September welcomes back to school and the fall season. Additionally, as started in September 2019, the month has been designated as "National Insider Threat Awareness Month (NITAM)."
NITAM is a collaborative effort between the National Counterintelligence and Security Center (NCSC), the National Insider Threat Task Force (NITTF), Office of the Under Secretary of Defense Intelligence and Security (USD(I&S)), Department of Homeland Security (DHS), and Defense Counterintelligence and Security Agency (DCSA) highlighting the importance of detecting, deterring, and reporting insider threats.
NITAM 2020’s focus is on resilience, promoting personal and organizational resilience to mitigate the risk posed by threats from insiders.
What is an insider and an insider threat?
According to the NITTF, “an insider is any person with authorized access to an organization’s resources to include personnel, facilities, information, equipment, networks, or systems”.
An insider threat is defined by the NITTF as “the risk an insider will use their authorized access, wittingly or unwittingly, to do harm to their organization. This can include theft of proprietary information and technology; damage to company facilities, systems or equipment; actual or threatened harm to employees; or other actions that would prevent the company from carrying out its normal business practice.”
2020’s risk environment.
The NCSC explains this year’s “unique risk environment.” With many adjustments created by COVID-19, many employees are teleworking, which may include unreliable or overwhelmed capabilities in technology. Given the current conditions, the NCSC states, “the risks for espionage, unauthorized disclosure, fraud, theft, and even unwitting insider threat actions are higher than ever.”
Steps you can take to mitigate insider threats.
Trusted insiders are capable of committing, whether intentionally or accidentally, disruptive or harmful actions across all sectors of infrastructure and in nearly every organizational setting.
As an organization, you can combat insider threats by following the recommendations from the Cybersecurity and Infrastructure Security Agency (CISA) outlined below:
- Establish an insider threat program.
- Establishing an insider threat program can help organizations detect, deter, and report malicious and unintentional threats.
- Protect assets.
- An insider threat program can prevent critical assets from being harmed by malicious activity or the unintended consequences of a complacent workforce.
- Recognize and report.
- Training and engaging your workforce to recognize and report suspicious activity can aid in the prevention of insider threats.
- Assess and respond.
- A comprehensive program of insider threats may involve the collection and analysis of information from a variety of sources of data, which is constantly changing.
How you can participate in NITAM 2020
Using the theme of resilience, it is recommended that you stay committed to protecting critical information. There are many resources provided by NITAM including a multi-media communications platform packed with welcome messages, games, and videos, graphics and posters, case studies and scenarios, and news and social media posts.
Click here to participate.
You are safe & secure with PrimePay.
Start working with PrimePay today to help keep your business safe and secure. Our service model, proprietary SSAE 18 Type II compliance solutions, and rigorous NIST standards oriented security practices help business owners maximize efficiency at every stage of business growth.
Click here to learn more or fill out the form below.
Disclaimer: Please note that this is not all-inclusive. Our guidance is designed only to give general information on the issues actually covered. It is not intended to be a comprehensive summary of all laws which may be applicable to your situation, treat exhaustively the subjects covered, provide legal advice, or render a legal opinion. Consult your own legal advisor regarding the specific application of the information to your own plan.