Insider Threat Awareness

Slides:



Advertisements
Similar presentations
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
Advertisements

Counterintelligence Indicators Presented by Jerome Smith, Facility Security Officer, LAI/EES.
Annual Security Refresher Briefing. General Information Edmonds Enterprises Services (EES) and Logistics Applications Inc. (LAI) as Defense Contractors.
Approvals 1. 2 Chg #DateChangeSlide #Completed ByReason 18/9/2013From G Washington to B Arnold12Chris OWrong threat profile.
F ACILITY S ECURITY Presented by: Dela Williams. 2.
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
Espionage Indicators Updated 08/21/13 U.S. Department of Commerce Office Of Security (OSY) Security is Everyone's Responsibility 1 Briefing.
Section Nine: Reporting Requirements Note: All classified markings contained within this presentation are for training purposes only.
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
Espionage Indicators Briefing 1 U.S. Department of Commerce
10/27/20111 Initial Security Indoctrination DoD. 10/27/20112 The protection of Government assets, people and property, both classified and controlled.
Chapter 6-1 The Islamic University of Gaza Accounting Information System Ethics, Fraud and Internal Control Dr. Hisham Madi.
11 Karen Atkins 12 September 2013 The Importance of New Hire Orientation - FISWG.
UNCLASSIFIED SE 001 FOREIGN TRAVEL BRIEFING. UNCLASSIFIED FOREIGN RECRUITMENT As a (your company) employee, you have access to critical U.S. government.
** Deckplate training for Navy Sailors **.  On Thursday, 9 July, the Office of Personnel Management (OPM) announced a cyber incident exposed the federal.
Defensive Travel Briefing Cheryl L. Wieser Regional Security Officer US Department of Commerce (206) (206) Fax Updated 10/03/11 Security.
Ethics and professional Conducts for Civil engineers
Cleared Employee Reporting Requirements. Reporting Regulations  Defense Security Service (DSS)  The National Industrial Security Program Operating Manual(NISPOM)1-300.
USD Sexual Harassment You may not know what it is………. You may not know what it is………. But you know how it makes you feel!!! But you know how it makes you.
9/15/20151 Initial Security Indoctrination. 9/15/20152 Agenda Physical Security Personnel Security Information Security Information Assurance Public Release.
ESPIONAGE INDICATORS. ESPIONAGE INDICATORS GUIDE BRIEFING DEPARTMENTAL ADMINISTRATIVE ORDER (DAO ) NOAA ADMINISTRATIVE ORDER (NAO )
INITIAL OSHA & DOT TRAINING MODULE 10 Security. INITIAL OSHA & DOT TRAINING Module 10 – Security Introduction The Transportation Security Administration.
Presentation CIFAL PRESENTATION Date: 13 JUNE 2012 Place : Durban.
Section Eleven: Threat Awareness and Defensive Measures Note: All classified markings contained within this presentation are for training purposes only.
THREAT AWARENESS. 1 What is “Threat”? Adversary with intent and capability to act against friendly interests. Other countries Business competitors Criminals.
 What is conflict of interest and how can it be avoided  What factors should be considered when determining a “ fair wage “
CENTRA T ECHNOLOGY, I NC. 1 5 Steps To Protect Your Company Katherine D. Mills CENTRA Technology, Inc. Insider Threat:
Peter Sakaris CISSP Booz Allen Hamilton, 1299 Farnam Street Suite 1230, Omaha, NE Office The Insider Threat.
How Secure are YOU? Information System Audit and Control Association May 2008 Meeting Presented by Brian Findley Counterintelligence Cyber TE Honeywell.
Sample only Order at Security Awareness Training A threat awareness briefing. A defensive security briefing. An overview of the.
Creating an Insider Threat Program.
Web Page Design and Development I Standards Standard A Safety and Ethics – 3 Identify potential abuse and unethical uses of computers and networks.
Viol_oh5/02/00 1 Building A Safe Workplace: Preventing Workplace Violence Employee Training Cooperatively Developed By and The Commonwealth of Pennsylvania.
Watech.wa.gov Records Management In a nutshell. watech.wa.gov What’s a record? A record is anything you create in the course of doing your work – Everything.
NISPOM Chapter 1 Basics General Requirements Reporting Responsibilities Steven Rivera, FSO July 10, 2013.
Procedures to followNumbers you need Information to know Your Farm Name Here Public Relations Plan Communicate to all (employees and press) that only a.
Protecting Your Assets By Preventing Identity Theft 1.
Workplace violence is violence or the threat of violence against workers. It includes harassment, verbal abuse, threatening behavior, fighting and physical.
Provided by OSPA ( Operations Security (OPSEC)
How To Conduct An Administrative Inquiry (AI) Due To A Security Violation
Information Protection The Personnel Security Program (PSP) & Supervisors’ Responsibilities Mr. Connolly.
5.6- Demonstrate how to be a responsible consumer in the 21 st century Roll Call Question: Something that you learned in this unit.
Threat Awareness Briefing. Why Our Information Employee Responsibilities Threat Awareness and Defensive Information Methods.
Argonne Office of Counterintelligence Intelligence Analysis Division Argonne National Laboratory.
Civil Aviation Security Program The FBI’s Counterterrorism Division’s (CTD) Civil Aviation Security Program (CASP) is responsible for Criminal and Terrorism.
Warm Up: Identity Theft: Quick Write 1. What is Identity Theft? 2. What is Fraud?
HR SECURITY  EGBERT PESHA  ALLOCIOUS RUZIWA  AUTHER MAKUVAZA  SAKARIA IINOLOMBO
By: Taysha Johnson. What is an insider threat? 1.A current or former employee, contractor, or other business partner who has or had authorized access.
Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.
Protecting Your Assets By Preventing Identity Theft
HIPAA Privacy and Security
Insiders are Today’s Biggest Security Threat
Aloka Krishnan Chandran Mudhliar John Cann Nihar Sanghvi
Business Partner Screening
Cleared Employee Security Training
Joint Force Headquarters-Michigan CCIRs and PIRs
INSIDER THREAT AWARENESS
Joint Force Headquarters-Michigan CCIRs and PIRs
Initial Security Indoctrination
An Introduction to Public Records Office of the General Counsel
Cybersecurity Awareness
Instructions To Play the Counterintelligence Magic 8-Ball game, go to the “Slide Show” menu and select the “From Beginning” icon. Once the game launches,
2007 Computer End User Training
Chapter 12: Fraud Schemes & Fraud Detection
Overall Classification of this Briefing is UNCLASSIFIED
Workplace Violence Rich Lobdell 4/8/2019.
Premier Employee Program Version 4.0
CCP 420: FRAUD DETECTION AND MANAGEMENT
Accounting Information Systems & Computer Fraud
Presentation transcript:

