Awareness & Threat Training
Customized Insider Threat Programs
Customized Insider Threat Programs
Customized Insider Threat Training Programs for Department of Defense (DoD) contractors implementing the NIST Risk Management Framework (RMF).
Arlington Security Portal
Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.
Customized Insider Threat Training Programs for Department of Defense (DoD) Contractors
Arlington offers customized insider threat programs for DoD contractors seeking to implement the NIST Risk Management Framework (RMF). The dangers of the insider threat is the ability for somebody to use authorized access wittingly or unwittingly, to do harm to the national security of the United States, their organization, or themselves.
Insider Threats are Growing – Be Prepared
Insider threats include a wide-range of nefarious activities, such as damage through espionage, workplace/kinetic violence, unauthorized disclosure of national security information, or through the loss or degradation of departmental resources or capabilities. While organizations spend considerable amounts of time and money protecting their assets from external threats, many times, they fail to look inside their own organization, where the great dangers potentially lie.
Did you know that most insider threats exhibit what the DoD identifies as “Risky Behavior” prior to an event happening by such an individual, all the more reason for mitigating such risks before harm can occur to your organization?
With Arlington our customized insider threat programs – and our DoD Insider Threat Program Toolkit – is specifically designed for helping mitigate internal threats against your organization, along with meeting today’s strict regulatory compliance requirements as put forth by the NIST RMF.
It’s a Requirement for DoD Contractors
A strict requirement for DoD contractors is developing and implementing a comprehensive insider threat program. Per the Center for Development of Security Excellence (Security education, training, and certification for DoD), “Insider Threat Programs are designed to deter, detect, and mitigate actions by insiders who represent a threat to national security.”
Per the DoD ISL 2016-02, NISPOM 1-202 requires the contractor to establish and maintain an insider threat program that will gather, integrate, and report relevant and available information indicative of a potential or actual insider threat.
Now more than ever, malicious and nefarious individuals unfortunately can be lurking within, waiting to strike, potentially creating catastrophic consequences for an organization. Malicious intent can be devastating – no question about it – but so can uninformed, careless, and naïve employees who undertake actions not understanding the consequences. A well-developed insider threat program hopes to mitigate these threats. Arlington has years of experience developing highly customized insider threat programs for DoD contractors. Additionally, we also offer a DoD Insider Threat Program Toolkit available for download. Intent and Scope of an Insider Threat Program
Intent and Scope of an Insider Threat Program
Per Department of Defense DIRECTIVE 5205.16., the intent and scope of an insider threat program includes the following:
-
a. …maintain an insider threat program to comply with the requirements and minimum standards to prevent, deter, detect, and mitigate the threat insiders may pose to DoD and U.S. Government installations, facilities, personnel, missions, or resources. This threat can include damage to the United States through espionage, terrorism, unauthorized disclosure of national security information, or through the loss or degradation of departmental resources or capabilities.”
-
b. Identifies appropriate training, education, and awareness initiatives that may be made available to DoD personnel and contractors in…
-
c. Ensures appropriate DoD policies, including but not limited to counterintelligence (CI), cybersecurity, security, civilian and military personnel management, workplace violence, emergency management, law enforcement (LE), and antiterrorism (AT) risk management, are evaluated and modified to effectively address insider threats to DoD.
Arlington Security Portal
Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.
Related Services
Corresponding Case Studies
A Proven Approach for Developing Customized Insider Threat Programs
Why Arlington for Insider Threat Programs?
-
Saves federal contractors an incredible amount of time and money.
-
Highly detailed programs reflecting your unique environment.
-
Efficient, yet comprehensive methodology for rapid program development.
-
Insider threat programs that have been exhaustively vetted by federal agencies for approval.
Why Arlington?
Decades of Defense Industry Expertise. Recognized leaders in all things DoD. World-Class Arlington Security Portal (ASP).
Passion. Integrity. Innovation. Impact.
Phase I: Scoping & Analysis
A well-developed insider threat program requires thoughtful pre-planning in terms of what the actual program should cover, personnel and departments involved in both developing and undertaking training for the program, execution, oversight and maintenance of the program, and more.
Phase II: Development
Putting the pieces together for such a program requires developing the actual plan itself in terms of policies and procedures, acquiring tools and solutions needed, and ultimately, approving the program for implementation by senior leadership.
Phase III: Implementation
With a program now developed and formalized, its’ critical to implement it throughout the organization, which requires a multi-step process for successfully integrating the insider threat program. Activities to implement include user training, user acceptance and acknowledgement, along with records retention for training, and more.