U.S. Insider Threat Policy Could Touch Channel

With the fiscal cliff looming and Middle Eastern tensions rising, national cybersecurity policy has taken a bit of a backseat for public debate. But President Barack Obama clearly isn’t letting it go either.

Unbeknownst to many, President Obama quietly issued a memo to the heads of federal agencies over the long Thanksgiving weekend regarding an impending national insider threat policy and standards guide addressing the prevalence of accidental or intentional disclosure of unauthorized information. And solution providers with federal and public sector ties might want to be looking ahead while dusting off data protection solutions and services.

The guide itself isn’t yet publicly released – in recent months, President Obama likely had more pressing issues on his plate. But once publicly available, it will delineate minimum standards that stipulate direction for federal programs aimed at deterring, detecting and responding to individuals who may pose a potential insider threat.

Specifically, the guide sets the baseline requirements standards for government departments and agencies to establish effective insider threat programs. Among other things, that entails the ability to adequately analyze and appropriately respond to threat-related information, as well as the abiltiy to monitor employee use of classified networks. The new policy also issues a directive for federal agencies to implement awareness training that outlines individual privacy rights for government personnel.

While the impending policy guide appeared to be kept on the down low, the issue of data protection is clearly is an issue that has remained salient to the Obama administration. Over the last four years, and especially over the last 12 months, the Obama administration has placed particular emphasis on the issue of national cybersecurity.

During the summer, the Obama administration strongly endorsed the proposed Cybersecurity Act of 2012, which, had it passed, would have bolsterered U.S. defenses, quickened response time and hardened infrastructure by establishing cybersecurity standards for  electrical power grids, water treatment facilities, nuclear plants and other critical infrastructure.

The proposed CSA 2012 died in the Senate, failing to receive the necessary 60 votes to ensure its passage. However, rumors persisted that the Obama administration might issue an executive order mandating security improvements for critical infrastructure, and the issue could feasibly re-emerge next year after the dust settles on the election-time drama.

The latest policy however refocuses the issue of cybersecurity to internal – as opposed to external – threats. But while not as demonstrably public, the insider threat has remained on the Obama administration’s radar. In October of 2011, President Obama signed an executive order detailing structural reforms that aimed to bolster network defenses and protect classified data. The order paved the way for the formation of an insider threat task force directed to draft national policy. As part of the effort, federal agencies were directed to implement insider threat detection programs. The State Department has also deployed new auditing and monitoring tools to protect information stored on classified networks, while the Department of Defense recently awarded Xerox’s PARC a contract to develop technology that can automatically detect insider threats.

While the insider threat issue has, and might again, be put on the back burner, it seems unlikely that it will die altogether. For the channel, particularly government and public sector solution providers, that will likely mean new opportunities to ramp up encryption, DLP and other data protection technologies, along with a wide array of authentication and identity and access management tools. It will also give partners the ability to flesh out their own related services, cultivate insider threat consulting and practices, and invest deeper in new and emerging threat detection technologies that employ business intelligence and threat analytics among their list of capabilities.

Going forward, it’s likely that the government will likely first call on security firms with long-standing federal ties. That bodes well for channel partners, who might want to start pulling their government Rolodexes of the shelf, dusting them off, and re-establish ties with public sector customers.