CISA Releases New Guidance on Assembling Multi-Disciplinary Insider Threat Management Teams - DataBreaches.Net
Briefly

CISA Releases New Guidance on Assembling Multi-Disciplinary Insider Threat Management Teams - DataBreaches.Net
"CISA's guidance is intended to assist critical infrastructure stakeholders, which includes private sector entities across various sectors, with implementing an insider threat mitigation program that combines physical security, cybersecurity, personnel awareness, and community partnerships. Although framed for critical infrastructure, CISA's guidance is relevant to a broader range of organizations, including those outside of critical infrastructure sectors."
"In the organizing phase, the team guides employee awareness, encourages a culture of reporting, and provides needed support to relevant departments as they identify potential insider threat activity. CISA advises that 'a trusted staff, with varied expertise in a wide range of disciplines, will be better able to synthesize and analyze data from sources across the organization' in order to better provide needed support."
"At the center of the guidance is CISA's four-phase POEM (Plan, Organize, Execute, and Maintain) framework, which is intended to structure the lifecycle of an insider threat management team. In the planning phase, organizations are encouraged to structure and scope the role of the threat management team."
CISA released new guidance on January 28, 2026, for establishing insider threat management teams applicable to critical infrastructure and broader organizations. The guidance centers on the POEM framework, a four-phase approach encompassing Plan, Organize, Execute, and Maintain. The planning phase involves defining team purpose, identifying critical assets, determining risk tolerance, and establishing reporting structures. The organizing phase focuses on employee awareness, fostering reporting culture, and supporting departments in identifying threats through multi-disciplinary expertise. The execution phase implements mandatory training, integrates information across sources, and establishes analysis capabilities. This comprehensive approach combines physical security, cybersecurity, personnel awareness, and community partnerships to create effective insider threat mitigation programs.
#insider-threat-management #cisa-guidance #poem-framework #critical-infrastructure-security #multi-disciplinary-teams
Read at DataBreaches.Net
Unable to calculate read time
[
|
]