Lessons Learned and Best Practices: 2013 2014 Identity Theft and Its Nexus to Illicit Activity Team



Similar documents
THE CHANGING FACE OF IDENTITY THEFT THE CURRENT AND FUTURE LANDSCAPE

EXECUTIVE BEHAVIORAL INTERVIEW GUIDE

Middlesbrough Manager Competency Framework. Behaviours Business Skills Middlesbrough Manager

Saskatoon North Partnership for Growth (P4G) Draft Communications and Engagement Strategy

PERFORMANCE MANAGEMENT ROADMAP

EMERGENCY MANAGEMENT BRITISH COLUMBIA A STRATEGY TO ADVANCE SUPPORT FOR LOCAL AUTHORITY EMERGENCY MANAGEMENT PROGRAMS OCTOBER 14, 2015

Computing & Communications Services

Change Management Practitioner Competencies

Master Level Competency Model

COMPETENCY FRAMEWORK

Finding the Right People for Your Program Evaluation Team: Evaluator and Planning Team Job Descriptions

The Advisor Partnership Program (TAPP)

Helen Featherstone, Visitor Studies Group and University of the West of England, Bristol

Student Organization Officer Transition Guide

4 PERFORMANCE MEASURES

COMPETENCY FRAMEWORK

NEEDS IMPROVEMENT EXAMPLE

INFORMATION SHARING ENVIRONMENT GUIDANCE (ISE-G) INCLUSION OF INFORMATION SHARING PERFORMANCE EVALUATION ELEMENT IN EMPLOYEE PERFORMANCE APPRAISALS

SUCCESSION PLANNING and LEADERSHIP DEVELOPMENT

The PMO as a Project Management Integrator, Innovator and Interventionist

Performance Factors and Campuswide Standards Guidelines. With Behavioral Indicators

IC Performance Standards

Corporate Governance Guidelines. Kenon Holdings Ltd. Adopted as of September 17, 2014

COMMUNICATION MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE:

BEHAVIORAL INTERVIEW QUESTIONS INVENTORY

MCH LEADERSHIP SKILLS SELF-ASSESSMENT

Information Technology Strategic Plan

An Assessment of Capacity Building in Washington State

PROJECT MANAGEMENT FOR DEVELOPMENT ORGANIZATIONS

10.1 Communications Planning 10.2 Information Distribution Figure Performance Reporting 10.1 Communications Planning 10.

1. Build core capability at all levels to improve organisational and individual performance;

Leadership Development Handbook

Leadership Program Outcomes

EXAMPLE WORKPLACE COMPETENCIES

CORPORATE GOVERNANCE GUIDELINES OF AUTOLIV, INC. Amended as of May 5, 2014

DELIVERING OUR STRATEGY

Advanced Performance Measures

Extracted from Strategic Planning for Political Parties: A Practical Tool International Institute for Democracy and Electoral Assistance 2013.

Sample Behavioural Questions by Competency

6 Key Questions to Ask

Message from the Chief Executive of the RCM

Board Governance Principles Amended September 29, 2012 Tyco International Ltd.

Texas System of Care Social Marketing Plan

Best in Class Referral Programs

WHO GLOBAL COMPETENCY MODEL

HUMAN RESOURSES COLLEGE OF EDUCATION AND HUMAN ECOLOGY. Manager's Guide to Mid-Year Performance Management

AB Volvo, Göteborg, Sweden. Ref No , August The Volvo Way

Table of Contents PERFORMANCE REVIEWS STRATEGIC REVIEWS

EMC CORPORATION. Corporate Governance Guidelines

Performance Appraisal Process for the CEO 1

Project Management Institute STRATEGIC PLAN. Prepared by: PMI Board of Directors

LITERACY: READING LANGUAGE ARTS

An Introduction to Sustainability Reporting. What Is Sustainability Reporting. White Paper: An Introduction to Sustainability Reporting

LEADERSHIP DEVELOPMENT FRAMEWORK

Massage Therapy Body of Knowledge (MTBOK) Business Case Executive Summary

OPM LEADERSHIP DEVELOPMENT MATRIX:

Tools for Managing and Measuring the Value of Big Data Projects

WHEELOCK COLLEGE FACULTY DEVELOPMENT AND EVALUATION PROGRAM

Leadership-related Competencies

All-Campus Leadership Conference Committee Chair. Big Ten leadership Network Committee chair

Kouzes, J. M., & Posner, B. Z. (2007). The leadership challenge (4th ed.). San Francisco, CA: Jossey-Bass.

