Critical Infrastructure Security and Resilience Month, Week 4 – Combatting Insider Threats

The theme for the fourth and final week of Critical Infrastructure Security and Resilience Month is “Secure from the inside out: Combatting insider threats.” The Cybersecurity and Infrastructure Security Agency (CISA) at the U.S. Department of Homeland Security has included a section on insider threats in its Infrastructure Security Month Toolkit, which discusses the issue and provides some tips and resources to help. Some of the resources include CISA’s own “Insider Threat Mitigation” webpage, which features a 30-minute video and information on how to establish an insider threat program. CISA also reminds its partners of additional information and resources available through the National Insider Threat Task Force (NTTF), which was established under the joint leadership of the U.S. Department of Justice and the Office of the Director of National Intelligence. In addition to resources to help an organization set up an insider threat program, the NTTF has made available training modules and technical bulletins on the topic.

Although Critical Infrastructure Security and Resilience Month is coming to a close, WaterISAC reminds its members of the importance of incorporating security and resilience into their organization’s operations throughout the year, accessing the many resources it has posted to the “Resource Center” and “Tools” sections of its portal, registering for webcasts and other upcoming activities via the “Upcoming Events” page, and submitting incident reports, such as through the Confidential Incident Reporting Form. Members may also wish to revisit WaterISAC’s previous postings for the previous weeks, which include:

• Week 1 – Managing Risk to a Converging Cyber and Physical World
• Week 2 – Soft Target Security
• Week 3 – A Collective Approach to Securing Public Places