Month'S This National Insider Focus Threat Awareness Month

VOLUME 3 ISSUE 9September 2022THISMONTH’SFOCUSDID YOU KNOW?This September marks thefourth annual NITAM.CDSE – Center for Development ofSecurity Excellence@TheCDSECenter for Development ofSecurity ExcellenceCDSE PulsePublished by the DefenseCounterintelligence and Security Agency(DCSA) Center for Development ofSecurity Excellence (CDSE) Marketing andCommunications Office.DCSA LeadershipWilliam K. Lietzau Daniel LecceDirector, DCSADeputy Director, DCSAKevin JonesAssistant Director,TrainingErika RagoneseDeputy AssistantDirector, TrainingCDSE LeadershipHeather MardagaDirectorZinethia ClemmonsChief, Shared ServicesPulse StaffAdriene BrownSamantha DambachChief Content Officer Natalie PerkinsContent Developers/Isaiah BurwellManagersContent WriterMarc PulliamContent DesignerNATIONAL INSIDERTHREAT AWARENESS MONTHCRITICAL THINKING IN DIGITAL SPACESForeign intelligence entities(which may include foreigngovernments, corporations,and their proxies),are actively targetinginformation, assets, andtechnologies that arevital to both U.S. nationalsecurity and our globalcompetitiveness. U.S.companies are increasinglyin the cross-hairs of theseforeign intelligenceentities who breach privatecomputer networks, pilferAmerican business secretsand innovation, and carryout other illicit activities.This is why National InsiderThreat Awareness Month(NITAM) remains a crucialevent every September.NITAM increases awarenessof insider threats (InT)to preserve our personalsafety, economy, andnational security. Thisawareness campaigninvites government andindustry personnel toprotect, preserve, andstrengthen the securityof our public and privateorganizations.The theme for NITAM2022 is “Critical Thinking“Increasing the workforce’s awareness of manipulatedinformation and attempts at online social engineeringis critical to ensuring our trusted workforce remainsresilient and vigilant against these threats.”Mr. Ronald S. MoultrieUnder Secretary of Defense for Intelligence andSecurityin Digital Spaces,” withsub-themes includingDigital Media Literacy,Online Manipulationof Perceptions, andCognitive Bias. COVID,isolation, and workingfrom home has made itmore difficult to discernbetween true coworkersand phishing attempts forproprietary or sensitiveinformation. It has alsoled to more interactionson social media, whichmakes individuals morevulnerable to deception.This year, NITAM willalso emphasize whycritical thinking is key topreventing unwitting andwitting insider threatsand protecting nationalSign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html1

VOLUME 3 ISSUE 9September 2022security. Critical thinking helps individuals become lesssusceptible to various types of risks, including socialengineering, solicitation by adversaries (foreign anddomestic), and information designed to malign.Multiple Government organizations work in unison tosponsor NITAM, such as the Office of the Under Secretaryof Defense for Intelligence and Security (OUSD(I&S)), theNational Insider Threat Task Force (NITTF), and the DefenseCounterintelligence and Security Agency (DCSA). Theseorganizations have partnered with other stakeholderorganizations to provide InT training, awareness products,and virtual engagements/events to build off previoussuccesses and expand the reach of the NITAM campaign.In addition to our work with NITAM, the Center forDevelopment of Security Excellence (CDSE) also offersnumerous resources to ensure the workforce is preparedto recognize different forms of the threat. To promoteawareness of insider threats within your organization,CDSE has posters, case studies, social media, securityawareness games, a vigilance campaign, and monthlysubscriber emails. CDSE also offers several eLearningcourses curricula, shorts, videos, job aids, and a toolkit toassist with training your workforce to understand how torecognize, mitigate, and respond to insider threats.Critical thinking in the digital space is a relevant themefor this year’s NITAM because many digital spaces havemisinformation that seems legitimate. NITAM will helpindividuals/organizations achieve a greater understandingof how virtual platforms have been utilized by maliciousactors and how to spot efforts to intentionally manipulateperceptions. Failure to recognize misinformation couldresult in negative consequences for our Government, andthese education tools will prepare employees of bothGovernment and industry to separate fact from fiction.“It is imperative that we arm our trusted insiderswith the resources and skills to counter increasinglysophisticated efforts to exploit our personnel,information, and resources.”Mr. Michael J. OrlandoOffice of the Director of National Intelligence, NationalCounterintelligence and Security Agency ActingDirectorSign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html2

