White House Issues Insider Threat PolicyPolicy sets minimum standards to deter, detect and respond to insider threats in federal government.
President Barack Obama notified the heads of federal agencies and departments of the new guidelines in a Nov. 21 memo. The policy and related "minimum standards" provide direction to federal programs aimed at deterring, detecting and responding to actions by employees who may pose a threat to national security, according to the memo. In addition to stifling information leaks, the policy seeks to prevent espionage and violent acts against the federal government.
- Building a Hybrid Cloud in Government: It's not that Complicated
- Shared Services: How To Realize New Efficiencies In Federal IT
- Forrester Whitepaper: IT Operations Managers Must Rethink Their Approach to Private Cloud
- The Cloud - Inevitable, But Not Ambiguous
- Strategy: FISMA Lifts All Compliance Boats
- Strategy: Cybersecurity: Continuous Monitoring Action Plan
The standards set baseline requirements for insider threat programs, such as an ability to analyze and respond to threat-related information and monitor employee use of classified networks. As they clamp down, agencies are directed to provide awareness training and protect the civil liberties and privacy of government personnel.
The national policy comes several years Bradley Manning, a soldier in the U.S. Army, was accused of leaking hundreds of thousands of classified government documents to the WikiLeaks website. Manning was arrested two years ago and awaits trial.
[ Learn How South Carolina Failed To Spot Hack Attack. Hint: Lack of breach detection services was a big part of the problem. ]
In October 2011, President Obama signed an executive order outlining "structural reforms" to promote the security of classified networks and protect classified information. The order led to the formation of an insider threat task force charged with drafting a national policy. Agencies were also directed to implement insider threat detection programs and monitor their progress in meeting policy objectives.
Government agencies have taken a variety of steps to protect themselves. The State Department has deployed new auditing and monitoring tools on its classified networks. And the Department of Defense awarded Xerox's PARC a $3.5 contract to develop technology that can automatically identify insider threats.
The Secret Service, the National Institute of Standards and Technology and the FBI have all offered insider threat guidance to businesses and government agencies. Among the tips for prevention presented earlier this year by Carnegie Mellon University's CERT Insider Threat Center, based on its work with the Secret Service, are to watch for human-behavior warning signs, be alert when employees resign or are terminated and make use of technologies such as centralized logging tools.