"Insider threats are posed by persons who use trusted access to do harm to the department's facilities, resources or people," said Dr. Brad Millick, director of the Defense Department's counter-insider threat program within the Office of the Undersecretary of Defense for Intelligence.
Spies, workplace shooters and disillusioned employees who post sensitive or classified documents on the internet are examples of insiders and their harmful activities. Their actions put lives, missions and dollars at risk.
Per the Indutrsial Security Letter (ISL) 2016-02 (effective May 18, 2016) all contractors are required to establish and maintain and insider threat program to detect, deter and mitigate insider threats. Specifically, the program must gather, integrate, and report relevant and credible information covered by any of the 13 personnel security adjudicative guidelines that is indicative of a potential or actual insider threat to deter cleared employees from becoming insider threats; detect insiders who pose a risk to classified information; and mitigate the risk of an insider threat.
The 13 adjudicative guidelines are:
Employees of cleared Industry must report potential threats to the
Insider Threat Program Official (ITPO) or FSO. Depending on the situation, the FSO and ITPO will then report the possible threat to the Defense Counterintelligence and Security Agency (DCSA), and, if it involves known or suspected espionage, to the FBI. Information related to the Adjudicative Guidelines must also be reported per National Industrial Security Program Operating Manual (NISPOM) 102(a). Employees are also required to report suspicious contacts and other reportable behaviors in accordance with NISPOM 102(b).
The Cyber Insider Threat is also something to be aware of. The Center for Development of Security Excellence (CDSE) has a Protecting your Identity Toolkit designed to provide resources to help protect your identity. Cyber incidents can be reported to your FSO or firstname.lastname@example.org .
All cleared employees are required to complete and annual insider threat training or refresher course provided by your Insider Threat Program Officer (ITPO).