Insider Threat Awareness Combating the ENEMY Within The insider threat is not new. Since the American Revolution, ‘trusted agents’ of the United States have betrayed our Nation. Today the opportunities for betrayal are easier, based on the increase in the number of personnel with access to sensitive information; the ease at which information can be transmitted (internet) and the growing demand from multiple ‘customers’. Presidential Directive issued for the development and implementation of Insider Threat Programs for all Executive Departments and Agencies. DoD 5205.16, dated 30 Sep 14, is in response to this directive. During this session will take a look at the insider threat and the role you play in combating this threat. The intent of this training session is not to make you a counterintelligence agent, but to increase your awareness of the insider threat. Mr. Richard Barnard Command Security Manager MCIEAST-MCB Camp Lejeune

Insider Threat Awareness What is an Insider Threat? Indicators of Insider Threat General Suspicious Behaviors Reporting Potential Insider Threats Self-Graded Examination We will discuss these topics and the various elements within these topics which will help you to understand how to identify and report an insider threat. At the end of this slide presentation, we will take a look at a video produced by the FBI which will take us through each of these elements and test your ability to identify these elements in the storyline of this video.

What is an Insider Threat? A person using his or her authorized access, wittingly or unwittingly, to do harm to the national security and industry. Insider Threats also include: Criminal activity – including theft and fraud Safety – including active shooter incidents Financial harm to industry – stealing unclassified, but sensitive or proprietary information ‘Insiders’ have caused more damage to our national security than trained, foreign professional intelligence officers. Why – because we are looking for them and have implemented programs to identify and mitigate or prevent the adverse impact on national security. More than ever, we need to start looking within for threats to our national security. Wittingly (fully aware of the damage you could be causing) or unwittingly (don’t have a clue if what you are doing could be damaging) – IMPACT IS THE SAME. Authorized Access – doesn’t have to be classified. It could be unclassified, sensitive, personal or financial information that a person has access to that could be detrimental.

Results of Insider Threats: Loss/compromise of classified, export controlled, or proprietary information Weapons systems cloned, destroyed, or countered Loss of technological superiority Economic loss Loss of life The relative impacts of the insider threat cannot be measured in dollars alone, as they can be far-reaching, long-term and fatal. Do you think any of these apply to By Light?

First Line of Defense – YOU! Recognizing and Reporting Potential Insider Threats: Recruitment Information Collection Information Transmittal General Suspicious Behaviors We will take a look at each of these areas to gain a great understanding of your role in identifying and reporting the insider threat. You could call this the modus operandi. Usually, the recruitment starts and ends customer with a foreign agency.

Insider Threat Indicators Recruitment Unreported request for critical assets outside official channels Unreported or frequent foreign travel Suspicious foreign contacts Contact with individuals known or suspected to be associated with foreign intelligence, security, or terrorism Unreported offers of financial assistance, gifts, or favors by foreign national or stranger Suspected recruitment of employee by foreign or domestic competitive companies It’s not always who you know that can help you get what you want… it’s what they know on you. You should always attempt to maintain a low profile when talking with strangers and report any incidences of attempts by personnel you suspect may be targeting you. How does someone get recruited? Typically, a weakness is identified and targeted. Money, sex or pride (power). What kind of information do you post on social media that could be targeted?

