Insider Threat Program Development - Management Resources
Insider
Threat Detection & Mitigation Resources
Workplace Violence Mitigation Resources
Below are
various resources to assist you with your Insider Threat Program
Development / Management and Insider Threat Detection and Mitigation
efforts...
U.S. Government Insider Threat Program Policies
National Insider Threat Policy
USDA Insider Threat Program Policy
GSA Insider Threat Program Policy
Department Of Treasury Insider Threat Program Policy
Department Of Energy Insider Threat Program Policy
Department Of Justice Insider Threat Program Policy
NASA Insider Threat Program Policy
NRC
Insider Threat Program Policy & Implementation Plan
Defense
Security Service Insider Threat Identification And Mitigation Program
Policy
Navy Bureau Of Medicine And Surgery Insider Threat Program Policy
U.S. Marines Insider
Threat Program Policy
Peace Corps
Insider Threat Program Policy
DoD Insider Threat Management
Analysis Center FAQ
DoD Insider Threat
Management Analysis Center Presentation
COVID Vaccine Mandate
And Insider Threat Implications
The perfect employee
has the potential to now be turned into a disgruntled employee. This is
not an assumption. It is based on real world conversations the NITSIG
and our members have had with employees who do not want to be forced to
take the vaccine, and are concerned with losing their job. (Loss Of
Their Paychecks, Health Insurance Benefits, Etc.)
The NITSIG and our
members are not looking at the vaccine mandate from a political
perspective. We are only concerned with the potential threats from
employees who may take malicious actions against their employers, if
they decide not to get vaccinated and our released from the jobs.
The document posted on
this link provides guidance and best practices for dealing with
potentially disgruntled employees. It was produced by the NITSIG and the
Insider Threat Defense Group .
Insider Threat Program
Maturity Model Report (2019)
The Veriato Insider Threat Program (ITP) Maturity Model report was
created to help security professionals assess their organization’s
ability to monitor for, detect, and respond to insider threats.
The report is an extensive 23 page document developed to assess the
several maturity stages that companies go through when implementing an
ITP. The document will aid ITP Managers in advancing their individual
ITP's.
By using a maturity model for reference, organizations can see where
their ITP needs improvement, working towards an Optimized level of
maturity.
To provide context around the current state of ITP's, Veriato surveyed
150 information security professionals to see at what level their ITP is
in, and what’s influencing it. We’ve included this data in the report to
provide you with insight into the necessary steps to mature your current
ITP. (Source)
Insider Threat Program Maturity Framework (2018)
The National Threat Task Force (NITTF) released the Insider Threat
Program Maturity Framework on November 1, 2018.
The Framework is an aid
for advancing federal agencies’ programs beyond the Minimum Standards,
and builds upon best practices found in the 2017 NITTF Insider Threat
Guide.
The goal is to help
programs become more proactive, comprehensive, and better postured to
deter, detect, and mitigate insider threat risk. (Source)
Insider Threat Program Development - Management Training Providers
Insider Threat Program
Development-Management Training
(Offered By Insider Threat Defense Group - 2 Day Instructor Led
Class)
Insider Threat Program
Development - Management Training
(Offered By Insider Threat Defense Group - 1 Day Web Based Training)
Co-Instructor Attorney Shawn Thompson - NITSIG
Advisory Board Member /
Legal Advisor
)
Insider Threat Program Management With Legal Guidance Training
(Offered By Insider Threat Defense Group - Insider Threat Management Group) (2
Day Instructor Led Class)
National Insider Threat Policy - NISPOM Conforming Change 2
Training
(Offered By Insider Threat Defense Group - 2 Day Instructor Led
Class)
Insider Threat Program Development - Management Training Resources
Insider Threat Program Training - It Starts With Security 101
Foundations
Insider Threat Program Development - Management Manual
Ebook Insider Threat Program - 90 Day Plan (Written By Attorney
Shawn Thompson - NITSIG
Advisory Board Member /
Legal Advisor
)
DSS CDSE Resource Guide For Insider Threat Program Related Training
DoD Insider Threat Program Best Practices For Training
Effective Insider Threat Programs: Understanding And Avoiding Potential
Pitfalls (CMU ITC)
Insider Threat Program Development - Management Training Webinars
How To Build An
Insider Threat Program (Jim Henderson - NITSIG Founder / Chairman)
Insider Threat Management Program Guide (Written By Attorney Shawn Thompson -
NITSIG
Advisory Board Member
/ Legal Advisor)
