INSIDER THREAT AWARENESS

Slides:



Advertisements
Similar presentations
FREEDOM OF INFORMATION EXECUTIVE BRIEFING PART II.
Advertisements

FRAUD AWARENESS 1 Presented by Audit Services. Why is the Prevention and Detection of Fraud/Waste/Abuse Important? It is our responsibility to administer.
Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
Counterintelligence Indicators Presented by Jerome Smith, Facility Security Officer, LAI/EES.
Section Six: Foreign Ownership, Control, or Influence (FOCI)
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
NISPOM Update for JSAC Workshop
Espionage Indicators Updated 08/21/13 U.S. Department of Commerce Office Of Security (OSY) Security is Everyone's Responsibility 1 Briefing.
Section Nine: Reporting Requirements Note: All classified markings contained within this presentation are for training purposes only.
The Department of Defense Intelligence Oversight Program
Espionage Indicators Briefing 1 U.S. Department of Commerce
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.
Internal Control Concepts A Guide for Deans, Directors, and Department Chairs.
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
Session 3 – Information Security Policies
Network security policy: best practices
Computer Security: Principles and Practice
Security Education and Awareness Security 101 February 28, 2007 JSAC.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil March 20, 2015 UNCLASSIFIED Industrial Security.
Defensive Travel Briefing Cheryl L. Wieser Regional Security Officer US Department of Commerce (206) (206) Fax Updated 10/03/11 Security.
Cleared Employee Reporting Requirements. Reporting Regulations  Defense Security Service (DSS)  The National Industrial Security Program Operating Manual(NISPOM)1-300.
DEFENSIVE SECURITY BRIEFING. Employee Responsibilities While Traveling Threat Awareness and Defensive Information Methods.
9/15/20151 Initial Security Indoctrination. 9/15/20152 Agenda Physical Security Personnel Security Information Security Information Assurance Public Release.
ESPIONAGE INDICATORS. ESPIONAGE INDICATORS GUIDE BRIEFING DEPARTMENTAL ADMINISTRATIVE ORDER (DAO ) NOAA ADMINISTRATIVE ORDER (NAO )
Defense Security Service New Rating Process Current as of 10/19/2011.
OFFICE OF THE UNDER SECRETARY OF DEFENSE FOR INTELLIGENCE CI & SECURITY DIRECTORATE, DDI(I&S) Valerie Heil August 12, 2014 UNCLASSIFIED NISPOM Update.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
1 Personnel Security 2007 Data Protection Seminar TMA Privacy Office HEALTH AFFAIRS TRICARE Management Activity.
Section Eleven: Threat Awareness and Defensive Measures Note: All classified markings contained within this presentation are for training purposes only.
THREAT AWARENESS. 1 What is “Threat”? Adversary with intent and capability to act against friendly interests. Other countries Business competitors Criminals.
CENTRA T ECHNOLOGY, I NC. 1 5 Steps To Protect Your Company Katherine D. Mills CENTRA Technology, Inc. Insider Threat:
Chapter 22: Organization and Coordination of Counterterrorism Investigations.
CODE OF CONDUCT TRAINING. We conduct our global business honestly, ethically and legally, believing that good ethics is good business. The Company’s Philosophy.
Sample only Order at Security Awareness Training A threat awareness briefing. A defensive security briefing. An overview of the.
Creating an Insider Threat Program.
Unclassified/FOUO Intelligence Community Directive (ICD) 119 Media Contacts Training.
SECURITY BRIEFING A threat awareness briefing A defensive security briefing An overview of the security classification system Employee reporting obligations.
NISPOM Update for Dulles ISAC
NISPOM Chapter 1 Basics General Requirements Reporting Responsibilities Steven Rivera, FSO July 10, 2013.
Privacy Act United States Army (Managerial Training)
How To Conduct An Administrative Inquiry (AI) Due To A Security Violation
Information Protection The Personnel Security Program (PSP) & Supervisors’ Responsibilities Mr. Connolly.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
Argonne Office of Counterintelligence Intelligence Analysis Division Argonne National Laboratory.
By: Taysha Johnson. What is an insider threat? 1.A current or former employee, contractor, or other business partner who has or had authorized access.
Insider Threat Awareness
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Managing a Security Container
Providing Access to Your Data: Handling sensitive data
Cleared Employee Security Training
NISPOM Basics What You Need to Know!
Sarbanes-Oxley, Internal Control, and Cash
Derivative Classification Overview
Post Government Service Employment Restriction Counseling (18 U. S. C
Red Flags Rule An Introduction County College of Morris
NEW YORK STATE ETHICS LAW
AN OVERVIEW OF THE INDUSTRIAL SECURITY PROGRAM
Operations Security (OPSEC)
HIPAA Privacy and Security Summit 2018 HIPAA Privacy Rule: Compliance Plans, Training, Internal Audits and Patient Rights Widener University Delaware.
Overall Classification of this Briefing is UNCLASSIFIED
Clemson University Red Flags Rule Training
Connections Abuse Prevention Plan 2018.
Intelligence Oversight U.S. Army Inspector General School 1
Electronic Surveillance, Post 9/11
Neopay Practical Guides #2 PSD2 (Should I be worried?)
Accounting Information Systems & Computer Fraud
CF Canada Financial Group
Presentation transcript:

