FEDweek

Postal IG Raises Concern about Insider Threats

The IG’s office at the Postal Service has started an examination of the potential for insider threats there and whether the agency has taken effective steps against such threats.

“Insider threat is the potential for a current or former employee, contractor, or business partner to accidentally or maliciously misuse their trusted access to harm the organization’s employees, customers, assets, reputation, or interests. An insider threat program provides an organization with a designed resource to address the problem of insider threats. It must protect the information, documents, files and material provided by USPS components in accordance with current and applicable laws, rules, regulations and policy,” the IG’s office said.

It said that organizations need to take specialized action to effectively prevent, detect and respond to such threats, “similar to a standard incident response team in some ways. Both teams handle incidents; however, the insider threat team responds to incidents that are suspected to involve insiders.”

It said it is specifically examining what elements are needed for a good insider threat program and what industry best practices the Postal Service might adopt.

Insider threats are increasingly a management concern in federal agencies. The House recently passed HR-666, ordering such a program at DHS beginning with an assessment of such threats, an examination of policies, technologies and best practices of government, industry and research institutions, a timeline for deploying workplace monitoring technologies, employee awareness campaigns, and education and training programs, and reporting on the results.