(TLP:CLEAR) UK National Protective Security Authority – Setting the Foundations: Five Principles for a Shared Approach to Insider Risk

Summary: The UK’s National Protective Security Authority (NPSA) recently published a guidance report “Setting the foundations: Five principles for a shared approach to Insider Risk,” which outlines five key principles underpinning NPSA’s years of advice and guidance on insider threats.

Analyst Note: Throughout its over 25 years’ experience in security work, NPSA has developed comprehensive insider risk guidance. The report states no matter if you’re new to the field or an experienced security practitioner, audiences need a clear and consistent understanding of key concepts related to insider threats, which NPSA terms insider risk. The report outlines five key principles underpinning NPSA advice and guidance, including:

• Principle 1: Adopting a shared language – NPSA provides definitions to encourage consistency and highlights that both unintentional and intentional insider events can cause harm to organizations.
• Principle 2: Broadening our understanding of potential insider threats – Categories of the most common insider events are included. They widen the frames of reference when considering the breadth of assets that need protection and the range of potentially relevant insider events.
• Principle 3: Considering the ‘spectrum of intent’: unintentional to intentional insider activity – Our message, ‘If you have people, you have insider risk’ challenges assumptions that insider risk solely relates to those who intentionally set out to cause harm. The spectrum of intent demonstrates holistic, organization-wide systems aiming to reduce both intentional and unintentional insider events. These should target both unintentional and intentional insider risk, support staff resilience and build engagement in security.
• Principle 4: Detecting signs of and de-escalating insider risk – Reviews of known cases demonstrate that signs, across the critical pathway to insider risk, are visible to the organization. There are opportunities to intervene early to help mitigate and reduce insider risk before it manifests or escalates.
• Principle 5: The foundations for effective interventions – In this section we provide frameworks focusing on what drives insider risk and implications for mitigations. Key considerations are effective security culture and measures that shape the environment to limit the opportunities for insider events to take place, whether intentionally or unintentionally.

Additionally, late last year, WaterISAC published a “Insider Threat Management – Fact Sheet.” This fact sheet was developed by WaterISAC’s Physical Security & Resilience Advisory Committee to help water and wastewater utilities strengthen their insider threat management policies. 

Original Source: https://www.npsa.gov.uk/specialised-guidance/insider-risk-guidance/setting-foundations-five-principles-shared-approach-insider-risk

Additional Reading:

• (TLP:GREEN) UK National Protective Security Authority Releases Guidance on Managing Insider Threats

Related WaterISAC PIRs: 1, 2, & 4