MAKING YOUR ORGANISATION S INFORMATION ACCESSIBLE FOR ALL IMPLEMENTING THE GUIDELINES FOR ACCESSIBLE INFORMATION

Strategic Business and Operations Framework Understanding the Framework June 30, 2012

Department of Homeland Security Information Sharing Strategy

How To Manage Performance

ETI PERSPECTIVE 2020: A FIVE YEAR STRATEGY

Section 7 SPEEA/Boeing Partnership

Competency-Based Education Programs

Network Consulting Engineer

University of Southern California

PROJECT MANAGEMENT PLAN <PROJECT NAME>

Project Manager Job Descriptions

WHITE PAPER. The 7 Deadly Sins of. Dashboard Design

Attribute 1: COMMUNICATION

Individual Development Planning (IDP)

Public Health Competency Based Employee Performance Management Self Assessment Tool - Manager/Supervisor

Options for creating working groups, task forces and editorial boards to facilitate the implementation of the work plan. Note by the secretariat

Professional Science Master s in Fisheries and Wildlife Administration (PSMFWA) Project Requirements (FW 510 Professional Internship, 5-10 credits)

How To Understand The Benefits Of Big Data In Healthcare

Project Management Career Path Plan

PMS 295 PMS 348. Event Planning and Management

Shared Solutions: An Overview Special Education Policy and Programs Branch Ministry of Education

GOVERNANCE DEFINED. Governance is the practice of making enterprise-wide decisions regarding an organization s informational assets and artifacts

DESCRIBING OUR COMPETENCIES. new thinking at work

PUBLIC FINANCIAL MANAGEMENT IMPROVEMENT AND CONSOLIDATION PROJECT (PMICP)

5 Steps To Healthcare Change Management: A Roadmap For Success

Finance Division. Strategic Plan

Project Management Certificate (IT Professionals)

Transcription:

Lessons Learned and Best Practices: 2013 2014 Identity Theft and Its Nexus to Illicit Activity Team Overview The purpose of this document is to capture best practices and lessons learned identified by the Identity Theft (IDT) and Its Nexus to Illicit Activity Team during its participation in the fourth and fifth iterations (2013 & 2014) of the Intelligence Community Analyst Private Sector Partnership Program (ICAPP) sponsored by the Department of Homeland Security s Office of Intelligence and Analysis (DHS I&A). In this program, experienced government analysts collaborate with industry experts in an unclassified setting to study targeted intelligence priorities for a period of 6 months. The industry experts receive no financial compensation. This document describes the process the IDT Team applied in each year of the program, summarizes lessons learned from this effort to guide future teams, recommends minor improvements to inform the program sponsors, and describes the value of the program for different audiences. Background The 2013 DHS ICAPP (Phase I) convened private-public sector teams that focused on six previously identified intelligence priorities; one of the selected priorities was IDT and its nexus to illicit activity. Leveraging members strengths and access to resources, the team facilitated group learning through invited speakers, independent research, and site visits, all of which provided a platform for group dialogue and discourse on the current and future landscape of IDT. At the conclusion of Phase I, the IDT Team presented its findings and offered recommendations to address the issue. DHS I&A invited the IDT Team to participate in a newly created Phase II of the program beginning in 2014. Building on its past success, the Phase II IDT Team elected to focus its efforts on examining and operationalizing two of its Phase I recommendations concerned with mitigating IDT through education and technology. Team Dynamics and Activities A timeline detailing key team activities is listed in Exhibit 1. The Phase I (2013) kickoff meeting was held in April and its concluding summit in November. Phase II (2014) mirrored the previous year, with a kickoff in April and a concluding summit in November. Several of the group s organizational activities are described in greater detail below. Exhibit 1. Timeline of Activities for the Identity Theft Working Group (2013 2014) Structuring the Team. In the team s earliest stages, the need to divide and assign responsibilities became apparent. As a natural evolution, team members assumed responsibilities to provide coordination and operating structure to the team. These roles were delineated as follows:

Champion: Appointed by DHS. Served as a liaison between the IDT Team and DHS I&A. Co-Champion: Scheduled conference calls and in-person meetings, took meeting minutes, and served as an intermediary with outside facilitator. Speaker Coordinator: Coordinated and scheduled speakers and site visits. Task Leaders: Responsible for specific tasks or deliverables as needed. While creating loose organization, the IDT Team operating structure was very democratic. This approach allowed open and nonjudgmental consideration of ideas, but the relatively flat structure prolonged decision-making at times. An informal Executive Board of three or four team members was created to make decisions when the team was otherwise stalled. Getting to Know the Team and Identifying Common Goals. From the initial meeting, team members deliberately and candidly shared their individual experiences, goals, and expectations. Understanding individual circumstances was critical to determining common group goals. Through open dialogue, the team identified individual strengths and access to resources. Team members volunteered for or were assigned tasks that matched their strengths and interests. The team convened with a strong display of values that highlight collaboration, as displayed in Exhibit 2. Aside from the desire to foster positive working relationships with one another, the team s common goals were to (a) understand and describe the scope and breadth of the IDT problem in order to contribute to meaningful dialogue on the topic and (b) formulate a reasonable set of recommendations tailored to decision-makers in both the public and private sectors. Exhibit 2. IDT Team Core Values Strategizing About Communication. From the outset, the team decided to hold weekly conference calls. After the Phase I kickoff meeting, the team attempted to use the DHS-provided information-sharing platform (Sage) to share relevant material; however, Sage was cumbersome and awkward, so the team reverted to e-mail. E-mail remained the primary mode of asynchronous communication throughout Phase II. Setting Project Goals and Deadlines. During both phases, the team was effective in establishing realistic deadlines for identified project tasks. The use of deadlines helped maintain momentum and allowed the team to stay on track while performing quality control throughout the process. Conducting Independent Research and Site Visits. Throughout Phases I and II, the team consulted with outside subject matter experts (SMEs), futurists, practitioners, engineers, and academics from various public, private, and nonprofit organizations, all of whom provided different perspectives on the issue of IDT. The team sought to acquire as much research and insight as possible on current events, trends, and threats surrounding IDT and its impact on individuals and organizations. Also, the team invited SMEs to present during its weekly conference calls so that their knowledge could be included in the group s study of the topic and issues. During Phase I, the team undertook an information-gathering site visit to Seattle, WA, to hear the broad perspectives and opinions of other stakeholders involved in the daily battle to combat IDT. The site visits expanded the group s knowledge and interpretation of the issue. Representatives from federal and local law enforcement, industry, retail, and academia were consulted. 1 Group discussions focused on IDT and network security and risks. A serendipitous by-product of the site visit and in-person meetings was increased trust among members, which further solidified the team s ability to work collaboratively. During Phase II, the team decided that a site visit was unnecessary, given the desire to focus on operationalizing selected Phase I recommendations. Agreeing Early on Deliverables. The team captured and disseminated its findings, recommendations, and best practices through a variety of modes. For each deliverable, basic context (time frame, intended audience) was negotiated and agreed upon months in advance of production. For both phases, the team produced white papers with supplemental infographics. The purpose of the infographics was to convey findings quickly in a visual format; the white paper 1 Organizations included Microsoft, Nike, T-Mobile, the Seattle Police Department, the Seattle Field Office of the U.S. Secret Service, Singularity University, and Social Security Administration Office of the Inspector General. For a complete list, refer to the IDT Team s 2013 white paper, The Current and Future Landscape of Identity Theft: Findings of the Identity Theft and Nexus to Illicit Activity Team. Available at http://www.rti.org/pubs/idt-whitepaper-final-20131030.pdf.

