Compliance Posters by State
Insider Threat Awareness Program
The National Industrial Security Program Operating Manual (NISPOM) paragraph 1-202, which provides baseline standards for the protection of classified information, requires contractors that engage with federal agencies, which process or access classified information, to establish an Insider Threat Program.
The NISPOM requirement for an Insider Threat Program was preceded by Executive Order 13587, Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information. Signed by President Obama in September 2011, Executive Order 13587 requires federal agencies that operate or access classified computer networks to implement insider threat detection and prevention programs.
An insider threat is the threat that an insider will use their authorized access, wittingly or unwittingly, to do harm to the security of the United States. This threat can include damage to the United States through espionage, terrorism, unauthorized disclosure of national security information, or through the loss or degradation of departmental resources or capabilities.