The intelligence community on Tuesday warned of increasing foreign threats aimed at exploiting vulnerable U.S. workers in critical infrastructures with the aim of advancing “their geopolitical interests at America’s expense,” and provided guidance to mitigate potential insider threats.
“Although often less appreciated than remote-access cyber threats, insider threats to critical infrastructure entities are growing and can be more difficult to mitigate,” Michael Orlando, acting director of the National Counterintelligence and Security Center, said in a statement. “Whether intentional or unintentional, the actions of insider threats in critical infrastructure can cause grave harm to national security, public safety, as well as individual organizations and state and local governments.”
Orlando said his center’s Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence Perspective, “provides a roadmap for critical infrastructure organizations to build effective insider threat programs.”
The guidance defines individuals that may pose an insider threat as being “trusted” and who have “authorized access to facilities, personnel and information.”
The 18-page report says there are at least two things an organization must do to minimize potential insider threats, including having a program to identify “anomalous behavior and the resources to respond,” and second, create trust and partner with the workforce in response efforts.