Insider Threat Program Information For Defense Contractors
DSS NISPOM
Conforming Change 2 Information
On this DSS link
www.dss.mil/it/index.html you will find the information below:
-
DSS Insider Threat
Industrial Security Letter (ISL) - Insider Threat Program Requirements
-
DSS ODAA Process
Manual (This Manual Will Outline What Needs To Be Monitored On
Classified Information Systems. See Pages 71-72)
-
Appointments of
Insider Threat Program Senior Officials (ITPSO) (e-FCL)
-
NISP Self-Inspection
Handbook for NISP Contractors (With Insider Threat Section Pages 61-67)
(DIB Contractors Will Be Required To Perform Self Assessments)
-
DSS Insider Threat
Program Job Aid
-
Updated NISP Manual
(NISPOM) With Conforming Change 2
-
NISPOM Summary of
Changes
DSS Establishing An Insider Threat Program for Your Organization.zip
Insider Threat Programs - How To Get Started
(Presentation)
DSS NISPOM Adverse Information Reporting Requirements Presentation
(March 2014)
DSS NISPOM Adverse Information Reporting Guide
DSS Webinar: Adverse Information Reporting
DSS NISP
Reporting Requirements Training
DSS Potential Espionage Indicators - Detecting Actions Outside The Norm
DSS Administrative Inquiry (AI) Job Aid For Industry
Cleared Employee Reporting Requirements.doc
DoD / NISP Special Access Programs (SAP)
DoD Special Access Program Security Manual - General Procedures
DSS SAP Security Inspection Checklist
Guidance On The
Legal Aspects Of Insider Threat Programs
Insider Threat
Law - Balancing Privacy And Protection Webinar
(By Attorney Shawn Thompson - NITSIG
Advisory Board Member /
Legal Advisor
)
Identifying And Safeguarding Personally Identifiable Information
(DISA)
Laws And Regulations Related To Insider Threats - Espionage-Fraud
Insider Threat Best Practices Guide
(Securities Industry &
Financial Markets Association (SIFMA) -
Legal Guidance
Pages 18-27)
Insider Threat Best Practices Guide
(SIFMA 2nd Edition )
Workplace Privacy And Employee Monitoring Guidance (Privacy
Rights Clearinghouse)
Criminal Prohibitions On The Publication of Classified Defense
Information
DOJ Prosecuting Computer Crimes Manual
Classified
Information Nondisclosure Agreement SF312 Briefing Booklet
(See Page 9 To Page 19 For Legislative & Executive Authorities. The Pages Should
Be Briefed And Signed By The Individual Signing The SF312)
Security Clearance Adjudicative Guidelines
Top Reasons For Security Clearance Denial In 2019
DSS 2017 National Security Adjudicative Guidelines Job Aid
DoD PERSEREC Adjudicative Desk Reference- Version 4 - March 2014
Employee Hiring / Background Investigations / Separations - Terminations
Human Resources And Insider Threat Mitigation - A Powerful Pairing
Human Resources Role In Preventing Insider Threats
The Safe
Hiring Manual (By Attorney Lester Rosen)
Online Safe Hiring Certification Training Course (By Attorney Lester
Rosen)
Top Ten Background Check Trends
Background Checks - What Employers Need to Know
(Federal Trade Commission)
Background Checks - Common Ways Prospective Or Current Employees Sue
Employers Under The FCRA
Ten Potential Dangers When Using Social Media Background Checks
Workplace Investigations Overview - Basic Issues For Employers / Legal
Considerations
Best Practices For Protecting Your Data When Employees Leave Your
Company
Supervisors Guide To Employee Separation
Employee Termination Best Practices
Employee
Separation Checklist-1
Employee
Separation Checklist-2
Employee Continuous Monitoring And Reporting
DNI Employee Continuous Evaluation For Security Clearance Holders FAQs
Insider Threat Detection And Mitigation Using External Data Sources
The Use of Publicly Available Electronic Information For Insider Threat
Monitoring
Continuous Screening of Employees Will Gain More Acceptance As Critical
Post-Hire Due Diligence Tool
Endera EBook: 5 Reasons Background Screenings Are Obsolete
Endera Employee Continuous
Monitoring Service Overview
CLEAR Online Investigative Platform Investigation By Thomson Reuters
IDI Employee Risk
Management-Investigation Solutions
TLOXP Employee Risk
Management-Investigation Solutions By Transunion
Insider Threat Awareness & Incident Response Flowchart For DoD
This guide /
flowchart assists in three areas. First, it aides military leaders and
all personnel to be aware of the indicators associated with insider
threat activity while serving in a partnering environment. Second, this
guide informs commanders and other leaders by giving them options on how
to mitigate insider threat activities. Lastly, this guide is meant to
generate open dialogue between coalition partners and partner nation
personnel. Partnering in itself is a sensitive mission and only by
creating trust and having an open dialogue with all forces will the
mission be accomplished. This guide is not all encompassing so there are
other options a commander has dependent on their operating environment.
