Sunday, March 24, 2013

Combating the Insider Threat

More information here

Insider threat briefings abound, but very few actually identify protection measures against an enterprise insider threat from within the enterprise. Many training opportunities do a good job at describing the threat and the need to prevent such occurrences, but seldom are the right measures identified. Here are four proven ways to protect classified contracts and sensitive company information:
  1. Consult your employees and provide proscribed protective measures found in policy and guidance such as National Industrial Security Program Operating Manual (NISPOM)  and the International Traffic in Arms Regulation (ITAR). This is going to be as simple as interpreting what needs to be protected, what to protect and how to protect classified contract work per written contractual and policy guidelines. Establish rules of engagement with cleared employees, getting their understanding and agreement.
  2. Equally important is to protect proprietary and other sensitive information that may not have established protective measures in place. In this case, the security manager would for a working group consisting of security and knowledgeable employees. Here, the group would determine what was sensitive, identify protection measures and apply them to a written policy.
  3. Train your employees to identify threats. Cleared defense contractors are required to provide security training to their employees annually. Here, they provide updates to security requirements and engage cleared employees with their responsibilities as outlined in NISPOM and industry standards.
  4. Also important is to train on protecting the proprietary information, intellectual property and other sensitive information per policy established by the group. Here, the group has already staffed the policy and received approval from the enterprise to enforce the policy.
  5. Inform your employees-Provide policy, memos and guidance to influence behavior. Then inform the company employees that active measures are in place to identify and punish (or incarcerate) any insider threatening the enterprises information and national secrets. Forewarned is forearmed and the insider threat will be reduced.
  6. Reduce the insider threat opportunity with protective measures. Many protection measures are in place to prevent unauthorized access from those outside the enterprise. Gates, guards, card readers, alarms and other measures protect the castle from those desiring to storm it. But what about the trusted messenger who leaves with the keys to the kingdom. Efforts such as the following are geared toward protecting sensitive information from walking out:
    • Identify and label sensitive information and who is authorized access
    • Consulting measure number 1 before releasing it to anyone
    • Insider identification training
    • Inspections
    • Online activity tracking
    • Email observation
    • Firewall (limiting employees physically and virtually) sensitive items from access to those without need to know

Consider forming working groups with enterprise members outside of the security discipline. Get the subject matter, human resources, legal and program experts together to discuss the issues and come up with solutions. We’ve identified some solutions here, but there are others. Use this as a starting point to inject some energy into stopping employees gone wild.

Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . Jeff is an accomplished writer of non-fiction books, novels and periodicals. He also owns Red bike Publishing. Published books include: "Get Rich in a Niche-Insider's Guide to Self Publishing in a Specialized Industry" and "Commitment-A Novel". Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training" See Red Bike Publishing for print copies of: Army Leadership, The Ranger Handbook, The Army Physical Readiness Manual, Drill and Ceremonies, The ITAR,and The NISPOM

No comments: