Combatting the Insider Threat

Combatting the Insider Threat

Combatting the Insider Threat

Additionally, DHS should continue to bolster systems that detect the behavioral red flags preceding a malicious cyberattack. Agencies can share information about anomalous behaviors with employees, as employees who work alongside an insider may be in the best position to recognize unusual behavior. DHS currently recognizes a more systematic approach: behavioral methodologies that establish normal use trends (i.e., baselines) of employee cyber activity and evaluate new cyber activity against these trends. When cyber activity deviates from the baseline, this system identifies employees who may be in the process of going rogue.

According to a majority of Federal information technology (IT) professionals, accidental insiders are the greatest IT security threat to their agencies. Lax environments and poor data protection protocols enable employees to accidentally open doors to otherwise secure cyber systems. Online training can emphasize the potential for social media activity to unintentionally leak information, and in-person training helps employees integrate cybersecurity measures into the context of DHS’s larger culture of vigilance. Performing regular audits and effectively managing new-hire background investigations can also reduce the risk of potential accidental insider threats.

Given the dual identity – malicious and accidental – of the insider threat, successfully combatting this risk demands a nuanced approach that balances the need to enhance cybersecurity with the need to promote information sharing and efficiency among Government personnel.

Insider threats are a serious cybersecurity risk to the Federal Government. According to Verizon’s 2013 Data Breach Investigations Report, insider threats, which can be malicious or accidental, comprise at least 14% of confirmed data breaches. Each type of insider threat requires a unique solution.

Malicious insiders intentionally abuse their privileged access to execute cyberattacks. Currently, the  Department of Homeland Security (DHS) restricts employee and contractor access only to the sensitive data required for their roles to limit avenues for malicious insiders. Still, the Government must continue to enhance systems that monitor, review, and roll back unnecessary access. These ongoing reviews should prioritize manager-level personnel, who, according to the 2015 Insider Threat Spotlight Report, are the highest risk cohort due to the large volumes of sensitive data they can access.

Organization Redesign: Is the Cure Worse than the Ailment?

Organization Redesign: Is the Cure Worse than the Ailment?

According to a popular management joke, new executives should blame their predecessors when facing their first crisis.  When facing their second crisis, they should reorganize everything. Jokes are funny when they’re seen as plausible. Reorganizations show action, produce change, and create opportunities for new leadership. However, are reorganizations worth the disruption?

Arc Aspicio to Host Design Thinking Forum: Creating the Future of Government on June 21

Arc Aspicio to Host Design Thinking Forum: Creating the Future of Government on June 21

Washington, DC, June 7, 2017 — Arc Aspicio plans to host an inaugural Design Thinking Forum featuring a discussion on how Federal leaders can innovate solutions to create the future of Government. Design Thinking is a human-centered innovation process that emphasizes observation, collaboration, fast learning, visualization of ideas, rapid concept prototyping, and concurrent business analysis, which ultimately generates innovation and increased mission outcomes.

Firefighters Show You Can Develop a Strategy While Fighting Fires

Firefighters Show You Can Develop a Strategy While Fighting Fires

“Employees at all levels are too busy ‘doing their jobs’ and ‘fighting fires’ to devote time or pay heed to strategic initiatives.” It’s a common complaint. Academic literature has confirmed that ‘firefighting’ takes up much of the manager’s job and offers extensive advice on how to stop fighting fires – and even how to suppress the urge to do so.

The SILab: An Invitation to Embrace Innovation

The SILab: An Invitation to Embrace Innovation

Government agencies and businesses must embrace innovation and strategic thinking to keep up with today’s changing society, rising demands, and complex problems. Encouraging organizations to fully adopt innovative thinking, however, is difficult. Organizations are often focused on their daily activities and have limited time to discover new approaches. In addition, employees often choose to stay with proven, mainstream solutions because they fear wasting resources or failure. 

Putting the Mission First in a Leader’s Agency Reform Plan

Putting the Mission First in a Leader’s Agency Reform Plan

Agency leaders have more than a little to do these days. The Office of Management and Budget (OMB) released guidance for implementing Executive Orders and Presidential Memoranda on Federal management and human capital. The Comprehensive Plan for Reforming the Federal Government and Reducing the Federal Civilian Workforce (M-17-22) directs agencies to create comprehensive plans to enhance mission focus, streamline operations, and improve workforce effectiveness and efficiency.

SharePoint: Unique Solutions for Homeland Security Partners

SharePoint: Unique Solutions for Homeland Security Partners

As information sharing has become more common across local, state, and federal agencies, homeland security partners need tools to manage this critical data. SharePoint has emerged as an information sharing tool that can assist emergency managers, law enforcement agencies, and others across the homeland security enterprise with the sharing of sensitive data with internal and external partners, quickly and securely.

Managing Change Using a Maturity Model

Managing Change Using a Maturity Model

The pace of change is accelerating. Government agencies, and their employees, must find new ways to support their stakeholders and manage internal operations in the face of changing mission expectations and potential budget cuts. Guiding the workforce through the change is messy and challenging and is essential to successful implementation of innovative ideas, technologies, and processes. 

Lost in Translation No Longer: Data Translators Bridge the Gap to the Mission

Lost in Translation No Longer: Data Translators Bridge the Gap to the Mission

Two main types of problems can make it difficult to make data-driven decisions: technical and cultural. Technical difficulties could include data that is messy, incomplete, or split between different departments or components. Cultural factors might include a resistance to change, an environment that favors trusting your instincts, or a belief that things are fine the way they are. 

How to Use Data to Drive Employee Engagement

How to Use Data to Drive Employee Engagement

When it comes to retaining your workforce, one feature correlates to 87% increases in retention and 57% increases in employee effectiveness. It is not compensation. It is employee engagement. Engagement measures an employee’s emotional commitment to an organization and willingness to use discretionary effort to achieve organizational goals. In other words, engaged employees strive to exceed the status quo. 

A Leader’s Most Influential Tool: Gratitude

A Leader’s Most Influential Tool: Gratitude

Gratitude is one of a great leader’s most powerful tools. It creates positive energy among an organization and the sense of appreciation permeates through the work the collective group is performing. Influential leaders listen to the needs of their colleagues and express gratitude. This helps them bring out the potential in the people they lead and inspire them to achieve what is most important to them and to the project.

The Design Era of Project Management

The Design Era of Project Management

Project Management best practices and methods continue to evolve to address the biggest challenges Government agencies face in today’s market. The increased use of Agile and the move from traditional waterfall methodologies is fairly common in Information Technologies. Projects use Agile methods such as Scrum or Kanban, and organizations invest a lot of time and effort to make this cultural shift on projects.