Insider Threats In Partnering
Environments Flowchart For DoD
Insider Threat Behavioral Indicators
Behavioral Analysis In Insider Threat Programs Webinar (Dr. Robert Gallagher
- NITSIG Advisory Board Member / Scientific Director)
Behavioral Indicators And The Critical Pathway To Insider Threats (DITMAC - Dr.
Gallagher)
Assessing The Mind Of The Malicious Insider
Behavioral Indicators Of Concern
For Insider Threat Programs
Part 1
Behavioral Indicators Of Concern
For Insider Threat Programs
Part 2
Behavioral Indicators For Malicious Insider Theft Of Intellectual
Property
DCSA Roles And Responsibilities For Personnel Security - A Guide For
Supervisors
DCSA
Behavioral Indicators Brochure
Insider Threat Behavioral Science
Application Of The Critical-Path Method To Evaluate Insider Risks
Insider Threat & Counterintelligence Awareness Training Resources
DoDD
5240.06 - Counterintelligence Awareness And Reporting
DNI Insider
Threat Awareness Web Based Training
DSS Insider Threat
Awareness Web Based Training
DSS Insider Threat Awareness Course Student Guide
DSS
Insider Threat Professional Toolkit Awareness & Training
DSS Insider Threat Awareness Trifold - What To Report
DSS
Roles And Responsibilities For Personnel Security- A Guide For
Supervisors
DSS How To Receive And Maintain A Security Clearance
DSS
Elicitation And Recruitment Brochure
DOD
Security Clearance Briefing
(Presentation)
FBI The Insider Threat - An Introduction To Detecting And Deterring
An Insider Spy
FBI Economic Espionage - How To Spot A Possible Insider Threat
FBI Counterintelligence
FBI Elicitation Techniques
Army Threat Awareness And Reporting Program Regulation 381-12 -- June
2016
DSS, DHS, FBI Insider Threat Awareness Training Resources
NSA
Insider Threat Brochure
US CERT- Combating The Insider Threat
NCSC Countering Foreign Intelligence Threat - Implementation & Best
Practices Guide
Espionage- Insider Threat Indicators Briefing - Dept Of Commerce
Insider Threat Awareness Briefing - US Marines
Insider Threat Awareness Briefing
Insider Threat & Espionage Awareness Videos
FBI
Movie - The Company Man
(Watch On-Line / Download)
FBI Movie: Game Of
Pawns (Watch On Internet Or Download)
FBI Movie: Betrayed
(Request Showing By FBI At Your Organization)
Voices Of The
Betrayed - Co-Workers Speak About The People They Knew And Trusted
Witness To
History: The Investigation of Robert Hansen
Terminal Risk Economic And
Industrial Espionage Awareness Videos
60 Minutes - Espionage Stealing America's Secrets
Insider
Threat / Espionage Posters
Insider Threat Security Poster - Your Name Here
Insider
Threat - Hidden Threat Poster
Uncle
Sam - Insider Threat Poster
Preventing Espionage - CI-Security Programs Poster
Robert Hansen Poster
Espionage Does Pay - Prison Is The Bank Poster
National
Counterintelligence And Security Center Posters
Army Poster- Indicators Of Potential Terrorist / Associated Insider
Threat
Insider Threat Mitigation Guidance
Preventing Insider Threats Starts With The Risk Management 101
Insider Threats: A
Worst Practices Guide To Preventing Leaks, Thefts, Attacks, and Sabotage
(Video)
A Worst Practices Guide To Insider Threats: Lessons From Past Mistakes
Security Policies To Reduce Insider Threats
Teleworking Guidance To Mitigate Employee Risks
CERT Insider
Threat Chart
(Threats Vs. Damages)
DHS
CERT Combating The Insider Threat
CISA 2020 Insider Threat Mitigation Guide
CERT Top 10 List For Winning The Battle Against Insider Threats
Insider Threat Best Practices Guide
(Securities Industry &
Financial Markets Association)
SANS Insider Threat Mitigation Guidance
Guidance For
Reducing Insider Risk
Intel Insider Threat Field Guide
The Definitive Guide To Security Inside the Perimeter
Insider Threat Mitigation Checklists
National Insider Threat Task Force - Best Practices Guide For Insider Threat
CERT Common Sense Guide To Mitigating Insider Threats -