VOLUME 3 ISSUE 9September 2022NITAM EVENTSNITAM RESOURCES2022 INSIDER THREAT VIRTUAL CONFERENCEThe 2022 Insider Threat Virtual Conference was held onSeptember 1, 2022. The conference, jointly hosted byDCSA and the Office of the Under Secretary of Defense forIntelligence and Security (OUSD(I&S)), brought togethersecurity professionals and policy makers from acrossthe U.S. Government and industry to kick off the NITAMcampaign. The theme for this year’s conference mirroredthe “Critical Thinking in Digital Spaces” of the campaign.If you missed the conference or would like to revisit thepresentations, the recordings will be posted later in theCDSE Conference Archive.C-INT SBS SUMMIT REGISTRATION STILL OPENRegister now for the Counter-Insider Threat (C-InT)Social & Behavioral Science (SBS) Summit. This 30-dayvirtual event will focus on building Cognitive Immunityto increase resistance against misinformation and badideas to maximize the effectiveness of Counter-InsiderThreat Programs. The Defense Personnel and SecurityResearch Center (PERSEREC), home of The Threat Lab,hosts the C-InT SBS Summit during September 1-30, 2022,in conjunction with National Insider Threat AwarenessMonth (NITAM). Register to attend live keynotes and viewon-demand research presentations, case studies, andtraining aids curated by leading subject matter experts incounter-insider threat research and practice. Learn moreat https://sbssummit.com/WEBINARSCounter Insider Threat Resources for Your OrganizationThursday, September 8, 20221:00 – 2:00 p.m. ETPRODUCTURLNITAM ov/cdse/nitam/index.htmlNITAMCustomizableAwareness e/nitam/docs/awareness-brief.pptxNITAM insider-threat.htmlNITAM ns-Plan-2022.pdfINSIDER RISKSin ONLINEINTERACTIONSVishing, or Voicemail phishing, isan attempt to defraud people overthe phone, enticing them todivulge sensitive informationJOHHN SMITHDisinformation and Insider ThreatTuesday, September 13, 202212:00 – 1:00 p.m. ETWE STEAL FROM UINCORPORATEDNOWHERE, USAYOU JUST GAVE 1National Insider Threat Awareness MonthCyber-related attacks andsocial engineering are thebiggest threats to aworkforce working remotelyUsers prone to falling for phishing scams aredisinformation and misinformation campaignsForeign intelligenceentities and terroristorganizations utilizesocial networking torecruit insiders andexploit their accessSmishing, or SMS phishing, isan attempt to collect logins orother sensitive informationwith a malicious text messageCOVID-19 has been the sourceof various phishing scamsYOUGAVE 100YOU GAVE 500TO WE STEAL FROM UINCORPORATEDRegister today for these events and join the discussion!Sign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html3

VOLUME 3 ISSUE 9September 2022NEW AND FEATURED INSIDER THREAT PRODUCTSPRODUCTURLEmployment ApplicationRisks and Mitigation forInsiders with NationalSecurity Eligibility Job ids/insider/INT Employment JobAid.pdfAn Insider’s Digital Footprintand Associated Risks Job ids/insider/insiders-digital-footprint.pdfInsider Threat Program (ITP)for Industry Job Potential Risk Indicators:Kinetic Violence Job ence-jobaid.pdfCritical Thinking PlaybookJob ids/insider/critical-thinking-playbook.pdfThe Adventures of Earl LeeIndicator Security .gov/cdse/multimedia/games/escape/index.htmlNewest Case dse/case-studies/index.phpInsider Threat Sentry AppDownload the free app from Android and iOS app storesInsider Threat Email UpdatesSign up for CDSE’s email subscription news service to get the latest insider threatand/or other CDSE news, updates, and information. Visit https://www.cdse.edu/CDSE-News/ to sign up or update your account today!Insider Threat Twitterhttps://twitter.com/Int AwareInsider Threat wareness-604498590023561/Sign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html4

VOLUME 3 ISSUE 9September 2022PERSEREC INSIDER THREATINFORMATIONThe Defense Personnel and Security Research Center(PERSEREC) is committed to improving the efficiency,effectiveness, and fairness of the DOD personnel security andsuitability programs. In support of this mission, PERSERECestablished The Threat Lab in 2018 to realize the DODCounter-Insider Threat Program Director’s vision to integratethe social and behavioral sciences into the mission space. Aspart of a partnership with the PERSEREC Threat Lab, CDSEprovides links to their insider threat resources in the InsiderThreat toolkit. This promotes the applied use of researchoutcomes to the insider threat community. New productsare added monthly. Access the newsletters, white papers, jobaids, and reports in the InT toolkit “Research” tab - l.PERSONNEL VETTING WEBINARCDSE invites you to participate in the “PersonnelVetting Policy Overview with OUSD(I&S)” webinaron Wednesday, September 14, 2022, 1:00 pm to 2:00p.m. ET. This live event will feature policy experts fromthe OUSD(I&S) discussing personnel vetting reforms.Register today and join the discussion!UPCOMING CHANGES TOCERTIFICATION MAINTENANCEAND RENEWAL POLICIESNew certification maintenance and renewal policies andprocedures will go into effect on October 1st. To transitionto the new policy, currently certified individuals (whoare within their two-year renewal window) will haveuntil September 30th to either: 1) submit CertificationRenewal Forms (CRFs) under existing renewal policy, or2) wait to submit under the new policy. Certificants whosecertification or credential expire prior to October 1stmust renew under the current policy. Certificants who areconferred or renew after October 1st will operate underthe new policy.CCITP PROGRAMThe Office of the Under Secretary of Defense forIntelligence and Security (OUSD(I&S)), in partnership withthe NITTF created two professional certificationsThese new policy changes include: Certified Counter-Insider Threat Professional Fundamentals (CCITP-F) Updated and expanded PDU categories Certified Counter-Insider Threat Professional Analysis (CCITP-A) Single CRF formBoth certifications have been accredited by the NationalCommission for Certifying Agencies (NCCA). The NCCAaccredits certification programs based on the highestquality standards in professional certification to ensurethe programs adhere to modern standards of practicein the certification industry. The C-InT certificationsestablish workforce credibility, foster professional identityand promote professional development. Visit eat/ formore about information about the program. Professional Development Units (PDUs) based on level ofeffort Single expiration date across all certifications/credentials Maintenance periods based upon the candidateinitiating an action (e.g., submitting a form in the MySPēD system or attaining a new SPēD Certification). Thisperiod remains at two years for each cycle.**Certificants are ultimately responsible for ensuring theircertifications are maintained in accordance with programmaintenance and renewal guidelines**Stay tuned for more information, including updatedhandbooks and webpages.Sign up for the latest security awareness newsletters at https://www.cdse.edu/news/index.html5