The Cybersecurity and Infrastructure Security Agency has rolled out a tool for agencies and companies to assess insider threat vulnerabilities.
CISA said Tuesday its Insider Risk Mitigation Self-Assessment Tool features a set of questions that organizations can answer to determine security risk posture in the workplace.
The questionnaire is designed to also help government and commercial entities create measures to prevent contractors, current and former employees and other insiders from conducting activities that may harm an organization’s assets or reputation.
“While security efforts often focus on external threats, often the biggest threat can be found inside the organization,” said David Mussington, CISA’s executive assistant director for infrastructure security.
“CISA urges all our partners, especially small and medium businesses who may have limited resources, to use this new tool to develop a plan to guard against insider threats.”