Industrial Security

The U.S. Government defines an “Insider Threat” as the threat that an insider will use their authorized access, wittingly or unwittingly, to do harm to the security of the United States. This threat can include damage to the U.S. through espionage, terrorism, unauthorized disclosure of National Security Information (NSI) or through the loss or degradation of government, company, contract or program information, resources, or capabilities.

On February 24, 2021, 32 CFR Part 117, “National Industrial Security Program Operating Manual (NISPOM)” became effective as a federal rule.  Referred to as the “NISPOM rule,” it provides the contractor no more than six months from this effective date to comply with the requirements stipulated therein.  Per 117.7(d), these requirements are consistent with the aforementioned E.O. 13587 and National Insider Threat Minimum Standards.

32 CFR Part 117 has identified the following requirements to establish an Insider Threat Program:

• Designate an Insider Threat Program Senior Official (ITPSO) who is cleared in connection with the facility clearance.
• The ITPSO will establish and execute an insider threat program and self-certify the Implementation Plan in writing to DSCA.
• Establish an Insider Threat Program Group (program personnel) from offices across the contractor’s facility, based on the organization’s size and operations.
• Provide Insider Threat training for Insider Threat Program personnel and awareness for cleared employees.
• Gather, integrate, and report relevant and available information indicative of a potential or actual insider threat to deter employees from becoming insider threats; detecting insiders who pose a risk to protected information; and mitigating the risk of an insider threat.
• Conduct self-inspections of Insider Threat Programs.

Boston College’s Insider Threat Group (ITG) includes representatives from the Office of Research Security, Integrity, and Compliance; the Office of General Counsel; Human Resources; Information Technology Services; and the Boston College Police Department.