Insider Threat Mitigation Guide   [open pdf - 5MB]

From the Document: "America's critical infrastructure assets, systems, and networks, regardless of size or function, are susceptible to disruption or harm by an insider, or someone with institutional knowledge and current or prior authorized access. This status makes it possible for current or former employees, contractors, and other trusted insiders to cause significant damage. Insiders have compromised sensitive information, damaged organizational reputation, caused lost revenue, stolen intellectual property, reduced market share, and even harmed people. Allowing America's critical infrastructure to be compromised by an insider could have a debilitating effect on the Nation's economic security, public health, or public safety. [...] This Insider Threat Mitigation Guide is an evolution in the series of resources CISA [Cybersecurity and Infrastructure Security Agency] makes available on insider threats. This 'Guide' draws from the expertise of some of the most reputable experts in the field to provide comprehensive information to help federal, state, local, tribal, and territorial governments; non-governmental organizations; and the private sector establish or enhance an insider threat prevention and mitigation program. Moreover, this 'Guide' accomplishes this objective in a scalable manner that considers the level of maturity and size of the organization. It also contains valuable measures for building and using effective threat management teams. Through a case study approach, this 'Guide' details an actionable framework for an effective insider threat mitigation program: Defining the Threat, Detecting and Identifying the Threat, Assessing the Threat, and Managing the Threat."

Public Domain
Retrieved From:
U.S. Cybersecurity and Infrastructure Security Agency: https://www.cisa.gov/
Media Type:
Help with citations