The National Counterintelligence and Security Center (NCSC), a group within the Office of the Director of National Intelligence (ODNI), has issued Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence Perspective, a new publication aimed at helping U.S. critical infrastructure organizations understand and address the growing problem of insider threats. As the publication observes, concerns over insider threats have been exacerbated by geopolitical tensions – foreign adversaries have demonstrated their interest in U.S. critical infrastructure – and the current ideational-ideological landscape within the U.S. In insider threat scenarios, employees can use or be exploited for their authorized access to facilities, personnel, or information to harm their organization. The harm can range from negligence – such as failing to secure data or clicking on a spear-phishing link – to malicious activities like sabotage, intellectual property theft, fraud, or workplace violence. The publication provides guidance on how to address this threat in organizational risk management plans and offers best practices for critical infrastructure entities to mitigate insider threats.

At a minimum, it recommends critical infrastructure organizations:

1. Have an insider threat program that identifies individual anomalous behavior at an early stage and the resources to respond appropriately, and
2. Respond in a way that fosters trust across the organization and leverages the workforce as a partner.

Access the publication at the NCSC or below.