Presentation is loading. Please wait.

Presentation is loading. Please wait.

Creating an Insider Threat Program.

Published byDorothy Phillips Modified over 9 years ago

Similar presentations

Presentation on theme: "Creating an Insider Threat Program."— Presentation transcript:

1 Creating an Insider Threat Program

2 Donald Fulton Counterintelligence Programs Manager
Facility Technology Services, Inc.

3 Insider Threat 1 August 2014 – DSS/NISPOM
Industrial Security Representatives NISPOM Conforming Change 2 pending ???? Insider Threat

4 Agenda History Key Terms Purpose Documents Resources Requirements
Recommendations Agenda

5 The Reason PFC Bradley Manning Arrested 27 May 2010 700,000 documents
Found guilty on 17 counts Sentenced to 35 years The Reason

6 Insider Threat Intelligence Analyst TS/SCI eligibility
Emotional instability Security Violations Personal and government IT Behavioral Problems/Assault Poor security practices in unit Insider Threat

7 7 October 2011 Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information National Insider Threat Task Force Shall be binding on the executive branch E.O

8 National Insider Threat Task Force
US Attorney General Federal Bureau of Investigation Director National Intelligence National Counterintelligence Executive Assist agencies in developing and implementing their insider threat programs, National Insider Threat Policy NITTF

9 Policy National Insider Threat Policy NITTF November 2012
Minimum Standards Policy

10 Acts of commission or omission by an insider who intentionally or unintentionally compromises or potentially compromises DoD’s ability to accomplish its mission. These acts include, but are not limited to, espionage, unauthorized disclosure of information, and any other activity resulting in the loss or degradation of departmental resources or capabilities. DoD Definition

11 Deter, detect, and mitigate compromises of classified information by malicious insiders
Safeguarding classified information from exploitation, compromise, or unauthorized disclosure Does not erode civil liberties, civil rights, or privacy protections for government employees Purpose

12 Minimum Requirements Designate insider threat senior official
Annual Reporting Oversight mechanism Analytic capability Establish reporting procedures Fully trained Insider Threat personnel (NITTF) Access to employee information Network monitoring (AIS) Employee training and awareness Six months to implement Minimum Requirements

13 Don’t Panic Designate Insider Threat Senior Official Annual Reporting
Oversight mechanism Analytic capability Establish reporting procedures Fully trained Insider Threat personnel (NITTF) Access to employee information Network monitoring (AIS) Employee training and awareness Six months to implement Don’t Panic

14 Insider Threat Reporting Network Monitoring Attempts to expand access
Disregard for security practices Suspicious behavior/contacts Attempts to expand access Financial vulnerabilities Foreign influence of connections Attempts to expand access Disregard for security practices Network misuse Removing/downloading classified Insider Threat

15 EO 13587 National Insider Threat Policy and Minimum Standards Insider Threat Senior Official Appointment Letter Insider Threat Awareness Training Company Insider Threat Policy Company Insider Threat Annual Report Documents

16 Resources National Insider Threat Task Force
Center for Development of Security Excellence Defense Security Service Resources

17 Senior Official Cleared at the same level as Facility Clearance
Senior Management/KMP level May be Facility Security Officer Company Senior Leadership must support Must have appropriate authority Senior Official

18 Training Within 30 days for initial Annual refresher
Mirrors current NISPOM requirement for security training Training

19 Reporting Potential Threat Activity Insider Threat Senior Official
Human Resources Personnel Security Physical Security Network Monitoring Employee Reporting Disciplinary Action Counterespionage Investigation Potential Threat Activity Reporting

20 Analysis Insider Threat Analysis Physical Security Human Resources
Information Technology Legal/Law Enforcement Counterintelligence Analysis

21 Agenda History Key Terms Purpose Documents Resources Requirements
Recommendations Agenda

22 Donald Fulton Counterintelligence Programs Manager Facility Technology Services, Inc Ext Questions

Download ppt "Creating an Insider Threat Program."

Similar presentations

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.

Annual Security Refresher Briefing Note: All classified markings contained within this presentation are for training purposes.
Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,

Chapter 10. Understand the importance of establishing a health care organization-wide security program. Identify significant threats—internal, external,
Section Six: Foreign Ownership, Control, or Influence (FOCI)

Section Six: Foreign Ownership, Control, or Influence (FOCI)
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.

What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf.
Industrial Security 2010 Worldwide Security Conference.

Industrial Security 2010 Worldwide Security Conference.
Defense Security Service Facility Clearance Branch (FCB)

Defense Security Service Facility Clearance Branch (FCB)
NISPOM Update for JSAC Workshop

NISPOM Update for JSAC Workshop
The Department of Defense Intelligence Oversight Program

The Department of Defense Intelligence Oversight Program
THE INSIDER THREAT AND DATA LOSS PREVENTION CSCE 727.

THE INSIDER THREAT AND DATA LOSS PREVENTION CSCE 727.
UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.

UNCLASSIFIED Foreign Ownership, Control, or Influence (FOCI) August 2009.
Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.

Congress and Contractor Personal Conflicts of Interest May 21, 2008 Jon Etherton Etherton and Associates, Inc.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
1 July 08, 2010 Information Security Officer Meeting.

1 July 08, 2010 Information Security Officer Meeting.
Risk Assessment Frameworks

Risk Assessment Frameworks
Supplier Ethics: Program Checklist

Supplier Ethics: Program Checklist
1 Creating a Joint Personnel Adjudication System (JPAS) Analysis Report Michael S. Campbell Industrial Security Specialist Defense Security Service San.

1 Creating a Joint Personnel Adjudication System (JPAS) Analysis Report Michael S. Campbell Industrial Security Specialist Defense Security Service San.
Fraud Prevention and Investigation Branch. Fraud Prevention- Everyone’s Responsibility.

Fraud Prevention and Investigation Branch. Fraud Prevention- Everyone’s Responsibility.
Complying With The Federal Information Security Act (FISMA)

Complying With The Federal Information Security Act (FISMA)
Minnesota Adoption of the Green Book April 16, 2015 Jo Kane Internal Control & Accountability Specialist.

Minnesota Adoption of the Green Book April 16, 2015 Jo Kane Internal Control & Accountability Specialist.
National Governor’s Association September 29-30, 2003 Salt Lake City, Utah.

National Governor’s Association September 29-30, 2003 Salt Lake City, Utah.

Similar presentations

Ads by Google