From: FedScoop
Component agencies need to ramp up adherence to minimum standards so the department can assess effectiveness of security policies, the report says.
By Dan Verton
The Defense Department’s efforts to meet the minimum standards of the National Insider Threat Policy issued in 2012 have been inconsistent across its component agencies, potentially affecting its ability to conduct accurate risk assessments, according to a new Government Accountability Office report.
An unclassified version of the report, released June 2, reveals that a half-dozen Pentagon component agencies have made progress on their insider threat programs, but only half had instituted a baseline of normal activity — a key aspect of insider threat protection used to identify unusual behavior that might pose a security risk. Half of the components also told GAO they are in need of better analytic tools to identify suspicious behavior, particularly on Defense Department computer networks.
Leave a Reply