The National Insider Threat Task Force has released new guidelines to help federal agencies advanced their programs for mitigate malicious insiders.
The Insider Threat Program Maturity Framework is designed to help agencies develop their insider threat programs beyond the minimum standards laid out by a White House memorandum in 2012.
The framework identifies key elements within the existing minimum standards that can be enhanced to increase functionality and lead to better procedures and processes for identifying and mitigating the risks from insider threats.
The maturity framework was developed via a series of working group sessions held in the fall of 2017 to solicit ideas from the federal government’s insider threat community. Feedback from these sessions led to the development of a draft framework modeled on the capability maturity model process improvement approach used in private industry.
The draft framework was vetted by a series of focus groups that included participants from the intelligence community, the Defense Department and federal insider-threat programs.
The National Insider Threat Task Force operates under the joint leadership of the attorney general and the director of national intelligence.