Insider Threat Program Operation Support

The stakes are high. The cost of theft of intellectual property, industrial espionage, foreign espionage, and unauthorized disclosures are on the rise. The skills and technology required to adequately protect your information, personnel and processes from a malicious insider are not the same as those necessary to protect your computer networks, despite what the legions of security equipment vendors want you to believe. Your technical staff, charged with the task of information security, is primarily concerned the integrity, availability, and confidentiality of your networked and standalone systems. The focus of a insider threat detection, however, is squarely on human activity whether or not it occurs on a digital device. Even in a fully mature and well run Insider Threat Program, most of the leads and anomalies that your program will identify will not turn out to be actual theft or real espionage, and therefore great care has to be taken even when just gathering the information and intelligence necessary triage leads and anomalies. The very hint that ‘so and so in accounting’ is under investigation could put the careers of innocent people in jeopardy even if they are completely exonerated later. The damage will have been done and liability may then become an issue, perhaps an expensive issue.

Everyone in your workforce lives two lives ... a real one and a digital one.
Everyone in your workforce lives two lives … a real one and a digital one.

The advantages of partnering with a firm like DPFI are many.  DPFI has many years of experience handling highly sensitive investigations in complete secrecy. Millions of dollars of training and state of the art technology back our support of your insider threat operations. While incidents may be on the rise nationally, your staff may only have to deal with a serious insider issue once or twice a year. So ‘training up one of the security guys’ can’t survive as a serious option, when one considers that a single insider can devastate a company, a government, or any organization.  If that your plan, at least let us help early on.  After a malicious insider strikes is not the time to go shopping for help bridging the gaps in your defensive posture and insider threat response skills.

At DPFI, this is what we do everyday. We provided the concept for Executive Order 13587 Section 6 creating the National Insider Threat Task Force in a Report which we wrote for the National Counterintelligence Executive and the White House in 2011, the following year we wrote the national implementation plan which brought some 75 agencies of the United States Government together to help create the National Policy and Minimum Standards leading to the NISPOM Change 2. DPFI co-wrote the NITTF 2013 and 2014 Guide to Accompany the National Insider Threat Policy and Minimum Standards (these documents are currently for official US government use only, and have not yet been released to the general public.)  DPFI offers this level of quality expertise, once only available to the US government, the Intelligence Community, and the Department of Defense. Our low profile surgical approach to malicious insider detection and response will help you improve your insider threat program and lower your risk without damaging  your organization’s culture that you worked so hard to build or alienating your employees and partners that you worked so hard find, vet and develop.  No one wants to work in a Police State.  With DPFI in your camp, working with your staff but behind the scenes, most of your workforce, from your most trusted officers to the occasional temp worker, will not even know we are there.

 

SSA Davis2