Insider Threat Indicators (cont.) Information Collection Using unclassified medium to transmit classified materials Discussing classified materials on a non-secure telephone Removing classification markings from documents Unauthorized downloading or copying of files Keeping classified materials/critical assets in unauthorized locations Attempting to or accessing sensitive information, critical assets, or information systems when not required or without authorization Asking others to obtain critical assets to which the requestor does not have authorized access Operating unauthorized cameras, recording devices, computers, or modems where critical assets are stored/discussed/processed Unauthorized downloading/copying of files (especially employees who have given notice of termination of employment). What about the person who has been given a termination notice, or knows they about to get one, and all of a sudden they are the best workers ever… staying late each night, taking on more responsibility (outside the scope of their normal duties), just a little more curious about things than before??

Insider Threat Indicators (cont.) Information Transmittal Removing critical assets from the work area without authorization Extensively reproducing/transmitting critical asset-related information beyond job requirements Discussing critical asset-related information in public or on a non- secure telephone Using an unauthorized fax or computer to transmit classified information Attempting to conceal foreign travel – business or personal Improperly removing classification markings from documents As I stated earlier, the ease of transmitting information has made it more complicated to detect when an insider threat may have occurred. Electronic transmissions, hand-carrying.

General Suspicious Behaviors Attempts to expand access to critical assets by repeatedly volunteering for duties beyond normal job responsibilities Performs repeated or unrequired work outside of normal hours, especially unaccompanied Repeated security violations Engagement in illegal activity or requesting others to do so Unexplained or undue affluence explained by inheritance, luck in gambling, or some business venture Sudden reversal of financial situation or repayment of large debts One or two indicators does not necessarily mean a person is an insider threat, just as not every suspicious circumstance or behavior represents a spy within our midst. But, these are indicators that could raise an eyebrow or two.

General Suspicious Behaviors (cont.) Attempts to compromise personnel with access to critical assets special treatment, favors, gifts, money or other means Displays questionable loyalty to U.S. Government or company Behaviors associated with disgruntled employees: Conflicts with supervisors and coworkers Decline in work performance Tardiness Unexplained absenteeism Sometimes, it might be your gut just talking to you, where something just doesn’t seem right. Sometimes folks do get unhappy or frustrated… doesn’t necessary mean they are an insider threat – but, could be someone uses that to target them.

If you suspect a potential Insider Threat You MUST report it! Contact your: MCIEAST Security Manager, Mr. Richard Barnard e-mail: richard.barnard@usmc.mil phone: 910-451-3568/3563 Your security manager should be your first stop, if you suspect an insider threat. It may not be easy, but it is the right thing to do. Questions you may ask yourself… How much or too little should be reported? Remember – you may have only a small part of the bigger picture – but, it is that small piece that could bring everything into focus.

Failure to Report Risks YOUR physical security, the Information Security of your organization, and the security of the United States! Risks YOU: Losing your security clearance Losing your employment Facing possible criminal charges If you have to consider the fact that if you don’t report it, no one else will. It is up to you. You don’t want to become an over-zealous reporter, but you also don’t want to not report something and later find out it was too late.

Remember – YOU are the First Line of Defense! If you suspect a potential Insider Threat, You must report it! Reporting is not an option, it is an obligation. MCIEAST-MCB Camp Lejeune military, civilian, and contractor personnel shall report adverse information coming to their attention concerning any of their cleared employees. Reports based on rumor or innuendo should not be made. The subsequent termination of employment of an employee does not obviate the requirement to submit this report.

Actual Occurrences of Insider Threats DSS Counterintelligence Reports http://www.dss.mil/isp/count_intell/ci_reports.html DHS US CERT and FBI http://www.fbi.gov/news/stories/story-index/cyber-crimes https:// www.cert.org/insider-threat/ This concludes the presentation of the training material. We will now look at a video produced by the FBI back in 2011 which portrays an insider threat that occurred within the FBI. Although the actual incident is not true, it does incorporate elements from various, actual incidences involving FBI personnel. As you watch the video, see how many ‘indicators’ you can identify. At the conclusion of the video, and if we have time, we will engage in a Q&A to see how much you learned and give you an opportunity share what you learned. Keep in mind, the FBI only invested $300K in the production of this video, so you will not see any ‘name brand’ actors. Some of the indicators will be easier to pick up on than others and you may see them repeated. The intent of the video is not to make you a counterintelligence agent, but to make you aware of how things can happen when a person is vulnerable and how we all have a responsibility and obligation to report suspicious behavior.

Q&A General comments about the video… Do you believe it provided some insight into the various elements involved with the Insider Threat? How do you believe this person was recruited? What were some of the suspicious behaviors observed by the co-workers that indicated something wasn’t right? Could something like this happen to By Light? How/Why? What do you believe was the end result for the other team members?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.