INSIDER THREAT AWARENESS Combating the ENEMY Within Mike Kalinowski Facility Security Officer iGov Technologies Tampa FL

Insider Threat Briefing Purpose of Briefing What is an Insider Threat? Milestones Training Requirements Risk Categories Red Flags Reportable Behaviors Insider Threat Impact 13 Adjudicate Guidelines Actual Insider Threat #1 and #2

Purpose of this Briefing A company can often detect or control when an outsider (non-employee) tries to access company data either physically or electronically, and can mitigate the threat of an outsider stealing company property. However, the thief who is harder to detect and who could cause the most damage is the insider—the employee with legitimate access. That insider may steal solely for personal gain, or that insider may be a “spy”—someone who is stealing company information or products in order to benefit another organization or country.

What is an Insider Threat? An Insider Threat is any person with authorized access to any U.S. Government resources, including personnel, facilities, information, equipment, networks, or systems, who uses that access either wittingly or unwittingly to do harm to the security of the U.S. Other insider threat concerns may include: Criminal activity, including theft and fraud Safety, including an active shooter incident Financial harm to industry by stealing unclassified, but sensitive or proprietary information This threat can include damage to the U.S. through espionage, terrorism, unauthorized disclosure of national security information, or through the loss or degradation of government, company, contract or program information, resources or capabilities

Insider Threat Program Milestones Must have a written program plan in place to begin implementing Insider Threat requirements no later than November 30, 2016 Self-certify to DSS that a written program plan is implemented and current Designate an Insider Threat Program Senior Official (ITPSO) Cleared in connection with the FCL and responsible for establishing and executing the Insider Threat Program Identified as a KMP in e-Fcl Must serve in a position within the organization that has the authority to provide management, accountability, and oversight to effectively implement and manage the requirements of the NISPOM related to the Insider Threat The Insider Threat Program Senior Official may also serve as the FSO Establish an Insider Threat Program Group (ITPG) from offices across the contractor’s facility, based on the organization’s size and operations (Security, HR, Legal, IT, etc.) Monitor employee use of classified networks (EO-13587)(Presidential Memorandum – November 21, 2012) Provide Insider Threat training for Insider Threat Program personnel and awareness for cleared employees ITPSO ITPWG Awareness and training for all employees (cleared Personnel)

Insider Threat Program Training Training on Insider Threat Program Management is required for all personnel assigned duties related to Insider Threat Program Management Provide internal training for Insider Threat Program personnel that includes Topics outlined in NISPOM 3-103a Counterintelligence and Security Fundamentals including applicable issues Procedures for conducting Insider Threat response actions Applicable laws and regulations regarding Gathering Integration Retention Safeguarding Use of records and data Consequences of misuse of such information Applicable legal, civil liberties, and privacy policies After November 30, 2016, new personnel assigned duties related to the Insider Threat Program Management must complete the required training within 30 days of being assigned those duties

