ODNI releases Insider Threat Framework

The National Insider Threat Task Force (NITTF), operating under the joint leadership of the Attorney General and the Director of National Intelligence, announced on November 1 the release of the “Insider Threat Program Maturity Framework.” The release occurred during the NITTF’s semiannual Insider Threat Community Forum held at the J. Edgar Hoover Building, the headquarters of the Federal Bureau of Investigation (FBI) in Washington, D.C.


The “National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs,” issued by the White House in November 2012, provides executive branch departments and agencies with the minimum elements necessary to establish functional insider threat programs. These minimum standards serve as the foundation of the insider threat program maturity process.


The Framework, as it is known, is designed to help executive branch departments and agencies’ insider threat programs advance beyond the Minimum Standards to become more proactive, comprehensive, and better postured to deter, detect, and mitigate insider threat risk. The Framework identifies key elements within the existing minimum standards construct that, when enhanced, enable departments and agencies to increase program functionality and garner greater benefits from insider threat program resources, procedures, and processes. Each element within the Framework has been identified as a capability or attribute exhibited by an advanced insider threat program.


The Maturity Framework was developed via a series of working group sessions held in the fall of 2017 to solicit ideas from the U.S. Government’s insider threat community. Feedback from these sessions led to the development of a draft framework that was modeled on the capability maturity model process improvement approach used in private industry. The resulting Framework was vetted through a series of NITTF-hosted focus groups held in the spring of 2018. The groups included representatives from the Intelligence Community, Department of Defense, and federal partner insider threat programs.


NITTF is co-directed by the FBI and the National Counterintelligence and Security Center. It was established in October 2011 by Executive Order 13587 which directed federal departments and agencies with access to classified information to establish insider threat detection and prevention programs. The NITTF was established to assist agencies in developing and implementing these programs.

The Framework and FAQs, as well as additional information on the NITTF and its mission, can be found at https://www.dni.gov/index.php/ncsc-how-we-work/ncsc-nittf.

Source: ODNI