Presentation on theme: "What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf."— Presentation transcript:
What is Insider Threat? “Potential damage to the interests of an organization by a person(s) who is regarded, falsely, as loyally working for or on behalf of the organization, or who inadvertently commits security breaches.”
Training employees to recognize phishing and other social media threat vectors Train continuously to maintain the proper levels of knowledge skills and abilities Conduct training on and improve awareness of risk perception and cognitive biases that affect decision making Improve usability of security tools Improve usability of software to reduce the likelihood of system- induced human Enhance awareness of the unintentional insider threat Provide effective security practices (e.g. two factor authentication for access) Maintain staff values and attitudes that align with organizational mission and ethics
December 11, 2013 USDA scientist was arrested on charges of conspiring to steal a company’s legally protected rice seed.
USDA Insider Threat Plan IP security Physical security Personnel security Cyber security
Protecting IP from Insider Threat Dept. Homeland Security recommends that programs with proprietary research or IP consider implementation of a Technology Control Plan.
Technology Control Plan Monitor Detect (provide incentives and data) Deter (prevention should be an important goal) Protect (maintain operations and economics) Predict (anticipate threats and attacks React (reduce opportunity, capability, and motivation and morale for the insider)
IP Security Measures Already in Place Federal Authorities and Regulations Agreements (15USC 3710, 7USC 3318, 7USC 3291, 7USC 450, etc.) Trade Secret Act Departmental Policies Information Systems Security Policy Classified National Security Information Policy Sensitive But Unclassified Information Protection Policy Access Control Policy for protecting information systems and data Technology Transfer Policy & Procedures Security Protection for Information Technology (IT) Assets Policy Selection, Appointment, and Responsibilities of PI Policy
Office of National Programs Program Development Line Management Program Implementation Office of Technology Transfer IP Management
AgLearn Tech Transfer Training Introduction Module Agreements Module Patenting Module
DepartmentCurrent ActivitiesFuture Plans Department of Agriculture AgLearn Tutorial for Classified National Security Information for cleared employees only (3700 people) Finalizing a General Security Awareness Video for current and new on-boarding employees Developing a new Foreign National Visitor Departmental Regulation (applicable for all USDA employees) Developing an Insider Threat Program (focus is cleared personnel and Classified National Security Information) Expand the General Security Awareness Video to include Proprietary Information Evaluating expanding Foreign Travel reporting for all cleared personnel Establishing Departmental Suspicious Reporting program Health and Human Services Identifying vulnerabilities (FDA special area of emphasis) On-boarding Awareness Training for all employees Annual Awareness Training for all employees Focus both on Counterintelligence (CI) and Insider Threat Proactively identifying cases Managing cases before referral to law enforcement agency Environmental Protection Agency In key locations (labs), provide CI briefings with local FBI (goal is to visit annually) Foreign Visitor Program established Enhancing Insider Threat Program Establishing a formal foreign disclosure program (review process for what can be released to foreign nationals) Department of the Interior Annual security training for cleared personnelFocusing on Insider Threat Program implementation
DepartmentCurrent ActivitiesFuture Plans Department of Transportation Implemented a Suspicious Activity Report (SAR) Database - All employees are trained to use it Provides Insider Threat to entire department, regardless of clearance; include proprietary information in addition to classified intelligence as part of the training Established a CI hotline for employees Reaching out to their scientific community (special area of emphasis) Department of Homeland Security Teach the Trade Secrets Act (both in-person and on-line) Personal Identifiable Information course for all employees Password protect trade secret information for external emails Nuclear Regulatory Commission Used the Uniformed Trade Secrets Act (national policy) and established NRC policy Includes proprietary information Education and awareness program online for all employees Also provide in-person briefings, as appropriate Will leverage Insider Threat Policy to reinforce current programs Department of EnergyPart of the Intelligence Community Maintains nearly thirty intelligence and counterintelligence offices nationwide Protects vital national security information, technologies, and intellectual property