Home

 


About Us

 


Press Releases

 


Insider Threat

Public Speaking

 


Insider Threat Program

Training Course

 


NISPOM

Conforming Change 2 Training

 


Insider Threat

Risk Assessments

 


Insider Threat

Risk Mitigation Services

 


Insider Threat Awareness Resources

 


National Insider Threat Special Interest Group

 


Cyber Security Information Systems Security Training

 


Contact Us

 


Insider Threat Defense

Trademark Notice

ITD TM Information

 


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

joomla counter


Insider Threat Risk Management Services

Insider Threat Risk Assessments & Mitigation

Please Visit Our New Website For The Most Up To Date Information


 

Insider Threat Incidents Are Costly And Damaging

  • The focus on the "Insider Threat Problem" has never been greater for the U.S. Government, Department of Defense (DoD), Intelligence Community (IC), Defense Industrial Base Contractors (DIB), large and small businesses.

  • The importance of protecting the data, information systems and networks that contain classified and sensitive information (Intellectual Property, Trade Secrets, Personally Identifiable Information (PII), Patient Health Care Information, etc.) has never been greater.

  • "Insider Threats Incidents" have been and can be very damaging to U.S. National Security and businesses. The "Insider Threat" is such a serious problem that the FBI and DHS issued an alert in 2014 about the Insider Threat. Companies victimized by current or former employees incur costs from $5,000 to $3 million.

 

 

Who Is Responsible For Insider Threat Risk Management?

  • Many individuals might assume that the responsibility for protecting data, information systems and networks from Cyber Threats and Insider Threats, is the Information Technology (IT) Department. However, Cyber Threats and Insider Threats should not be viewed as a problem that can be solved with just security software and appliances; User Activity Monitoring, IDS / IPS, Firewalls, Web Filtering, Data Loss Prevention Tools, Etc.

  • Security controls that protect data, information systems and networks, are not just technical, but management and operational and cross many security disciplines and departments within an organization.

  • The Insider has also become a big factor in many successful cyber attacks and data breaches. Although technology introduces avenues for threats to enter an organization, it is the Insider (Malicious-Non Malicious), not the technology itself that puts organizations' information in jeopardy.

  • For an organization to evaluate it security posture against the Insider Threat, it must conduct an Insider Threat Risk Assessment from an enterprise level. An Insider Threat Risk Assessment will identify weaknesses, vulnerabilities and threats in technical, management and operational controls that may enable an Insider to perform malicious actions against an organization. The results of the Insider Threat Risk Assessment will be evaluated and risk mitigation strategies developed to protect the organizations facilities, data, information systems and networks from the Insider Threat.

  • Insider Threat Risk Mitigation requires a holistic enterprise approach, with support from senior management and other stakeholders (Security, Counterintelligence, Human Resources, Information Technology, Information Assurance, Legal, etc.) A weak link in implementing the required security controls, procedures, or communicating insider threat risks from an enterprise level can be very costly and damaging to an organization.


 

Insider Threat Defense

Insider Threat Risk Management Services

 

  • Insider Threat Defense has extensive experience performing Insider Threat Risk Management (Risk Assessment-Risk Mitigation Solutions) for the U.S. Government, DoD, Intelligence Community, Defense Industrial Base Contractors, large and small businesses.

  • Insider Threat Defense is excited to announce that a DoD Insider Threat Program Checklist that was developed by our company in 2009, was used, and still is by many DoD Commands, Services and Agencies to assess the security posture of their organizations.

  • Insider Threat Defense can provide your organization with a confidential, independent and unbiased assessment of your organizations current security posture, identifying insider threat risks and recommending cost effective mitigation strategies.

  • Insider Threat Defense goes beyond security compliance regulations to ensure your organizations assets are properly protected. We go beyond security compliance, giving you a full picture of your organizations weaknesses, vulnerabilities and threats. Our holistic approach to assessing and mitigating the Insider Threat uses a top to bottom approach. We assess the Insider Threat from an enterprise level down all the way down to the Insider behind the keyboard.

  • Our Insider Threat Risk Mitigation Auditors (ITRMA’s) are Subject Matter Experts (SME's) in the areas of Insider Threat Risk Mitigation.  They are committed to helping you better secure your organizations assets from malicious insiders.

  • Our ITRMA’s are Certified Information Systems Security Professionals (CISSP), and hold other security relevant certifications.

  • Our ITRMA's support numerous U.S. Government Agency and private sector Insider Threat Programs.

 

Protecting The Results Of Insider Threat Risk Assessment Reports

  • Our ITRMA's will obtain information during a security assessment that will not be shared with other internal or external individuals or organizations.

  • Our ITRMA's will sign a Non-Disclosure Agreement (NDA) protecting the organizations Insider Threat Risk Assessment Report (ITRAR). Our ITRMA's have an obligation and commitment to protect the confidentiality of ITRAR  and related information.

 

National Insider Threat Policy - Insider Threat Risk Mitigation Requirements
B. General Responsibilities of Departments and Agencies
7) Perform self-assessments of compliance with insider threat policies and standards; the results of which shall be reported to the Senior Information Sharing and Safeguarding Steering Committee (hereinafter Steering Committee).


8) Enable independent assessments, in accordance with Section 2.1(d) of Executive Order 13587, of compliance with established insider threat policy and standards by providing information and access to personnel of the Insider Threat Task Force (ITTF).

For more information or if you have any additional questions, please contact us.

free hit counters

 

 
 

           

Copyright © 2014- INSIDER THREAT DEFENSE - All Rights Reserved - Legal Notice