search menu icon-carat-right cmu-wordmark

September Is National Insider Threat Awareness Month

Daniel Costa

September 2019 has been declared National Insider Threat Awareness Month by the National Insider Threat Task Force, the National Counterintelligence and Security Center, the Federal Bureau of Investigation, the Office of the Under Secretary of Defense (Intelligence), the Department of Homeland Security, and the Defense Counterintelligence and Security Agency. This blog post outlines the CERT National Insider Threat Center's activities in support of this effort.

some file

In a July 23 memo to insider threat practitioners, Mr. William Evanina, Director of the National Counterintelligence and Security Center, stressed the importance of awareness as a key pillar to insider threat defense. To help organizations promote insider threat awareness, the Center for Development of Security Excellence (CDSE) highlighted two goals for insider threat programs during National Insider Threat Awareness Month: to familiarize each organization's workforce with its insider threat program and maximize concerning behavior reporting.

We recommend organizations emphasize each employee's role in protecting authorized access to the organization's critical assets from misuse, both malicious and unintentional. Part of this role involves knowing what concerning behaviors and potential insider threat activity to look for, and what to do once it is identified. Using this context to introduce insider threat programs to the workforce and encourage the reporting of concerning behavior has helped organizations manage negative connotations about insider threat programs, as well as set employee expectations around how the organization uses--and does not use--reporting activity.

Here is what you can expect from the CERT National Insider Threat Center during National Insider Threat Awareness Month:

  • The CERT National Insider Threat Center will hold a live webinar on Thursday, September 19 from 1 to 2 p.m. EDT titled "Insider Threat. Your Questions. Our Answers." Our subject matter experts will provide an overview of the ongoing research in insider threat mitigation and answer your questions about how the threat landscape continues to evolve and what organizations can and should do to address insider threats.
  • Each week this month, we will publish a new blog post presenting the latest from our ongoing research and development efforts for insider threat mitigation. These blog posts will include
    • updated statistics from our insider threat incident corpus
    • best practices for developing and validating insider threat detection capabilities
    • strategies on how to ensure effective, compliant, and legal insider threat program operations

Whether you are just interested in learning more or building an insider threat program to comply with Executive Order 13587 or NISPOM Conforming Change 2, respond to an insider incident, or proactively mitigate the insider threat within your own organization, here is how we can help.

As a part of a Federally Funded Research and Development Center, the CERT National Insider Threat Center has a mission to continue to lead and advance the research and development of socio-technical solutions to combat insider threats. You can contact us at with any questions or suggestions on future collaborations or research areas.

Get updates on our latest work.

Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.

Subscribe Get our RSS feed