6th Edition
CERT Insider Threat Risk Mitigation Best Practices - Mapped To NIST
SP800-53 Security Controls
CERT Insider Threat Risk Mitigation Best Practices
Insider Threat Risk Mitigation Checklist
(Based Of Of
CERT Insider Threat Risk Mitigation Best Practices)
DoD PERSEREC- Insider Risk Evaluation And Audit Tool Checklist
Considerations For Outsourcing Work To Third Party Contractors Checklist
Data Loss Prevention And Protection
Data Lifecycle
Security
Data Leakage
For Dummies
Best Practices For Protecting Data When Employees Leave Your Company
10 Indicators Of Data Abuse With Case Studies
Code42 2020 Data Exposure Report
DoD
PERSERC Report - How Trusted Insiders Exfiltrated Data In The DoD
3M Visual Hacking Experiment - How Trusted Insiders Stole Data From
Companies
Data
Loss Prevention Policy-1
Data
Loss Prevention Policy-2
Data
Loss Prevention Policy-3
Data
Loss Prevention Procedures
Data
Security Policies Examples
GDPR Internal Data Protection Policy
Experian Data Breach Response Guide
Data
Breach Response Checklist
Trade Secret Theft And Protection
Protecting Trade Secrets From Employee Theft
Protecting Your Trade Secrets Part 1
Protecting Your Trade Secrets Part 2
Insider Threat User Activity Monitoring (UAM) Guidance / Tools
Workplace Privacy And Employee Monitoring Guidance (Privacy
Rights Clearinghouse)
Guidance For
Implementing An Employee User Activity Monitoring Program
5 Security Technologies That Address Insider Threat
DSS CDSE Webinar: User Activity Monitoring In Insider Threat Programs
Insider Threat Red Flags Indicators Checklist
(DTex Systems)
Insider Threat Red Flags Indicators Checklist
(ObserveIT)
UAM Tools
Free USB
Security Test - Will Your Employee's Plug In A USB Device They Find?
Veriato 360
Dtex
Varonis
ObserveIT
Securonix
Digital Guardian
Raytheon
/ Force Point
Employee Fraud And Embezzlement
What is Employee Fraud / Embezzlement?
The United States Department of Justice defines Embezzlement as: The
fraudulent appropriation of property by a person to whom such property
has been entrusted, or into whose hands it has lawfully come.
Embezzlement can occur when an employee trusted with the handling of
company property (Usually Funds $$$) decides to take some or all of that
property for themselves. This may be as simple as a cashier pocketing a
few dollars during a transaction, or as complex as a senior manager
creating false invoices for fictitious companies in their own name.
The definition of Fraud commonly includes activities such as Theft,
Corruption, Conspiracy, Embezzlement, Money Laundering, Bribery End
extortion. Fraud essentially involves using deception to dishonestly
make a personal gain for oneself and / or create a loss for another.
Although definitions vary, most are based around these general themes.
The legal definition varies from country to country.
Fraud can apply to any irregularity, or suspected irregularity,
involving employees as well as shareholders, consultants, vendors,
contractors, outside agencies doing business with employees of such
agencies, and / or any other parties having a business relationship with
a company.
The 2020 Association of Certified Fraud Examiners Fraud Report
describes numerous examples of fraud on
page 86.
A Fraud Prevention Checklist can be found on page 84.
The
2018 Hiscox Embezzlement Study - An Insider’s View of Employee
Theft, is another great source for information on employee embezzlement.
The traditional norm or mindset that Malicious Insiders just steal
classified information, an organizations data, trade secrets or other
sensitive information, is no longer the case. The
Insider Threat Incidents E-Magazine contains a large number of
incidents showing that over the the last year there has been a drastic
increase in various forms of fraud and financial fraud / embezzlement
committed by employees.
