Insider Risk for Operation Warp Speed Industry Partners
As a member of the Healthcare and Public Health Sector, you play a significant role in national security by protecting the nation and its economy from hazards such as terrorism, infectious disease outbreaks, and natural disasters.
Trusted insiders, both witting and unwitting, can cause grave harm to your organization’s facilities, resources, information, and personnel. Insider incidents account for billions of dollars annually in “actual” and “potential” damages and lost revenue related to data breaches, trade secret theft, fraud, sabotage, damage to an organization’s reputation, acts of workplace violence, and more. Implementation of an Insider Risk Program and an Insider Threat Awareness Campaign can help mitigate risks associated with trusted insiders.
The below resources were developed to support critical infrastructure sectors, cleared industry, DOD component, and federal agency insider threat programs. The principles and best practices therein have been applied throughout the private sector, and all materials are available to support Healthcare and Public Health organizations.
Establish an Insider Risk Program
This course is designed for individuals designated as the organizational Insider Threat Program Manager. The instruction provides guidance for organizational Insider Threat Program Managers on how to organize and design their specific program.
As a member of the Healthcare and Public Health Sector, you play a significant role in national security by protecting the nation and its economy from hazards such as terrorism, infectious disease outbreaks, and natural disasters. Implementation of an Insider Risk Program can help mitigate risks associated with trusted insiders.
This guide was developed to provide guidance and information for critical manufacturing organizations to establish insider threat programs.
This tool is designed to help the user gauge an organization’s relative vulnerability to insider threats.
The Presidential Policy Directive (PPD) on Critical Infrastructure Security and Resilience advances a national unity of effort to strengthen and maintain secure, functioning, and resilient critical infrastructure.
Insider Threat Programs are designed to deter, detect, and mitigate actions by insiders who represent a threat to national security. CDSE has provided an extensive catalog of insider threat resources for your use.
This CISA site is designed to assist individuals, organizations, and communities in improving or establishing an insider threat mitigation program.
The Healthcare and Public Health Sector-Specific Plan details how the National Infrastructure Protection Plan risk management framework is implemented within the context of the unique characteristics and risk landscape of the sector. This website provides the sector specific plan and links to sector resources.
This site provides insider risk resources to assist you in developing your Insider Risk Program.
Promote Awareness in Your Organization
Explore a growing repository of U.S. case studies. Learn about the crimes, the sentences, the impact, and the potential risk indicators that, if identified, could have mitigated harm.
This course provides a thorough understanding of how Insider Threat Awareness is an essential component of a comprehensive security program.
This course provides guidance to critical infrastructure employees and service providers on how to identify and take action against insider threats to critical infrastructure.
Most insider threats exhibit risky behavior prior to committing negative workplace events. If identified early, many risks can be mitigated before harm to the organization occurs. This job aid provides information about the potential risk indicators for which you should be looking.
In the weeks and months before an active shooter attack, many active shooters engage in behaviors that may signal impending violence. While some of these behaviors are intentionally concealed, others are observable and — if recognized and reported — may lead to a disruption prior to an attack.
(Download on Apple App Store or Google Play) This mobile application provides up-to-date awareness material on deterring, detecting, and mitigating potential risks associated with insider threats.
Play these engaging and entertaining games to test your knowledge of insider risk.
- Insider Threat Concentration
- Nine Simple Words
- Insider Threat Crossword Puzzle
- See Something Say Something Challenge
- Insider Threat Awareness Trivia Twirl
- Vigilance Word Search
- Whodunit Mystery Game
Watch & Learn
This repository contains 18 training videos about insider threat, including the 4-part award-winning series “Turning People Around, Not Turning Them In.”
Active shooter situations are unpredictable and evolve quickly, often before law enforcement personnel can arrive. Your goal in responding is to quickly determine the most reasonable way to protect your life and the lives of those around you. This video will help you make the best decision possible for your safety and the safety of those around you.
Participating in Insider Threat Awareness Month can help your program detect, deter, and mitigate insider risk by increasing awareness and promoting reporting. This website will help you identify a variety of activities and engagements available to your organization.
Instilling a sense of vigilance in the general workforce is a basic tenet of establishing an insider risk program. Developing a vigilance campaign for your organization is an effective solution. Deploying regular messaging, awareness, and communications materials ensures that the general workforce is prepared to recognize and respond to the insider risk.
Toolkit feedback/suggestions? Email firstname.lastname@example.org.