A Worst Practices Guide to Insider Threats: Lessons from Past Mistakes

Insider threats are perhaps the most serious challenges that nuclear security systems face. All of the cases of theft of nuclear materials where the circumstances of the theft are known were perpetrated either by insiders or with the help of insiders; given that the other cases involve bulk material stolen covertly without anyone being aware the material was missing, there is every reason to believe that they were perpetrated by insiders as well. Similarly, disgruntled workers from inside nuclear facilities have perpetrated many of the known incidents of nuclear sabotage. The most recent example of which we are aware is the apparent insider sabotage of a diesel generator at the San Onofre nuclear plant in the United States in 2012; the most spectacular was an incident three decades ago in which an insider placed explosives directly on the steel pressure vessel head of a nuclear reactor and then detonated them.While many such incidents, including the two just mentioned, appear to have been intended to send a message to management, not to spread radioactivity, they highlight the immense dangers that could arise from insiders with more malevolent intent. As it turns out, insiders perpetrate a large fraction of thefts from heavily guarded non-nuclear facilities as well. Yet organizations often find it difficult to understandand protect against insider threats. Why is this the case?Part of the answer is that there are deep organizational and cognitive biases that lead managers to downplay the threats insiders pose to their nuclear facilities and operations. But another part of the answer is that those managing nuclear security often have limited information about incidents that have happened in other countries or in other industries, and the lessons that might be learned from them.The IAEA and the World Institute for Nuclear Security (WINS) produce"best practices" guides as a way of disseminating ideas and procedures that have been identified as leading to improved security. Both have produced guides on protecting against insider threats.5 But sometimes mistakes are even moreinstructive than successes.Here, we are presenting a kind of "worst practices" guide of serious mistakes made in the past regarding insider threats. While each situation is unique, and serious insider problems are relatively rare, the incidents we describe reflect issues that exist in many contexts and that every nuclear security manager should consider. Common organizational practices -- such as prioritizing production over security, failure to share information across subunits, inadequate rules or inappropriate waiving of rules, exaggerated faith in group loyalty, and excessive focus on external threats -- can be seen in many past failures to protect against insider threats

Civility and Speech in the Modern University, 200 Years Ago in Germany

Histor

Reducing Nuclear Dangers

Ron Rosenbaum wants us to be worried. His book How the End Begins: The Road to a Nuclear World War III is intended as an urgent warning that the terrifying dangers of nuclear weapons did not disappear when the Cold War ended two decades ago. There are still many thousands of nuclear weapons in the world—about 95% of them in the U.S. and Russian arsenals—and thousands of them are constantly poised for launch within minutes

Beyond Crises: The Unending Challenge of Controlling Nuclear Weapons and Materials

Book abstract: At the height of the Cultural Revolution a Chinese long-range nuclear missile is fired within the country, and the nuclear warhead it is carrying detonates. A French nuclear device is exploded in Algeria during a coup there. The Soviet empire has collapsed, and shots are fired at a Russian crowd intent on rushing a nuclear weapons-laden plane straining to remove a stash of nuclear weapons to a safer locale. Pakistani civilian governments are routinely pushed aside by a powerful, nuclear-armed military that observers worry might yet itself fall prey to a faction willing to seize a portion of Pakistan’s nuclear arsenal. This volume reveals previously unknown details on each case and teases out what is to be learned. This book is ideal not only for policymakers and analysts, but for historians and teachers as well

Strengthening Global Approaches to Nuclear Security

Despite substantial progress in improving nuclear security in recent years, there is more to be done. The threats of nuclear theft and terrorism remain very real. This paper recommends learning from the much stronger national and international efforts in nuclear safety, and in particular taking steps to build international understanding of the threat; establish effective performance objectives; assure performance; train and certify needed personnel; build security culture and exchange best practices; reduce the number of sites that need to be protected; and strengthen the international framework and continue the dialogue once leaders are no longer meeting regularly at the summit level

Securing the Bomb: An Agenda for Action

Grades current efforts to prevent nuclear terrorism and recommends new actions to more effectively keep nuclear weapons and materials out of terrorist hands

Threat Perceptions and Drivers of Change in Nuclear Security Around the World: Results of a Survey

Leaders at the 2010 nuclear security summit agreed on the goal of securing all vulnerable nuclear material in four years. This goal implied that many countries would change their nuclear security policies. But the factors that drive changes in nuclear security policies, and that constrain those changes, are not well understood. We conducted a survey of selected nuclear security experts in countries with nuclear weapons, highly enriched uranium (HEU), or separated plutonium, to explore this issue. The survey included: (a) perceptions of which threats are credible; (b) approaches to nuclear security based on a design basis threat (DBT); (c) changes in nuclear security policy in the last 15 years; (d) factors causing and constraining changes in nuclear security policy; and (e) policy on how much information to release about nuclear security. This paper describes the survey, its results, and implications for next steps to strengthen global nuclear security

