InTP Series: Participation of Business Areas (Part 4 of 18)
An effective Insider Threat Program includes participation from the essential business areas of an organization. The National Insider Threat Task Force (NITTF) Minimum Standards identify the particular groups that should be represented in an insider threat program.
Hi, this is Mike Albrethsen of the CERT Insider Threat Center with information about which groups should be included in the operation of an effective InTP and why.
These are the groups that the NITTF recommends participate in InTPs:
- Information Assurance
- Human Resources
- Law Enforcement
- General Counsel
- Civil Liberties and Privacy Officials
- Senior Leadership
Multi-team participation should be represented in two areas:
- These groups should participate in the development, governance, and oversight of the insider threat program. This participation is important to ensure that stakeholder concerns are addressed during the development of the program. This involvement can help to break down barriers between organizational groups to facilitate unfettered access to relevant data sources.
- Organization-wide participation is also important during the daily operation of the insider threat program. In particular, input from different subject matter experts can allow for a holistic approach to insider threat detection, analysis, and investigations.
If you want to learn more about the participation of organizational groups in InTPs, investigate our Insider Threat Program Manager Certificate. The training provided as part of the certificate program covers all the important steps of implementing an insider threat program in your organization.
If you have questions or comments on this post or the series, please send us your feedback.