Mark Maier leads webinar on NISPOM changes
September 21, 2016
On Sept. 21, Mark Maier led the ABA Webinar “Constructing a Program to Deter, Detect and Mitigate Insider Threats and Comply with NISPOM Change 2.” The program highlighted the recent Change 2 to the Department of Defense’s National Industrial Security Program Operating Manual (NISPOM), which addresses the risks insiders pose to national security. Insiders are closest in proximity to targeted assets, have authorized access to people,facilities, and IT systems/data and can cause severe harm to national security more readily than outside actors.
The Change 2 requires government contractors with facility clearances to gather, integrate and report a wide range of relevant personal information on potential or actual insider threats, as well as deter, detect and mitigate
the risk of an insider threat. Providers of critical infrastructure especially electricity utilities, telecommunications carriers and technology leaders who address such threats can help protect against the loss or misuse of proprietary information.
The requirements and questions the session covered included:
- What are best practices for gathering relevant data on potential insider threats and ascertaining whether it is credible?
- What level of monitoring is expected inside as well as outside the workplace?
- What are the legal, privacy and HR protections that should be in place in establishing an effective program?
- What are effective deterrence and mitigation strategies against the risk of insider threats?