Our client was uncertain how to comply with Federal Insider Threat Program regulations and required assistance in understanding their specific threats and risks and developing a program consistent with regulatory requirements to mitigate the risk of insider threat.
Defense Security Services (DSS) released an update to NISPOM called Change 2. This new policy required all private companies that hold a facility security clearance and employ cleared contractors to establish an insider threat program within their organization.
Big Sky delivered value to our customer with the following steps:
We assisted our client in drafting an Insider Threat plan that was both compliant with NISPOM regulations and tailored to their specific threats, risks, and priorities. Major plan elements included:
Big Sky produced trainings tailored to specific groups of employees to align with the new security program and procedures, including:
Our team helped our client understand the gaps between their current state operations and NISPOM Change 2 mandates, providing them with a compliance dashboard and a roadmap of prioritized steps to achieve full compliance, as well as "above and beyond" elements the client was prepared to incorporate to establish a robust program.
Our client was 100% compliant upon inspection. In one case, the DSS representative noted that our client's internal insider threat processes were more robust than the ones in place at DSS!
If you're interested in how our team of insider threat experts can get the same results for your company, contact us today.