The National Counterintelligence and Security Center has released a report to raise awareness of the threat posed by humans to critical infrastructure and provide best practices on how to mitigate insider threats.
NCSC discussed how critical infrastructure entities can adopt insider threat programs to identify and address vulnerabilities and prevent adversaries from exploiting such vulnerabilities, according to the report released in March.
The center said an organization should have a program that identifies anomalous behavior of individuals and resources to address such behavior and respond to such behavior in a manner that promotes trust and involves employees as a partner to help mitigate insider threats.
The center listed key elements of an intelligence function to improve critical infrastructure security, including the creation of a security intelligence program to analyze vulnerabilities and threats to personnel, information and physical disciplines; development of a communications plan to educate the workforce of security concerns; and incorporation of civil liberties and privacy protections into security and intelligence-like programs.
NCSC discussed the nine elements of insider threat programs for critical infrastructure. These include recognizing insider threat as a human challenge, designating a top-level senior official to oversee the insider threat program, conducting red teaming and tabletop exercises to help strengthen insider threat programs and integrating technological systems for insider threat mitigation with programs for detection and deterrence.