WASHINGTON -- Defense Counterintelligence and Security Agency (DCSA) leaders – in support of their Japanese counterparts over the course of several years – are making a significant impact on bilateral efforts to standardize information security practices across the U.S.-Japan Alliance.
It began when the agency’s senior experts — experienced in directing U.S. background investigations, vetting risk operations and adjudications — responded to a request from the Defense Technology Security Administration (DTSA) in 2019 to support the U.S.-Japan Bilateral Information Security Consultations (BISC). The BISC is a bilateral group committed to ensuring substantially equivalent information security practices between the U.S. and Japan — a key cooperative initiative to strengthen the Alliance.
U.S. Secretary of State Antony Blinken and Secretary of Defense Lloyd Austin discussed the importance of strengthening and reinforcing information security practices with Japan’s Minister for Foreign Affairs Yoshimasa Hayashi and Minister of Defense Nobuo Kishi during the U.S.-Japan Security Consultative Committee held virtually in Washington, D.C. and Tokyo, Japan on Jan. 6 and 7, 2022.
“You can’t measure the importance of this BISC effort,” said Scott Nelson, deputy chief of DTSA’s Regional Engagement Division, who contacted DCSA with his request for their expert assistance. “Information security is the basis on which all our collaboration to share information and technology will be built.”
The BISC – formed as a result of a 2009 U.S.-Japan summit meeting between Prime Minister Yukio Hatoyama and President Barack Obama – launched a new process of consultations in order to strengthen security cooperation, including information security that deepens the U.S.-Japan Alliance. The BISC fosters a continuous government-to-government dialogue on information security essential to fully enabling the 2007 U.S.-Japan General Security of Military Information Agreement (GSOMIA), which governs the reciprocal protection of classified information.
“Our BISC efforts focus on protecting the partnership of the U.S. government and Japanese government by sharing our security practices,” said Jenny Wells, executive program manager for DCSA Background Investigation Field Operations. Bilaterally, the BISC ensures that Japan’s access to sensitive U.S. government information meets U.S. information security and personnel security standards. The same is true of U.S. access to Japan’s sensitive government information. Substantial equivalency is crucial to ensuring that information shared between the U.S. and Japan remains secure. DCSA leaders – Marianna Martineau, Adjudications; Heather Green, Vetting Risk Operations (VRO); Ryan Dennis, VRO; Brian Sedor, Background Investigations; Charis Lyon, Adjudications; and Kim Knobel, Training – participated in detailed discussions with their Japanese counterparts to fulfill the requirements of the U.S.-Japan GSOMIA. Their advice and collaboration covered the treatment of information from operations to policies, technologies and technical data.
“The bilateral partnership with Japan is vital and a must win for both countries,” said Richard Stahl, DCSA International and Special Programs chief responsible for bilateral agreements supported by the agency. “Success with BISC is essential not only to the GSOMIA but to our national security partnership as a whole.”
DCSA’s efforts with Japan began with a bit of shock in September 2019 when team members encountered a typhoon that struck just before landing in Tokyo. “There was no way to leave the airport,” Nelson recalled. “No buses, trains or cabs. It was an airport full of people panicking and looking for ways to leave.”
In addition to DCSA and DTSA, the U.S. team included representatives from the Undersecretary of Defense for Policy; U.S. Forces Japan; the Department of State; the Department of Justice; the U.S. Embassy Tokyo interagency; and U.S. Indo-Pacific Command.
Fortunately, the team located tickets on the only bus to leave the airport for hours and met with their Japanese counterparts for the first time. The U.S. and Japanese teams would continue to work together to overcome challenges from language barriers to pandemic related restrictions and limitations.
“In our first trip, we provided the government of Japan with a high level overview of how the U.S. does federal personnel vetting and outlined the specific elements required under a U.S. background investigation,” said Wells.
Overall, the U.S. team highlighted the fact that the U.S. government follows stringent policies and procedures out of a long history of conducting vetting for the federal government. The relevant subject matter experts briefed Japanese government officials and experts on the U.S. personnel security, vetting and adjudications system. In return, the Japanese leaders explained their information security system to the U.S. team.
“In December 2019, we came to Japan with a smaller contingent and conducted a formal assessment of Japan’s information security practices,” said Martineau, assistant director for DCSA Adjudications. “We followed the director of National Intelligence security protocol to assess the U.S. government’s adequacy and applied that same methodology to our engagement with Japan.”
Consequently, the Japanese and the U.S. teams were able to identify common expectations for key areas of information security.
“We constructed a framework to continue our engagement moving forward and stayed true to that framework,” said Martineau.
The majority of work halted, however, at the beginning stages of the pandemic despite virtual meetings held by the U.S. and Japanese teams in their respective Washington and Tokyo locations.
“It was a tremendous challenge to engage our counterparts through interpreters while attempting to keep the ball rolling via virtual engagements,” she said. “It was really difficult.”
In due course – specifically in October 2021 – the BISC teams reengaged to work together face to face in Tokyo.
“Great strides were made in terms of understanding each other’s systems,” said Charis Lyon, DCSA Adjudications Division 2 chief regarding the team’s third BISC trip. Three months after DCSA enrolled DOD and some federal agencies into an initial version of the agency’s Continuous Vetting Program, the third round of BISC meetings in Tokyo included DCSA briefings on continuous evaluation.
“Our counterparts in Japan have been really good partners in understanding our program and why the system of checks that we use are important,” said Lyon. “They are active partners in that process and moving forward, we will continue advising each other.”
In future BISC collaborations, the DTSA and DCSA team are planning to share with Japan the U.S. requirements outlined in the National Industrial Security Program Operating Manual (NISPOM).
“It was inspiring to see how the work we do every day impacts our partnerships and alliances around the world,” said Brian Sedor, program manager for DCSA Background Investigations Quality Support. “Even though our security program continues to evolve to meet emerging threats, involvement in the BISC initiative makes me appreciate the current advanced state of our comprehensive security program.”
Once the BISC engagements are complete, Nelson anticipates that DCSA Center for Development of Security Excellence representatives will exchange information with Japan’s training professionals related to the agency’s experience and capabilities in providing security education, training and professionalization for DOD and industry under the National Industrial Security Program.