An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

 


 


The importance of having an 'Insider Threat Program' - VIDEO

  • Published
  • By Air Force Life Cycle Management Center Consolidated Security Office

January is National Operations Security Awareness Month. As part of the month-long observance, Jennifer Turpin, AFLCMC Director of Security, Consolidated Security Office, explains the importance of having an insider threat program for OPSEC purposes. Click to watch the video. A transcript of the speech is below as well. 
 

TRANSCRIPT FOLLOWS:

MS. JENNIFER TURPIN:
We all have that one individual whether it be a friend or family member that we trust with everything.  We trust their judgement, we trust they will be there when they say they will, we trust their integrity, and we trust their ability to keep a secret.  This is the same relationship the government entrusts with its cleared employees and those that hold positions of trust.  
 
In a previous lifetime, I was a federal agent with the National Background Investigations Bureau. A big part of my job was to act as the first line of defense to detect an Insider Threat. I interviewed individuals and asked the most basic and, at times, the most intrusive questions to get a clear understanding of who they were and if they were reliable and trustworthy enough to protect our nation’s most sensitive information. I had to paint a picture of this individual’s character, so the government could have faith they hired an individual that could be trusted with the most valuable information and assets. Going door to door, reviewing personal records, interviewing friends and family you try to get a clear picture of exactly who an individual is.  Every day we are surrounded by coworkers, supervisors, and the general workforce. We trust these individuals to protect our organization’s information and to ensure our safety.  So, you may be asking, what is an insider Threat and Why should an organization have a program dedicated to detecting and mitigating Insider Threats?  

An insider threat is anyone within an organization that has access to the organization’s assets, infrastructure, and information. Examples include but are not limited to network administrators, developers, acquisition managers, administrative personnel and the list goes on.  It could even be someone you don’t know but pass daily in the hallway.
     
While no threat can be 100 percent avoided there are things an organization can do to detect and mitigate insider threats.  An effective Insider Threat Program helps an organization teach and encourage reporting or identifying individuals that pose a threat.  Having a workforce that is alert to the indicators of an Insider Threat and the manner in how to report the information can effectively eliminate or mitigate concerns of valuable information being released to an organization’s competitor.  In addition, an effective program minimizes the damage an Insider Threat can cause, and early detection can identify a threat before it becomes an attack and causes harm.  Lastly, an Insider Threat Program clearly outlines, the procedures, tools, and personnel responsible for mitigating a threat.
     
There are many indicators that someone may be or become an Insider Threat and it’s important to know what these are.  Things such as a dramatic change in character or actions of individual.  We all have bad days, however, when someone’s complete character and demeanor changes sometimes overnight it is important to be alert.  In addition, individuals who talk of lavish objects and vacations and then in the same sentence indicate they are struggling financially this can also be an indicator.  Remember, if something feels off, it usually is, so go with your gut feeling.  If you ever have a question if you should report something, contact your respective security office, they can provide an assist.  Don’t wait, because the longer you wait the more damage will be done if the individual is in fact an Insider Threat.
     
So, what is the take-away?  Yes, there are agents out there serving as a first line of defense, I was one of them, but there are individuals that may not be detected, so to add another layer of defense is through an effective Insider Threat Program.
I hope that you take away just how important it is to protect our nation’s sensitive information and, if you witness a potential insider threat, how important it is to report the concern.  Thank you, and remember if you see something, say something!