The U.S. National Counterintelligence and Security Center, has issued a letter of endorsement for the fifth annual National Insider Threat Awareness Month (NITAM)—A month-long campaign that aims to educate government and industry about the risks posed by insider threats and the role of Insider Threat Programs.
Forcepoint Insider Risk Solutions is a User Activity Monitoring (UAM) and Analytics platform that provides analysts and investigators with deep visibility into all user endpoint activity for effective detection programs and resolving anomalous behavior.
When I was a little younger, I remember seeing comic strips published by Mad Magazine called Spy vs. Spy. These comical spy characters would sneak up on one another to switch briefcases, steal information, or cause harm to each other in maniacal ways.
The comic strip was good at making light of spy vs spy behavior. Whatever one spy had the other wanted. Each opposing character using similar tactics against the other.
A spy characterization of insider threats is used to playfully raise awareness of insider threats in this connect-the-dots poster from the Center for Development of Security Excellence (CDSE).
Additional CDSE posters, games and resources can be found at the previous hyperlink,
Even if cliché the spy character portrays the covert nature of Insider threats and raises awareness. With that awareness we might ask ourselves who are insiders and what makes them a threat? What do they look like? Are they spies wearing sunglasses and fedora hats?
I like this NITAM video PSA from the Defense Visual Information Service (DVIDS), that suggests that “we” are all insiders.
Insiders themselves are not threats but have the potential to be if they act with intentional or accidental behaviors that can put protected information at risk. Insiders are those of us trusted to interact with and handle various types of information and to protect it. Insiders are often the first and the last line of defense for protecting information.
What we do with the information we have access to and how we handle it determines if we pose an insider threat or risk to the organizations we work with.
The NITAM slogan for this year is “From Bystander to Upstander”. Where the CDSE states that:
A bystander is someone who witnesses concerning behaviors but may not take action to help mitigate the problem."
"Bystander Engagement is the concept whereby an individual is aware of concerning behaviors, knows how to act on those concerns, and takes appropriate action."
Increased awareness and understanding bystander engagement will strengthen the workforce and safeguard national security. Understanding bystander engagement will empower individuals to act earlier and more often when identifying concerning behaviors.”
There are many resources available to help raise awareness and become more engaged as Upstanders. It takes awareness across an organization to avoid both accidental or malicious disclosure of the information we’re entrusted to protect.
One of the resources I recommend checking out this month is this recent webinar titled “Mastering Insider Risk Management” with good nsight for how to become more aware of and manage insider threats. How to be a better steward of information; protecting it from both intentional and unintentional disclosure.
