interview between Under Secretary Kennedy and members of the Benghazi committee, but on your specific claim that he knew about Secretary Clinton’s private server, that’s not correct. And that was made clear in his comments to the Benghazi committee. What he said he was aware of is that she was interested in setting up a private computer in the department so that she could email back and forth with her family during the work day. And as we’ve said previously, no such computer was ever set up.

QUESTION: And just – you may have to take this question.

MR TONER: Yeah.

QUESTION: Was Patrick Kennedy her records officer?

MR TONER: That’s a good question. Yeah.

QUESTION: Records officer is the – yeah, the – yeah, if you could find out.

MR TONER: Sure.

QUESTION: Because the records officer is the person responsible for the records, the human resources, but more specifically, signs the non-disclosure agreements for classified and TS/SCI compartmented information.

MR TONER: Right. I’m not sure in this case who would have been her records officer —

QUESTION: I believe it was Patrick.

MR TONER: — or whether there was – right.

QUESTION: Yeah, if you can check. We understand it was Patrick Kennedy.

MR TONER: Okay, we’ll get back to you on that.

QUESTION: Thank you.

QUESTION: A quick follow-up to that?

MR TONER: Yeah.

QUESTION: And I take your point that you wouldn’t normally read out what you say was a private interview —

MR TONER: Sure.

QUESTION: — between a congressional committee and an administration official, but you said that in response to the question about whether or not Kennedy was aware of Secretary Clinton’s use of a private server from the get-go, you said that’s not correct.

MR TONER: Right, so – yeah, sorry.

QUESTION: And that – so here’s my question.

MR TONER: Yeah.

QUESTION: Under Secretary Kennedy is responsible for both streams of the department that would be in charge of the Secretary’s communications – the one that actually does the communications and the emails, all of which fall under his purview, and then DS, Diplomatic Security, which also fall – which also report in to him. How could he not be aware that the secretary was using a private email server for all her work email communications? How could he not know if he is responsible both for DS and for the people who do the technical and computer stuff at State?

MR TONER: So again, what I was trying to make clear there was that he was not – his knowledge about her wanting to set up a private computer within the department, not at her residence, so that she could email her family, that’s what he was speaking to about in his interview. And again, as I said, no such computer was ever set up. Your broader question – again, he’s spoken to it before, or we’ve spoken to it before, that he did not have knowledge of the computer server that she had set up, the personal email or computer server. She set it up at her residence. Again, that’s not really our focus here. I would just return to the fact that our focus is on releasing the FOIA.

QUESTION: Forgive me for asking.

MR TONER: That’s okay.

According to the National Archives (PDF), Mr. Kennedy who is the Under Secretary for Management is also the Senior Agency Official for Records Management at the State Department.

Pardon us, we are poor sods, perplexed at the goings on of this world.

#

Related posts:

Secretary John Kerry on Jimmy Kimmel Live – Ready to Bring Together Taylor Swift and Kanye West

Posted: 12:23 am EDT

 

Last week, when Secretary Kerry had a meeting in Hollywood after the summit with Asian leaders in Palm Springs, he also made an appearance at the Jimmy Kimmel show.  He was introduced as the guest who “has been to almost 80 countries and logged more than a million frequent flyer miles.”  

The transcript of the appearance on February 16 is here: Interview on ABC’s Jimmy Kimmel Live!;  Secretary of State John Kerry; Los Angeles, California.