Insider Threat Program – Basic Structure

Governance of an Insider Threat Program

A mature governance structure is essential to effectively develop, deploy, and manage an insider threat program. The CERT Insider Threat Center recommends that the organization implement a governance structure that enables the insider threat program to

  •  Maintain an updated knowledge base related to insider threats including staying current with the latest research and capturing lessons learned.
  • · Provide support to the insider threat program stakeholders to ensure the groups are meeting their objectives, providing the appropriate inputs to the insider threat program manager and appropriately communicating results and decisions to other insider threat program stakeholders.
  • · Monitor governance practices to ensure that governing bodies are meeting insider threat program needs, to make recommendations for improvement, and to refine the measures as needed.
  • · Capture and communicate insider threat program success stories to internal and external stakeholders to increase program support.
  • · Execute a comprehensive program-risk-management approach and required procedures for insider threat program stakeholders.
  • · Perform processes including budgetary review, the development of future technical requirements, continuous operation procedures, and risk management.
  • · When applicable, facilitate both formal and informal Continuous Diagnostic Monitoring (CDM) governance training for the CDM program staff, departments and/or agencies (D/As), partners, and stakeholders.
  • · Maintain and execute the program schedule for updating charter guidance, procedures, and policies based on ongoing lessons learned (both internally and externally), best practices, and stakeholder input.

Common Sense Guide to Mitigating Insider Threats, Fifth Edition, The CERT Insider Threat Center, Software Engineering Institute at Carnegie Mellon University ( http://www.sei.cmu.edu), December 2016
TECHNICAL NOTE: CMU/SEI-2015-TR-010

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s