Description
Implement an insider threat program that includes a cross-discipline insider threat incident handling team.
Supplemental Guidance
Organizations that handle classified information are required, under Executive Order 13587 and the National Insider Threat Policy, to establish insider threat programs. The standards and guidelines that apply to insider threat programs in classified environments can also be employed effectively to improve the security of controlled unclassified information in non-national security systems. Insider threat programs include controls to detect and prevent malicious insider activity through the centralized integration and analysis of both technical and nontechnical information to identify potential insider threat concerns.
Changes from Rev 4
No significant changes from Rev 4.