Insider Threat

No matter how diligently an organization vets its employees, trusted insiders may nevertheless work to undermine their employers. Malicious insiders may commit espionage, leak classified or sensitive information, or commit acts of violence against colleagues and co-workers.

In 2015, after large-scale leaks that significantly damaged U.S. national security, INSA’s Security Policy Reform Council established an Insider Threat Subcommittee to address growing concerns raised by senior government officials and INSA member companies about the increased risk of insider threats within government and a multitude of industries. The Subcommittee researches, discusses, analyzes, and assesses counterintelligence and insider threat issues that affect government agencies, cleared contractors, and other public and private sector organizations.

The goal of the Subcommittee’s work is to enhance the effectiveness, efficiency, and security of both government agencies and the private sector, as well as to foster more effective and secure partnerships between the public, private and academic sectors. Toward this end, the Subcommittee:

  • Researches and analyzes challenges related to insider threats, including malicious insiders’ motivations, tactics, and collaborators and the impacts of malicious insiders’ actions;
  • Raises awareness of various types of insider threats, including the theft, loss, or leak of classified, sensitive, or proprietary information; the deliberate infliction of damage to an organization’s facilities, operations, or networks; or violence or harassment perpetrated by a trusted insider against other employees of the organization, whether at the workplace, at another location, or online;
  • Identifies and assesses new methods for combating malicious insiders;
  • Captures best practices for establishing and executing insider threat programs; and
  • Convenes subject matter experts from the U.S. Government, the private sector, and academia to address current and future challenges relative to counterintelligence and insider threats.

The Subcommittee has convened a number of high-profile events and published several papers to foster a better understanding of insider threats and identify ways of combating them. In April 2016 and 2017, the Subcommittee convened day-long conferences on insider threats and other counterintelligence issues that affect both government and industry. In April 2017, the Subcommittee released a report, Assessing the Mind of the Malicious Insider, that examined the psychological stressors that cause trusted insiders to commit malicious acts and evaluated linguistic analysis software tools that can identify employees who may be predisposed to misconduct. In September 2016, the Subcommittee issued a guide to small- and medium-sized companies establishing an insider threat program that provided insights on best practices and lessons learned from previous efforts.

The Subcommittee has had a direct impact on U.S. policy and legislation through its work. In late 2015, the Subcommittee worked closely with the Defense Security Service (DSS) and the ODNI’s National Counterintelligence and Security Center (NCSC) to refine the definition of insider threat in a way that is relevant to all U.S. government agencies and private companies – not just those in the national security sector. The Subcommittee’s comprehensive definition, which had widespread support in both government and industry, was incorporated into the National Defense Authorization Act for Fiscal Year 2017.


Please enter your username or email address. You will receive a link to create a new password via email.