(TLP:CLEAR) CISA Urges Critical Infrastructure Organizations Take Action Against Insider Threats, and Publishes New Product
Created: Thursday, February 5, 2026 - 14:58
Categories: Cybersecurity, Federal & State Resources, Physical Security, Security Preparedness
Summary: Last week, CISA published a new product, “Assembling a Multi-Disciplinary Insider Threat Management Team,” which is geared towards critical infrastructure entities and local government stakeholders. This infographic provides actionable strategies to proactively prevent, detect, and mitigate insider threats, helping organizations stay ahead of the dynamic threat landscape.
Analyst Note: WaterISAC assessed in its 2025 “Threat Analysis Report” that insider threats are a growing concern to the water and wastewater sector due to several factors, such as heightened geopolitical tensions and increased remote access given to contractors and other third-parties for operational activities, among other issues.
According to CISA, insider threats often take two forms: calculated acts of harm and unintentional mistakes. Malicious insiders may exploit access for personal gain or revenge, causing severe damage to systems and trust. At the same time, negligence or simple human errors can open the door to vulnerabilities that adversaries can exploit.
CISA’s infographic guides stakeholders in forming a comprehensive, holistic, and multidisciplinary insider threat management team comprising personnel from various sectors of the organization. It also provides recommendations for maintaining the team to address evolving vulnerabilities effectively.
Additionally, last year, WaterISAC published an “Insider Threat Management – Fact Sheet.” This fact sheet was developed by WaterISAC’s Physical Security and Resilience Advisory Committee to help water and wastewater utilities strengthen their insider threat management policies. It includes a series of best practices organized into five thematic sections.
Original Source: https://www.cisa.gov/resources-tools/resources/assembling-multi-disciplinary-insider-threat-management-team
Additional Reading:
- CISA Urges Critical Infrastructure Organizations to Take Action Against Insider Threats
- (TLP:AMBER) Insider Threats: A Growing and Underestimated Risk
Mitigation Recommendations:
- (TLP:CLEAR) WaterISAC Physical Security and Resilience Advisory Committee: Insider Threat Management – Fact Sheet
- Insider Threat Mitigation for U.S. Critical Infrastructure Entities
Related WaterISAC PIRs: 1, 2, & 4