• CISA Urges Critical Infrastructure Organizations to Take Action Against Insider Threats WASHINGTON - The Cybersecurity and Infrastructure Security Agency (CISA) is calling on critical infrastructure organizations to take decisive action against insider threats. • To support this effort, CISA has released today a powerful new resource-Assembling a Multi-Disciplinary Insider Threat Management Team. • Designed for critical infrastructure entities and state, local, tribal, and territorial (SLTT) governments, this comprehensive infographic provides actionable strategies guidance to proactively prevent, detect and mitigate insider threats-helping organizations stay ahead of evolving organizational vulnerabilities. • Insider threats often take two forms: calculated acts of harm and unintentional mistakes. • Malicious insiders may exploit access for personal gain or revenge, causing severe damage to systems and trust, At the same time, negligence or simple human errors can open the door to vulnerabilities that adversaries can exploit. • Whether driven by intent or accident, insider threats pose one of the most serious risks to organizational security and resilience- demanding proactive measures to detect, prevent and respond.

Article Summaries:

  • CISA has issued a new infographic, “Assembling a Multi‑Disciplinary Insider Threat Management Team,” urging critical‑infrastructure entities and state, local, tribal, and territorial (SLTT) governments to proactively address insider threats. The agency stresses that insiders can pose risks through calculated attacks or unintentional mistakes, both of which can undermine trust and disrupt operations. The resource outlines actionable steps for building cross‑departmental teams, fostering accountability, and creating a culture that encourages reporting. CISA’s Acting Director, Dr. Madhu Gottumukkala, and Executive Assistant Director, Steve Casapulla, highlighted the importance of these teams for resilience and urged leaders to adopt the guidance immediately. The infographic and related tools are available on CISA’s website.

Sources: