(TLP:CLEAR) National Insider Threat Awareness Month 2025: Partnering for Progress
Created: Thursday, September 4, 2025 - 14:50
Categories: Federal & State Resources, General Security and Resilience
Summary: September is National Insider Threat Awareness Month (NITAM), a time dedicated to spreading awareness in government and industry about the risks posed by insider threats and the importance of insider threat mitigation programs. This year’s theme is “Partnering for Progress,” which underscores that insider threat management is a collective effort for every employee across an organization.
Analyst Note: Insider threats are an enduring risk to the water and wastewater sector. Insider threat incidents, be they intentional or unintentional, can lead to serious operational disruptions to water utilities. In March, for example, WaterISAC reported on an incident where a disgruntled former employee allegedly called in a bomb threat and threatened to poison the water supply of the utility he used to work at. Moreover, a recent DHS report highlighted that insider threat activity in the Water Sector demonstrates that it is a persistent and potentially high-impact threat.
Insider threats are primarily a people problem rather than a technology problem. Every person within an organization represents a potential risk. Many incidents arise from simple negligence, where employees make careless mistakes due to being tired, distracted, or hurried. Malicious insiders, driven by psychological triggers such as personal stressors or coercion, may engage in harmful activities like fraud, theft, espionage, or sabotage. Insider threats can manifest in both the cyber and physical domain.
Despite the potential impacts, establishing an insider threat program can help greatly reduce an organization’s risk. The NITAM website has freely available guidance resources to help organizations increase awareness, promote reporting of insider threats across your workforce, and perform your role in managing risk and mitigating insider threats. For example, it includes case studies on past insider threat incidents that provide details on the malicious activities, their organizational impact, and the potential risk indicators that, if identified, could have mitigated harm.
Original Source: https://securityawareness.dcsa.mil/cdse/nitam/index.html
Mitigation Recommendations:
- CISA – Insider Threat Mitigation
- CISA – Insider Threat Reporting Templates
- CISA – Resources for Onboarding and Employment Screening Fact Sheet
Related WaterISAC PIRs: 1, 2, 3, 4, & 5