An insider threat to critical infrastructure is an individual with the access or inside knowledge of a company, organization, or enterprise that would allow them to exploit the vulnerabilities of that entity’s security, systems, services, products, or facilities with the intent to cause harm. Critical infrastructure-level threats affect critical infrastructure services delivery, the national economic backbone, and public health and safety.
- Executive Order 13636 – Improving Infrastructure - Cybersecurity
- Presidential Policy Directive – Critical Infrastructure Security and Resilience
- DHS: Cyber Security and Infrastructure Security Agency Resources
- NIST: A Preliminary Examination of Insider Threat Programs in the U.S. Private Sector
- CDSE Job Aid: Insider Threat Programs for the Critical Manufacturing Sector Implementation Guide
- CDSE Security Awareness Video: Insider Threat in Critical Infrastructure
- National Infrastructure Advisory Council (NIAC): Insider Threat to Critical Infrastructures: Transmittal Letter
- National Infrastructure Advisory Council (NIAC): Final Report and Recommendations on Insider Threat to Critical Infrastructure
- FEMA Training: IS-915: Protecting Critical Infrastructure Against Insider Threats
- FEMA Training: IS-916: Critical Infrastructure Security: Theft and Diversion – What You Can Do
- TSA Insider Threat Program Policy: TSA Directive No. 2800.17 TSA policy and procedures for the establishment, integration, and implementation of the Insider Threat Program
- DSAC: Critical Infrastructure Resources
Toolkit feedback/suggestions? Email firstname.lastname@example.org.