Consolidation: Thwarting Nuclear Theft

At the first nuclear security summit in April 2010, the assembled leaders agreed on the goal of securing all vulnerable nuclear material worldwide within four years, including consolidating plutonium and highly enriched uranium (HEU) to fewer locations and minimizing the use of HEU “where technically and economically feasible.” Reducing the number of buildings and sites where nuclear weapons and weapons-usable nuclear material exist is a key element of preventing nuclear theft and nuclear terrorism, as the only way to completely eliminate the risk that nuclear material will be stolen from a particular location is to remove the material itself. States can achieve more effective nuclear security at lower cost if they have fewer places with nuclear weapons or weapons-usable nuclear material to protect. The fundamental goal must be to reduce the number of sites and transports as far and as quickly as possible, and provide highly effective security for those that remain. Over time, the civil use of HEU should be phased out, and HEU should be eliminated from all civil sites. This paper outlines the efforts the international community is already making to meet these objectives, and recommends a range of next steps. Today, nuclear weapons or their essential ingredients exist in hundreds of buildings and bunkers in dozens of countries, with widely varying levels of security. Fortunately, an array of national and international efforts to move nuclear weapons and weapons-usable nuclear material to fewer locations have been underway for years, and have made major progress. Since the end of the Cold War, nuclear weapons have been removed from many countries and scores of nuclear weapon sites have been eliminated. Twenty countries have eliminated all the weapons-usable nuclear material on their soil – six of them since President Obama called for a four-year effort to secure nuclear materials in April 2009. All weapons-usable nuclear material has been removed from dozens of other sites around the world. Some 180 research reactors that once used HEU fuel have either shut down or converted to using low-enriched uranium that cannot be used in a nuclear bomb. The world is more secure as a result. But there is much more to be done. There are stocks of material and types of facilities that are not yet targeted for consolidation, and a range of political, bureaucratic, technical, and financial barriers to be overcome. There are potentially effective policy tools that have not yet been fully utilized. This paper (a) discusses how to set priorities among different stocks to be consolidated; (b) describes the scope and progress of existing consolidation efforts; and (c) suggests steps to complement and extend the existing programs. Our discussion of the next steps for consolidation will fall into two categories: covering additional stocks and facilities that are not yet effectively addressed, and using additional policy approaches to strengthen the effort

Preventing Insider Theft: Lessons from the Casino and Pharmaceutical Industries

Through structured interviews and a literature review, we assess which approaches to protection against insider thefts in the casino and pharmaceutical industries could be usefully applied to strengthen protections against insider theft in the nuclear industry, where insider thefts could have very high consequences. Among other measures, we suggest consideration of constant video surveillance of all vaults and insider-material interactions; frequent and rigorous material accounting; requiring everyone who touches material to sign for it; implementing an expanded two-person rule; rewarding attention to security; and establishing incident databases and experience sharing. While many of these measures are in place for some operations with weapons-usable material in some countries, they should be considered for more universal application

Guardians at the Gates of Hell : estimating the risk of nuclear theft and terrorism -- and identifying the highest-priority risks of nuclear theft

Thesis (Ph. D.)--Massachusetts Institute of Technology, Engineering Systems Division, Technology, Management, and Policy Program, 2007.Includes bibliographical references (p. 419-466).Methods are presented to assess the global risk of nuclear theft and nuclear terrorism, to identify the nuclear facilities and transport legs that pose the highest-priority risks of nuclear theft, and to evaluate policy approaches to strengthening security and accounting for nuclear stockpiles worldwide. First, a qualitative assessment outlines the demand for black-market nuclear weapons and materials; the plausibility of terrorist construction of an improvised nuclear device; the global stocks and flows of nuclear weapons, plutonium, and highly enriched uranium (HEU), with the global distribution of facilities where they exist; and the widely varying standards of physical protection, control, and accounting in place to prevent theft. Particular dangers of nuclear theft in Russia, Pakistan, and from HEU-fueled research reactors are highlighted. Second, a mathematical model of the global risk of nuclear terrorism is presented, with detailed assessments of what is known about the values of each of the parameters, and of policies that could change each of the parameters to reduce risk.(cont.) Third, a methodology for identifying the nuclear facilities and transport legs posing the highest risks of nuclear terrorism is presented, combining the security levels for each facility or transport leg, the levels of threat they face, and the quantity and quality of nuclear weapons or weapons-usable material they contain. Fourth, the global nuclear security system is described and assessed as a complex, large-scale, integrated, open system (CLIOS). Based on past experiences with different policy tools from negotiated international standards to on-the-ground technical cooperation to install improved security equipment, options to improve system performance in reducing the risk of nuclear terrorism are assessed. A final chapter offers conclusions and recommendations.by Matthew Bunn.Ph.D