SEI Insights

Insider Threat Blog

Real-World Work Combating Insider Threats

InTP Series: Participation of Business Areas (Part 4 of 18)

Posted on by in

An effective Insider Threat Program includes participation from the essential business areas of an organization. The National Insider Threat Task Force (NITTF) Minimum Standards identify the particular groups that should be represented in an insider threat program.

Hi, this is Mike Albrethsen of the CERT Insider Threat Center with information about which groups should be included in the operation of an effective InTP and why.

These are the groups that the NITTF recommends participate in InTPs:

  • Security
  • Information Assurance
  • Human Resources
  • Law Enforcement
  • General Counsel
  • Civil Liberties and Privacy Officials
  • Counterintelligence
  • Senior Leadership

Multi-team participation should be represented in two areas:

  1. These groups should participate in the development, governance, and oversight of the insider threat program. This participation is important to ensure that stakeholder concerns are addressed during the development of the program. This involvement can help to break down barriers between organizational groups to facilitate unfettered access to relevant data sources.
  2. Organization-wide participation is also important during the daily operation of the insider threat program. In particular, input from different subject matter experts can allow for a holistic approach to insider threat detection, analysis, and investigations.

If you want to learn more about the participation of organizational groups in InTPs, investigate our Insider Threat Program Manager Certificate. The training provided as part of the certificate program covers all the important steps of implementing an insider threat program in your organization.

If you have questions or comments on this post or the series, please send us your feedback.

More from CERT Insider Threat Center

Posts


View other blog posts by CERT Insider Threat Center.