The National Counterintelligence and Security Center (NCSC) and the Department of Defense’s Center for Development of Security Excellence (CDSE) have collaborated to publish “Insider Risk Mitigation Programs: Food and Agriculture Sector Implementation Guide.”
The new publication was developed in coordination with other federal partners and stakeholders within the food and agriculture sector, such as the Food Defense Consortium, to help organizations in this sector understand insider risks, establish insider risk programs, and develop mitigation strategies. The publication provides details on creating an insider risk program, detecting and deterring insider threats, monitoring user activity, identifying critical assets, and conducting risk assessments and mitigation.
Several case studies about food adulteration, theft of intellectual property, and active shooter incidents by insiders in the food and agriculture sector are included in the document, as are links to additional resources from the federal government and other entities.
“Organizations in the food and agriculture sector play a critical role in protecting public health and safety, as well as U.S. economic and national security,” said NCSC Acting Director Michael Orlando. “This guidance is designed to help these entities create effective programs to deter, detect, and mitigate potential insider threats before they can cause harm.”
All organizations are vulnerable to insider threats. An insider threat is anyone with authorized access who uses that access to wittingly or unwittingly harm an organization or its resources. Those with authorized access to facilities, personnel, or information can include employees, vendors, partners, suppliers, or others. Most insider threats exhibit risky behavior prior to committing negative workplace events. If identified early, many insider threats can be mitigated before harm to the organization occurs.
Within the food and agriculture sector, insider threats can take many forms. These include malicious acts by insiders, such as deliberate food adulteration, fraud, theft, sabotage, and workplace violence. Unwitting insiders may inadvertently disclose proprietary or sensitive information, impact food safety through negligent actions, or unknowingly download malware or facilitate other cybersecurity events.
NCSC is a center within the Office of the Director of National Intelligence that serves as the nation’s premier source for counterintelligence and security expertise and a trusted mission partner in protecting America against foreign and other adversarial threats. NCSC houses the multi-agency National Insider Threat Task Force, which was created in 2012.
CDSE is a directorate within the Defense Counterintelligence and Security Agency that provides security education, training, and certification products and services to a broad audience supporting the protection of national security and professionalization of the Department of Defense security enterprise.