supplemented the infographic brochure by providing the explanatory logic, relevant background, and references for group conclusions and recommendations. Illustrations for the infographic were commissioned by a business consulting firm. For Phase I, a white paper 2 and an accompanying infographic 3 were produced on the current and future landscape of IDT. For Phase II, the team is developing a didactic mobile application 4 intended to empower individuals and organizations to protect themselves against IDT crimes. Also for Phase II, two white papers, including this one, were written and a supplemental infographic 5 was created to accompany the white paper focusing on the educational and technical recommendations. 6 Recommendations for Future Partnership Groups The IDT Team offers some recommendations for teams to consider adopting as they participate in future iterations of the DHS ICAPP. Slow Down to Speed Up. Take time early on to focus on and set individual expectations and goals for the group. These expectations could be as simple as establishing realistic time commitments or determining what each member hopes to accomplish (or needs to accomplish, according to internal politics) through his or her participation. Additionally, taking time to get to know each other s areas of expertise and interests helps match team members to project tasks that they will both enjoy and excel at. Overall, the team did an outstanding job in setting realistic expectations and showed flexibility when expectations were not met. For example, during Phase II, the team elected to eliminate an activity when it was discovered that there would not be enough time to complete it before the end of Phase II. The delay resulted from the team failure to take into account the additional amount of time needed to obtain approvals from organizations, given the legal and reputational constraints associated with participation. Removing this task allowed the team to focus its efforts and energy on remaining tasks. Come Ready to Collaborate. In the spirit of collaboration, team members should set aside their personal aspirations and desires for individual recognition to participate on the team. Consistent with one of the primary purposes of the program, team members should seek to foster and facilitate working relationships. Team success is dependent on each member s continuous contributions and inclusion in discussions and decisions. The team benefitted from each participant s creativity, flexibility, commitment, sense of teamwork, and unique viewpoint. Team members actively listened to each other, offered differing opinions, and remained open-minded throughout, as topics did not always easily fit into a single box. Team members were comfortable sharing dissenting views, allowing for candid discussions about issues and products, and compromising on how best to present concepts. Give Meetings a Purpose. The team s meetings should have a purpose and agendas with action items should be distributed before each conference call, as unnecessary meetings waste time and decrease engagement. Indeed, it is preferable to cancel a call than to hold a meeting with no real purpose. Scheduling speakers to address the group during conference calls (sometimes joining via WebEx 7 ) created a purpose for many meetings and helped group engagement. Group engagement is also enhanced when holidays and personal vacations are considered in scheduling. During Phase II, the team was divided into two smaller teams, each assigned to address either technical or educational recommendations for mitigating IDT. Although the team used this process to leverage each member s skills, at times communication broke down not only within the smaller teams but among the group as a whole. The weekly conference calls helped maintain the team dynamic while allowing all members to update the team on their progress. 2 White paper: The Current and Future Landscape of Identity Theft: Findings of the Identity Theft and Nexus to Illicit Activity Team, published November 2013; available from http://www.rti.org/pubs/idt-whitepaper-final-20131030.pdf 3 Infographic: The Changing Face of Identity Theft: The Current and Future Landscape, published November 2013; available from https://www.rti.org/pubs/xpl_bmgf_1302_id_theft_brochure_r03_pages.pdf 4 This application (app) is being developed by the IDT Team in conjunction with Thomson Reuters. 5 Infographic: Countering Identity Theft Through Education and Technology: Proposed Solutions for Individuals and Organizations, published November 2014. Available November 2014 on www.rti.org website. 6 White paper: Countering Identity Theft Through Education and Technology: Activities of the 2014 Identity Theft and Its Nexus to Illicit Activity Working Group, published November 2014. Available November 2014 on www.rti.org website. 7 WebEx is a useful tool for conference call presentations. However, a number of government analysts were unable to access it from their work locations because of security restrictions. For those analysts, hard copies of presentations (e.g., PDFs) were shared in advance of a call.

Be Accountable. When participating in a team effort such as this, it is easy to allow competing priorities (e.g., other work) to get in the way of key milestones. Members must hold themselves accountable to contribute their share of the work toward the team s common goal. The team was able to delegate different parts of the project into tasks to individual members, and it benefitted from members who volunteered to fill leadership positions or lead project tasks. Additionally, it was important for the team to address any potential accountability issues that arose. When necessary, the team addressed instances in which members were not responsive to short-term tasks, such as providing feedback on drafted products or answering questions from other members or external parties. Team members from the private sector were asked to obtain funding from their organizations to attend site visits and in-person meetings. In addition to the 2013 and 2014 kickoff meetings and summits, the team held three in-person meetings in the Washington, DC, area and one site visit in 2013 to Seattle, WA. Although none of the site visits or inperson meetings were mandatory, the expectation was that all members would do their best to obtain approval from their supervisors to attend. The Champion made himself available to intervene and provide support as necessary. Leverage Outside Resources Early. Reaching out to nationally recognized SMEs from various private- and public-sector organizations provided valuable contextual insights that sparked thoughtful dialogue among team members. In addition, an outside consultant, serving as an objective third party, was helpful to focus the team s efforts, help the group stay on track and within scope, and create illustrations for the infographic brochure. Funding for the consultant was provided by one of participating organizations. Future groups that are interested in using outside consultants should engage them very early in the process to optimize the final product. For instance, for a deliverable due in late October, discussions with the consultant should begin in June. Create a Plan for Product Dissemination. Determining the best mechanisms to communicate and disseminate deliverables is of the utmost importance. Understanding that IDT is a real and current threat to individuals and organizations, the team concluded it was necessary to advertise and distribute their research and recommendations through various mechanisms: three white papers (including this one), infographics, and a mobile application. Also, during production of the deliverables, the team had to take into account each member s willingness to expose his or her organization s affiliation on products that would be made public, given the team s agreed-upon goal of making their findings publically accessible. Furthermore, the team wanted their deliverables to live somewhere. However, finding an online location to place the products indefinitely proved challenging. As a result, the team relied on each member to disseminate the products in-house, and it also sent the products to the contacts made through the speaker series. Recognize Members for Outstanding Contributions. Recognize members who exceed expectations to help further the group s goals and aid in its overall success. A number of team members took on additional responsibilities and tasks. In Phase I, the team decided to recognize multiple members for their unique contributions. For example, one member generously offered his organization s facilities for group meetings and site visits. Efforts such as this deserve recognition, which not only gratifies the member being recognized but also inspires other members to perform at a higher level. Recommendations for Program Sponsors The IDT Team successfully achieved its goals and offers the following recommendations for its sponsors with DHS and the Office of the Director of National Intelligence (ODNI) to consider for future iterations of the program. Create a Feedback Loop. Incorporate an opportunity for participants to provide feedback to allow for process improvements, especially at the end of the program. Each participant and team will experience the program differently. Although some teams may come together organically, other teams may not be as fortunate. Increased awareness of the obstacles teams face, and how they are addressed, can only strengthen the program as it matures. Create a Process for Dissemination of Deliverables. Develop a mechanism for archiving and searching opensource deliverables produced by teams. Providing an online platform for posting and disseminating products allows participants findings to reach and inform a wider audience. As a by-product, broad dissemination of materials will also serve to market the program within the private sector. Finally, future teams may learn from the opportunities and mistakes made by previous teams.

