Mitigating Insider Threats Within U.S. Critical Infrastructure

The National Counterintelligence and Security Center of the Office of the Director of National Intelligence has released Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence Perspective. This document highlights the importance of mitigating insider threats within U.S. critical infrastructure entities to meet the expanding nature of threats from foreign state and non-state actors. The National Insider Threat Task Force (NITTF) has produced standards to assist organizations in building an effective insider threat program. The model is focused on human behaviors and seeks to identify irregular behavior before significant damage occurs to the organization. “Improving ways to mitigate such threats is in the national interest and in the interests of individual organizations.”

Because critical infrastructure entities have become more reliant on Information and Communications Technologies (ICT), an important tool has been developed to deter and detect insider threats. User Activity Monitoring (UAM) observes and records activities of individuals and flags anomalous behavior. UAM differs from traditional cybersecurity tools by not focusing on information flowing out of an organization, but observing human behavior where it occurs. Foreign adversaries often target insiders within organizations they seek to exploit. Although this technology is a potent tool, the most effective “sensors” for insider threats are managers and other employees observing behaviors in the real world.

Threat awareness is the first step to successful mitigation. Industry and government must share a sense of organizational citizenship and become a shared responsibility among employees — assuming they are willing and trusted to communicate their concerns.

Understanding the ways in which insider threats can wreak havoc on organizational reputations, bottom lines, intellectual property, public safety, workplace safety, and U.S. national and economic security are crucial for success in this realm.

For more information, check out Featured Topics on Cyber Crime & National Security and Cyber Infrastructure Protection. Please note an HSDL login is required to view some of these resources.

Need help finding something? Ask one of our librarians for assistance!

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Mitigating Insider Threats Within U.S. Critical Infrastructure

More from the HSDL Blog

Helping Communities to Plan for Disasters

Global Information Manipulation

Global Organized Crime Index 2023

Strategy to Combat Illicit Opioids