As of September 2017, the Department of Homeland Security (DHS) Insider Threat and Mitigation Act of 2017 has been passed by the House of Representatives. On its journey to the president, it’s being reviewed by the Committee on Homeland Security and Governmental Affairs, and soon the Senate will decide its next steps. The bill is intended to legally support security and emergency management professionals’ efforts to protect against U.S. data leaks.
The new frontier is a digital platform, and the DHS, among other departments, has suffered virtual defense breaches costing private U.S. information. Government security experts have realized their vulnerabilities, and have called for federal amendments that bolster their security efforts. The Insider Threat and Mitigation Act of 2017 is the response to their call, and once the legislative branch passes it to the executive branch to sign, a new era of digital defense will launch.
When was the Bill Introduced and by Whom
Peter King, one of the U.S. House’s New York Representatives, introduced the bill to the House of Representatives on January 24, 2017. It passed in the House on January 31, 2017 which meant it could progress to the Senate. A day later, on February 1, it was received by the Senate where it was perused and subsequently referred to the Committee on Homeland Security and Governmental Affairs.
It is common for a bill to be sent to a committee for review to ensure it accomplishes the intended goals to everyone’s satisfaction and approval. The Insider Threat and Mitigation Act of 2017 is an amendment to the Homeland Security Act of 2002, which garners prominent attention from legislators. If the amendment is signed, it will add a new program to the DHS – including new responsibilities and training.
What is the Purpose?
According to the bill itself, the goal is “to amend the Homeland Security Act of 2002 to establish the Insider Threat Program”. The Homeland Security Act of 2002 created the DHS after the 9/11 terrorist attacks. While the DHS is responsible for keeping America protected on a comprehensive level, the Insider Threat and Mitigation Act focuses specifically on data breaches. American lives are the priority, but breached data can be a severe threat to American lives. Therefore, progressive measures must be taken to safeguard American information.
Established by the act, the Insider Threat Program would accomplish its mission with a three-pronged strategy. The program, staffed by experienced security and emergency management employees, would:
- Offer training for DHS officials to manage and quell risk of insider threats.
- Support investigative efforts against insider threats.
- Conduct mitigative actions against insider threats.
According to the bill, the DHS will establish a steering committee to accomplish the aforementioned strategy. They will oversee the following provisions and more, in alignment with the program’s protective purposes:
- Document insider threats, policies, and controls
- Conduct a baseline assessment of risks and threats
- Examine current practices
- Initiate a training and implementation timeline
- Collect, analyze, and organize current data and information on threats, DHS effectiveness, and available technology
The bill’s final action calls for the DHS to report every two years on the following queries for six years:
- How, overall, has the strategy been implemented throughout the DHS?
- What’s the risk assessment status?
- What insider threat training has been conducted?
- How many employees have been trained to manage insider threats?
- What is the Insider Threat Program effectiveness thus far?
The Insider Threat and Mitigation Act of 2017 relies heavily on security and safety experts. They will be pioneering a new area of defense and protection in a digital world. The Insider Threat Program is tasked with engaging DHS staff in new security training to be immediately implemented. The amendment, if passed, would move rapidly to stem additional data leaks and build appropriate threat defenses.
The federal government is being urged by professionals in multiple security and technology fields to take action against the growing data threat. The defense and mitigation systems must adapt to risks on the virtual level as do security professionals. While some work in the progressive cyber-security field, others haven’t been fully introduced yet. Further education and training can qualify them for federal government positions – possibly within the Insider Threat Program.
Earning a master’s in emergency management from Eastern Kentucky University can help you increase your knowledge of the safety industry and demonstrate a continued commitment to learning and leadership. Whether you aspire to work at the governmental level or move into the private sector, our distinguished faculty of safety professionals delivers a comprehensive curriculum that can translate wherever safety matters most.
image source: https://www.house.gov/