Government Contractor Cybersecurity Alert

In May 2016, the Under Secretary of Defense for Intelligence issued a requirement for cleared government contractors to establish an “insider threat program” (ITP) to better protect national security networks from cybersecurity threats.

NISPOM Change 2 required the implementation, certification and maintenance of an ITP by all cleared government contractors. It also required the appointment of an Insider Threat Program Senior Official (ITPSO) and awareness training of all cleared personnel.

The deadline for completing ITP awareness training of previously cleared personnel is May 31, 2017.

Continued Compliance

In addition to your initial implementation, make sure your organization completes its ITP awareness training by the deadline. Be mindful of upcoming end-of-school and summer vacation schedules to avoid conflicts or delays in completing the required ITP training by May 31.

Over the last year, the DSS has hosted workshops and posted guidance to their website to help with ITP implementation, including training materials. To save time and resources, consider using training materials available from the DSS.

Additional information and training materials are available on the DSS website.

Participation Results

The DSS recently published a summary on the creation and implementation of ITPs in 2016, reporting that there were 259 ITP plans certified, 3,943 ITPSO’s appointed, and 28,978 awareness training programs completed.

There is time remaining to add your training to the DSS statistics -- and more importantly to help diminish the cybersecurity risk to your systems and national security infrastructure through Insider Threat Protection awareness training.