Establish an Insider Threat Program Under NISPOM focuses on protecting classified information. It also answers the question that so many people have asked,
- If we have the NISPOM, why do we need an insider threat program?
- If the NISPOM is so thorough, what would an additional insider threat program look like?
Most organizations attack the problem with either an employee tracking or online activity reporting goal.
After asking the above questions, we recommend a different solution. Of course the employee reporting and activity tracking solutions are important and part of the solution, but they should not be the end goal.
This book recommends a different application that can easily be implemented to both resolve insider threat issues and demonstrate compliance.
Establishing an Insider Threat Program Under NISPOM is written primarily for cleared defense contractors to meet Insider Threat Program requirements under the cognizance of the U.S. Government (Defense Counterintelligence and Security Agency (DCSA)).
Our recommended approach and practices help reduce vulnerabilities without negatively impacting the work force. You will learn to be innovative in your approach as well as leverage industry best practices for a more effective ITP. These solutions incorporate a systems-based approach that meets the following criteria:
- Document what needs to be protected
- Establish countermeasures to limit access
- Meet reporting requirements for unauthorized access
- Train the workforce
This book provides tools and templates that you can use immediately to document your progress and demonstrate program during reviews.
This book includes:
- Insider Threat Program Templates, tools and products
- Sample training certificates
- Spreadsheets for documenting risk
Testimonial
"Just finished reading this book. As a former Facility Security Officer (FSO), the book outlines many of the processes I remember using to help maintain Need to Know (NTK) separation of classified material long before the term “Insider Threat Program” was used. Besides establishing your program, Jeff addresses setting up your Insider Threat Working Group, Reporting, and Training. He also includes detailed list of what you need to include in the various areas of your program. There are even great templates at the end of the book as examples to use when setting up your program. I would definitely recommend reading and using this book as a reference if you are starting up a new Insider Threat Program."