What is the primary purpose of the insider threat programs established by federal agencies as per E.O. 13587?

The primary purpose of the insider threat programs established by federal agencies according to E.O. 13587 is to deter, detect, mitigate, and report insider threats. This executive order was introduced to address the vulnerabilities inherent in personnel who have access to sensitive information and systems within federal agencies.

Insider threats can originate from employees, contractors, or business partners who misuse or exploit their access to information for malicious purposes, whether intentional or unintentional. Therefore, the focus of these programs is to create frameworks and processes that not only identify potential insider threats but also take proactive measures to mitigate risks and ensure that incidents are reported and addressed promptly.

This objective encompasses a comprehensive approach that includes situational awareness, continuous monitoring of user activity, and the establishment of a culture that promotes security awareness among employees. By encompassing all these elements, the insider threat programs aim to protect sensitive information and maintain operational integrity within federal agencies.