Defense Digital Service looks to ‘SITH’ to stop insider threats before they happen
The Defense Digital Service has created a new prototype to automate the Department of Defense’s processes for tracking insider threat risks and bringing awareness to them before they become full-blown threats.
Called the System for Insider Threat Hindrance — or SITH, adding yet another Department of Defense (DOD) tech program referencing “Star Wars” — the prototype project is meant to deliver a proof-of-concept for automating insider threat tracking and providing faster and more accurate insider threat information sharing of cleared DOD personnel.
This is a big deal to Defense Digital Service (DDS) and the DOD because of the high threat from insider threats within public and private sector organizations. According to research from Verizon, 57% of database breaches in 2019 involved insider threats within an organization.
DDS awarded a $14.8 million contract to TrussWorks to build out the minimum viable product for the SITH platform. DDS and the Office of the Under Secretary Defense in Intelligence & Security will partner with TrussWorks over the next two years, planning to launch that minimum viable product in the next 9-12 months, with the hope of passing over the prototype to Defense Counterintelligence and Security Agency (DCSA) by the end of 2023, DDS told FedScoop.
“SITH is a great example of DDS’s ability to leapfrog the current state of technology in the DOD,” Katie Olson, acting director of DDS, told FedScoop. “Automating and streamlining how the Defense Department is made aware of and responds to insider threats will go a long way in preventing possible insider threats. We look forward to working with OUSD(I) and TrussWorks in the discovery process and the creation of an MVP that we can transition to DCSA so that they can maintain and grow the capabilities.”
The SITH prototype builds upon DDS’s past work on the System for Automated Background Evaluation and Review (SABER), the tool it created to automate the background investigation process for clearing federal employees. TrussWorks also partnered with DDS on the development of SABER, which is why DDS procured the company’s services for this latest project without a full-and-open competition.
Since the contract for SABER expired, DDS has been looking for “the best use for the prototype,” and at the direction of the Under Secretary of Defense for Intelligence and Security, decided to focus that work on insider threats.
Currently, the DOD uses a manual process to integrate steams of intelligence and track insider threats through the Defense Department Insider Threat Management Analysis Center (DITMAC) System of Systems (DSoS) program.
“Through the discovery and development of SABER, TrussWorks has gained an in-depth understanding of the full background investigation process and related dependencies as it relates to the DOD,” says DDS’s justification for award. “The System for Insider Threat Hindrance (SITH) will leverage the same data sets and similar workflows and much of the SABER code to automate insider threat reporting and investigation … this system will be developed on behalf of the DOD Insider Threat Management Analysis Center (DITMAC), and will enable a more streamlined process for reporting and analyzing insider threats.”
In addition to its agile software development services, TrussWorks will also partner with a third-party firm to run a bug bounty on SITH as part of the contract.