Insider Threat Program Training Employee Awareness Training Required for all cleared employees before being granted access to classified information Annually thereafter Must provide internal training programs that include, at a minimum, the topics outlined in NISPOM 3-103b Current and potential threats in the work and personal environment Importance of detecting potential Insider Threats by cleared employees and reporting suspected activity to the Insider Threat Program designee Methodologies of adversaries to recruit trusted insiders and collect classified information (in particular within ISs) Indicators of Insider Threat behavior and procedures to report behavior Counterintelligence and security reporting requirements

Insider Threat Program Training All cleared employees who are not currently in access must complete Insider Threat Awareness training prior to being granted access Cleared employees already in access must complete Insider Threat Awareness training within 12 months of the issuance date of NISPOM Change 2 (No later than 31 May 2017) Must create and maintain records of all employee Insider Threat Awareness program Initial and Refresher training Must include Insider Threat Awareness in annual refresher training

Risk Categories Need or desire for money Conflicting ideologies Psychological factors (adventure, excitement, ego) Blackmail—Compromised reason for spying Foreign Intelligence Entity (FIE) could place you in a compromising position due to existing vulnerabilities Excessive gambling Drug/Alcohol abuse Adultery Any illegal activity and use that would force someone to spy

Red Flags Failure to report foreign travel or foreign contact Seeking to gain higher clearance levels or accesses Engaging in classified conversations without “need to know” Working hours inconsistent with job assignments or insistence on working alone Exploitable behavior traits Repeated security violations Attempting to enter restricted areas without access rights

Reportable Behaviors Information Collection Information Transmittal Keeping classified materials in an unauthorized location Attempting to access sensitive information without authorization Obtaining access to sensitive information inconsistent with present duty requirements Information Transmittal Using an unclassified medium to transmit classified materials Discussing classified materials on a non-secure telephone Removing classification markings from documents Additional Suspicious Behaviors Repeated or unrequired work outside of normal duty hours Sudden reversal of financial situation or a sudden repayment of large debts or loans

Reportable Behaviors Additional Suspicious Behaviors Attempting to conceal foreign travel The above list of behaviors is a small set of examples You should report any additional observed behaviors that may parallel or exceed the listed concerns Not every person who exhibits one or more of these indicators is involved with illicit behavior, but most of the persons who have been involved with espionage were later found to have displayed one or more of these indicators/red flags

Insider Threat Impact An Insider can have a negative impact on national security and industry resulting in Loss or compromise of classified information Loss of export controlled information Loss of proprietary information Weapons systems cloned, destroyed, or countered Loss of technological superiority Economic loss Loss of life

How you can HELP You and your colleagues are the first line of defense against insider threats Help protect our national security by Reporting suspicious behavior that may be related to a potential compromise of classified information Be aware of the actions of those around you and report suspicious behaviors

13 Adjudicate Guidelines

Insider Threat Motto IF YOU SEE SOMETHING SAY SOMETHING

Actual Insider Threat #1

Actual Statements From Insider Threat #1 I put 2 people in a COMA before with my MMA I have been shot before I have been stabbed before in the shoulder I THOUGHT ABOUT KILLING PEOPLE!!!!!! I THINK ABOUT IT OFTEN!!!!!! I’M NOT TRYING TO SCARE YOU BUT THIS IS HOW I THINK!!!!!! NOBODY CAN HELP ME!!!!!!

Actual Insider Threat #2

Actual Insider Threat #2 Background Bullseye with picture of Program Manager Put a Dart in Eye of Program Manager This reference is better know in the Military Community as the KILL SHOT Really brings this to light is the Individuals Military Background!! Former Special forces while in the Military SNIPER!!!!!!!!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.