The United States’s National Counterintelligence and Security Center (NCSC), a branch of the Office of the Director of National Intelligence (ODNI), has just published a meaningful article titled How to protect critical infrastructure from insider threats.
Focusing on protecting companies’ unique assets from cybercrime – and cyberespionage, this article echoes US government (USG) best practices and summarizes the most important steps that have to be taken.
According to Cyceon, it is pretty rare IT experts, especially those with the intelligence community, publicly tackle the sensitive topic of a threat occurring inside businesses – and not (only) outside.
“The good news is that the risks from insider threats to the nation’s critical infrastructure can be reduced significantly,” writes the NCSC Director William R. Evanina as he seeks to heighten the Silicon Valley (SV)’s awareness.
As a result, the Center for Development of Security Excellence (CDSE) has made available online several toolkits that point to useful resources such as the Insider Threat Toolkit with a view to helping the private industry to establish a program and conducting response actions.
With Counterintelligence (CI) at the core of its strategic plan, the NCSC encourages both a defensive mission and an offensive one – “to exploit, deceive or disrupt (adversaries) hostile activities.”