Another form of fraud known as CEO Fraud or Business Email Compromise
involves a sophisticated scam targeting businesses that regularly
perform wire transfer payments. The scam is carried out by compromising
legitimate business e-mail accounts, such as the CEO, through social
engineering or computer intrusion techniques to conduct unauthorized
transfers of funds. More Information:
CEO Fraud Prevention Manual By KnowBe4
Fraud Prevention Resources
What Small Business Owners Needs to Know about Embezzlement
41 Types Of Fraud And How To Detect And Prevent Them
Fraud
Awareness Training Video (On-line / Free)
Fraud
Awareness Guide
Employee Fraud - Case Studies Of Typical Schemes
Employee Embezzlement Guide
Managing The Business Risk Of Fraud Guide
Fraud Risk Management Guide
Fraud
Prevention Handbook
GSA
Procurement Fraud Handbook
DoD Fraud Red Flags and Indicators
Fraud Prevention Policies
Employee Fraud Policy-1
Employee Fraud Policy-2
Employee Fraud Policy-3
Personally Identifiable information (PII) / Data Breach Response
PII Poster
DOD DD2923 - Privacy Act Data Cover Sheet
DHS Handbook For Safeguarding Sensitive Personally Identifiable
Information
Health & Human Services - Policy For Responding To Breaches Of PII
Protecting Controlled Unclassified Information (CUI)
This
page contains various resources to assist with developing,
implementing and managing a CUI Protection Program.
CUI is information
that requires safeguarding or dissemination controls pursuant to and
consistent with applicable law, regulations, and government-wide
policies, but is not classified under Executive Order 13526 or the
Atomic Energy Act, as amended.
Insider Threats To The Critical Infrastructure
Workplace Violence Prevention / Active Shooter-Assailant Incidents
According to
the Occupational Safety and Health Administration (OSHA),
approximately 2 million employees are victims
of workplace violence each year. 18% of violent crimes are
committed at the workplace, and roughly 800 workplace homicides
occur each year. Between January 2009 and July 2015, there were 133
mass shootings in the workplace and shootings account for 78 % of
all workplace homicides. Violence in the workplace must be a top
concern for employers, as no organization is immune from workplace
violence and no organization can completely prevent it. (Source)
NITSIG
Insider Threat Workplace Violence E-Magazine
(Workplace Violence Incidents)
UPS,
Others Sued Over San Francisco Workplace Shooting
Responding To Violence In the Workplace – A “Catch 22” For Employers
Workplace Violence Prevention / Active Shooter-Assailant Guidance
OSHA Workplace
Violence Website
OSHA Workplace Violence Presentation
OSHA
Workplace Violence Factsheet
Workplace Violence Program Mitigation Flowchart
Workplace Violence Prevention And Intervention Standard (Developed
By ASIS International & Society for Human Resource Management)
FBI
Workplace Violence Guidance
Violence In The Federal Workplace - A Guide For Prevention And Response
Taking Threats Seriously: Establishing A Threat Assessment Team
21 Ways To Prevent Workplace Violence In Your Organization
Preventing Violence In The Workplace
Presentation
(National Crime Prevention Council)
U.S. Department Of Labor Workplace Violence Prevention Program
U.S. Coast Guard Workplace Violence And Threatening Behavior Instruction
USDA Handbook On
Workplace Violence Prevention And Response
Duke University Workplace Violence Prevention And Response Policy
Boston University Workplace Violence Prevention Policy
University At Buffalo New York Workplace Violence Prevention Policy
City University Of New York Campus And Workplace Violence Prevention
Policy
Sample Workplace Violence Prevention Plan
DSS Active Shooter Response Plan
State Alabama Active Shooter Strategic Response Plan
Active Shooter Preparedness Checklist
Maryland Active Assailant Guidance
Active Shooter & Hostile Event Guide
DHS Planning And Response To An Active Shooter - Best Practices Guide
DHS Active Shooter-How To Respond
DHS Active
Shooter Preparedness Resources
(Active Shooter Booklet,
Pamphlet, Poster, Pocket Card)
FBI Active Shooter Resources
Active Shooter-Active Assailant Guidance & Resources
Crime Prevention Through Environmental Design Concepts
Workplace Violence Prevention / Active Shooter-Assailant Awareness
Training
DSS
Workplace Violence Toolkist
DHS Active Shooter
Emergency Action Plan Video
FBI Active Shooter
Video - The Coming Storm
RUN HIDE FIGHT
Video - Surviving An Active Shooter Event
DSS Active Shooter Awareness Training Student Guide
FEMA Training Course - Active Shooter What You Can Do
Workplace Violence
Prevention Training Video
(California Department Of
Human Resources)
Active Shooter Detection Systems
Emergency Automatic Gunshot Lockdown System
FireFly Wireless Gunshot Detector
FireFly CityWeb Ballistic Detector
Active Shooter Response System Presented
By NEP3
Guardian Indoor Active Shooter Detection System
Wireless Active Shooter Sensors
