Skip to main content

Counter-Insider Threat

According to the most recent US State of Cybercrime Survey, almost two-thirds of companies have reported experiencing an insider attack. However, only half of companies have any sort of plan to deal with such incidents, which can result in the loss of critical data, proprietary information, and reputation. Furthermore, the National Industrial Security Program Operating Manual (NISPOM) recently underwent a large revision. Now, federally-cleared facilities have to meet new requirements, including the establishment of an insider threat program and employee awareness training.

Computer Tech

PKH Enterprises is an agile, small business providing high-impact results for its customers with the proper combination of experience and expertise. Our cadre of subject matter experts have a combined service of over 30 years within the Insider Threat Community spanning program development, policy, governance, oversight, legal, privacy, intelligence, counterintelligence, law enforcement, cybersecurity, military, and government. PKH Enterprises specializes in pairing the appropriate personnel with every customer, navigating nuanced internal processes, precisely identifying an organization’s requirements, and providing a structured, customized approach to institute, manage and mature a comprehensive insider threat program.

Initial Assesment

Implementing a successful Insider Threat or Asset Protection program begins with a comprehensive look at your organization’s critical assets, infrastructure, and existing protection elements. Our initial assessment will assist you identify existing Insider Threat program or Asset Protection elements and their maturity level:

Existing Program Elements – What security programs, policies, strategies, and tools do you already have that can serve as a foundation for an Insider Threat Program?

Critical Assets – What are the critical assets that your organization needs to protect?

Risks to Your Critical Assets – What are the potential risks to your organization if your critical assets are damaged, destroyed, stolen, or compromised?

Programmatic Gaps – What controls, policies, and processes do you need to put in place?

Capacity – What level of resources and staff will be required; how to effectively utilize current resources and staff.

Organizational Elements – Who are the key personnel, What are the organization’s priorities and How to align stakeholders.

Foundational Elements – Provide the underpinnings for establishing a strong Insider Threat program.

Program Planning

Building on the initial assessment, the Insider Threat Program Plan is a prescriptive document that provides the framework for establishing an Insider Threat or Asset Protection program for your organization and ensures that your company has a solid foundation for successful implementation. The plan will identify:

Goals and Scope – The first step in establishing an Insider Threat Program is determining its scope and goals. We will work with you to develop a well-defined scope for your program and establish clear and measurable goals.

Business Case – We will work with you to develop a business case that demonstrates the value of the program for your organization.

Governance and Management – Building a successful program requires oversight. Our policy experts will develop an oversight structure that is tailored to your specific business needs.

Policies and Procedures – Ensuring that you have the right policies, procedures, and practices in place is critical to your success. Our plan will include an analysis of the policy and procedural changes necessary for your business to implement an Insider Threat or Asset Protection program.

Mitigation Strategies – We will work with you to identify the risks and threats to your critical assets. Our experts will identify specific mitigation strategies to ensure that you can prevent, detect, and respond to insider threats.

Tools and Techniques – We will identify and prescribe tools and techniques that you can utilize to ensure that your critical assets are protected.

Program Operations and Maturity

PKH Enterprises has extensive experience and past performance brining program planning to fruition. We understand Insider Threat programs are not “one-size-fits-all” and take pride in establishing NITTF and regulatory compliant programs customized to the customer’s mission, enterprise environment, risk profile, business priorities, future operational requirements and fiscal constraints. PKH Enterprises employs a well-developed proficiency to leverage conventional data through non-conventional perspectives to provide continuity in decision making across the executive, operational, programmatic, and technical stakeholders. PKH Enterprises is uniquely positioned to provide customers with end to end insider threat solutions ranging from targeted consulting to subject matter expert staffing services at all levels of the program structure.

From the Blog
    Secret Link