Demonstrate Appreciation. Recognize individual and organization participation with a small token of gratitude beyond a formal letter of thanks (e.g., a certificate, patch, pin, challenge coin). Participants (and their sponsoring organizations) are not only volunteering time and resources, but they are also funding travel costs to attend site visits and other group meetings. Improve Opportunities for Cross-Team Collaboration and Networking. After the program s initial meeting, which all teams attended, there were few opportunities for cross-team engagement. Although participants understood that they were tasked to work on a specific intelligence issue, some members felt their experience and background could have contributed to multiple intelligence issues. Furthermore, the lack of cross-team interaction led to missed opportunities to meet and network with potential collaborators (both related and unrelated to this work) on other teams. Value of the Partnership Program The DHS ICAPP holds immeasurable value for the participating individuals and organizations, SMEs with whom the team engaged, the sponsoring agencies, and society at large. Individual participants grew professionally and gained expertise on a topic of critical importance expertise that they then shared within their organizations. For many members, program participation elevated the issue of IDT within their organizations, which resulted in revised processes and workflows and contributed to the production of refined internal products on related issues. The program was beneficial to the outside entities (e.g., SMEs and others) that the team encountered by sparking discussion and creating opportunities for future collaboration and networking. Finally, group deliverables contributed to a societal good by encouraging and expanding meaningful, thoughtful dialogue on the future direction of and needs related to this topic. The apparent success of the IDT Team serves as a testament to the program s overall goals of fostering and strengthening partnerships between the intelligence community and the private sector and serving as a catalyst to spark indepth discussions about important substantive topics. Its success can be attributed not only to team members excellent ability to work collaboratively, but also to the sponsors willingness to provide wide latitude on how to address the issue. This flexibility to maneuver freely afforded the team the ability to think creatively and independently to understand the complex issues from different perspectives, thus driving the team to develop creative, insightful deliverables that promote conceptual dialogue. Jynika Craig Federal Bureau of Investigation jynika.craig@ic.fbi.gov 2014 IDENTITY THEFT AND NEXUS TO ILLICIT ACTIVITY WORKING GROUP Jason Kerben Office of the Director of National Intelligence jasonk@dni.gov John D. King Department of the Army john.d.king50.civ@mail.mil Edward T. Lanoue HSBC Bank ed.t.lanoue@us.hsbc.com Chris Sailer Saffron Technology, Inc. csailer@saffrontech.com Donte Stewart Bill and Melinda Gates Foundation donte.stewart@gatesfoundation.org Publication Date: November 2014 Karen Lissy RTI International klissy@rti.org Mara Schmidt United States Secret Service mara.schmidt@usss.dhs.gov Jason Thomas Thomson Reuters Jason.Thomas@trssllc.com John Mazza United States Secret Service John.mazza@usss.dhs.gov Kristin Schwomeyer WellPoint kristin.schwomeyer@wellpoint.com Brett Yellen Department of Homeland Security Brett.Yellen@hq.dhs.gov

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information