insider threat

May 31, 2017
By Julianne Simpson

As the Defense Department and other government agencies begin to recognize the benefits of working with smaller, innovative technology companies, the potential for insider threats and cyber attacks grows. And now, all federal contractors face a deadline to implement a step to protect against these outside cybersecurity risks and threats from the inside.

Beginning today, all cleared government contractors must complete insider threat employee awareness training prior to being granted access to classified information and every year thereafter. The mandate is part of NISPOM Change 2, a U.S. government regulation that requires insider threat programs for cleared federal contractors.

May 1, 2017
By George I. Seffers
The late Hugh Montgomery, a former ambassador who retired from the CIA in 2014 after serving the intelligence community for more than six decades, displays photographs from his younger days.

Editor’s note: Hugh Montgomery, the focus of this article, passed away April 6, just weeks after this SIGNAL interview.

It is just a matter of time before other countries face insider leaks similar to those that have haunted the American intelligence community, said Hugh Montgomery, a former U.S. diplomat and a pioneering intelligence officer who served for more than six decades.

May 1, 2017
By Mark J. Maier

As if facing down escalating terror, cyber and insider threats is not enough, private businesses are hamstrung by limited budgets that make choosing how and when to defend themselves more and more difficult. This rising cluster of threats demands intense security and substantial financial resources to protect people and assets.

The struggle is most pronounced in the homeland, where private parties own the majority of assets and critical infrastructure. Relying exclusively on the U.S. government for support is no longer an option—they must engage just as vigorously after an attack. 

March 7, 2017
By Sandra Jontz

WikiLeaks is posting thousands of files Tuesday the organization says detail the CIA’s efforts to surveil overseas targets by tapping otherwise ordinary devices that are connected to the Internet. The anti-secrecy group launched a “new series of leaks,” this time taking aim at the CIA’s Center for Cyber Intelligence, which falls under the agency’s Digital Innovation Directorate. 

November 17, 2016
By George I. Seffers
Terry Halvorsen, U.S. Defense Department chief information officer, addresses the crowd at AFCEA TechNet Asia-Pacific. Photo by Bob Goodwin

Terry Halvorsen, U.S. Defense Department chief information officer, told the AFCEA TechNet Asia-Pacific audience he is concerned about the cyber threat posed by insiders, but also warned against limiting employees’ sense of freedom.

July 1, 2016
By Dan Velez

Researchers in government and industry are combining advanced analytics with traditional detective work to quash dangerous cyberthreats from within. Instead of focusing on a silver-bullet solution to stop the insider threat, they are adopting an approach that consolidates information from multiple events to provide greater advanced warning of problems.

December 1, 2015
By Sandra Jontz
Analysts can use predictive analytics, such as Haystax Technology’s Carbon software, to counter inside threats by continuously monitoring and evaluating employees.

Since the 2009 fatal shootings of 13 people at Fort Hood by a U.S. Army major and psychiatrist and the leaks of some 750,000 classified and sensitive military documents to WikiLeaks by another soldier, the U.S. Defense Department has sought technology to give analysts an advantage in finding insider threats.

The need spread, and now federal agencies employ advanced analytics and cybersecurity solutions to protect against an ever-morphing landscape of breaches, from those outside firewalls to rogue or careless employees. One of those solutions is a product called Carbon.

December 16, 2015
By Eddie Garcia

Stopping insider threats has become a unifying cybersecurity mission, particularly in the defense and intelligence communities. And for good reason. While in the recent past, mention of the words insider threat conjured up the likeness of Edward Snowden, the reality is much scarier. More often than not, insider threats result from innocent people making simple mistakes rather than the common misconception of malicious employees or whistleblowers.

November 13, 2015
By David E. Meadows

The adage is true: What’s old is new again, and while we think the technology of today might cure the ills of yesterday, some problems persist. It might be time to explore how methods that helped isolate insider threats from history can succeed in protecting modern infrastructure.

April 15, 2015
By Ed Bender

Government information technology administrators long have been trained to keep an eye out for the threats that come from outside their firewalls. But what if the greatest threats actually come from within?

March 4, 2015
By Glenn Kesselman

Cyber attacks originate from the outside or the inside. Is there "low hanging fruit" that you can harvest to reduce an insider attack?

You can reduce the probability of an attack from a disgruntled employee by becoming more mindful of your command climate or employee attitudes and by making a commitment to spend more time with your employees/members of your command. Take an employee to lunch and learn about his or her world. Schedule a breakfast with a subordinate and listen to his or her concerns.

January 28, 2015
By Ed Bender
In this file photo, Marines develop their private cloud, focusing on ensuring the right access for the right people.

With 2014 in the rearview mirror, federal agencies now are looking ahead to what the next year will bring. For information technology (IT) professionals working in the U.S. Defense Department and intelligence community, 2015 will be the year of the cloud, application stacks, security challenges and centralization. How will each of these trends develop and impact government information technology infrastructures? Here is a look at a few changes in IT that will affect federal IT pros in 2015.

June 22, 2011
By George Seffers

Science Applications International Corporation, McLean, Virginia, was recently awarded an approximate $9 million contract for research in the detection of insider threats based on sensor data from routine activities of members of a group, and possibly social networks. The U.S. Army Contracting Command, Durham, North Carolina, is the contracting activity.