Marines


Marine Corps Insider Threat Program
RESTORING TRUST THROUGH PREVENTION, INTERVENTION, AND MITIGATION

 

The “trust” that we’ve placed in our personnel has proven to be a significant tactical advantage for malicious insiders wishing to commit acts of espionage, sabotage, and targeted violence against the organizations to which they belong.

The Program’s mission is to prevent, detect, deter, and mitigate these threats. The scope of the Marine Corps insider threat population includes active duty Marines and Sailors, federal employees, defense contractors, and other personnel that have been issued a DoD Common Access Card (CAC).
With such a huge population to manage, the Program must employ a multi pronged approach to accomplish its mission effectively. 

The first prong is AWARENESS . We invest heavily in training and education to ensure that
personnel trending in the wrong direction are identified, reported, and provided the assistance they need to get back on the right path.

The second prong is INFORMATION COLLATION, SYNTHESIS, AND ANALYSIS . The Hub fuses disparate pieces of information into analytic products that can be shared with Marine commanders to inform their risk mitigation processes.

The third prong is STRATEGIC PARTNERSHIPS with other Marine Corps personnel and prevention programs. The human condition is complex and easily misinterpreted. Collaboration among personnel and prevention programs places the necessary subject matter expertise within reach of the problem making it more likely the person will receive the care they need.

1. If there are signs that an insider threat incident is imminent, a crime has already occurred, or if you have dire concerns for your safety or the safety of others, contact law enforcement immediately. 2. For non-imminent threats notify your Chain of Command, Command Security Manager, or designated Insider Threat Liaison. 3. Personnel working in an independent duty status can obtain assistance through the nearest available Security Manager, Contracting Officer Representative, or Facility Security Officer. 4. In situations where none of the options listed above are available or you don’t feel comfortable with utilizing them, assistance may be obtained directly from the MCCInTP by sending an email to: insiderthreat@usmc.mil

What is an insider threat? Any person who has authorized access to US government re-sources to include personnel, facilities, information, equipment, networks, or systems AND uses his/her authorized access, wittingly or un-wittingly, to do harm to the security of the United States. This threat includes potential espionage, violent acts against the Government or the Nation including terrorism, unauthorized disclosure of national security information, or the loss or degradation of depart-mental resources or capabilities. The Marine Corps Counter-Insider Threat Program (MCCINTP) is charged with preventing, detecting, deterring, and mitigating threats posed by malicious insiders to Marine Corps Personnel, Resources, and Mission Readiness.  The MCCInTP employs a robust analytic capability to identify, analyze, and act upon insider threat information in a manner that maintains continuous compliance with applicable Privacy, Civil Liberties, and Whistle Blower Protections. The cornerstone of the Program is its analytic capability which resides within the Program Hub.  The Program Hub is comprised of a team of certified Insider Threat Analysts and Subject Matter Experts representing fields such as LE, CI, Cyber, HR and behavioral health. This multi-disciplinary team works diligently to identify Marine Corps personnel that may be exhibiting Potential Risk Indicators.  Once identified, the Program works with the individual’s Chain of Command to develop a Risk Mitigation Strategy to resolve the issue(s) and optimally assist that Marine, civilian, or contractor find their way back to being a trusted member of the Marine Corps team.
The implementation of PAR capabilities applies to the DoD Enterprise and seeks to create a safer environment for all DoD personnel (military and civilians). PAR capabilities represent a network of multi‐disciplinary efforts, each led by a functional expert operating at the installation level. These experts assist commanders, and their equivalent civilian leaders define the risk to DoD personnel, organizations, installations, or separate facilities and recommend proportional responses to mitigate or eliminate this risk. Furthermore, PAR capabilities identify and provide assistance and remedies to organizational personnel at risk for potentially violent behavior. 1. Executive Order 13587- The heads of agencies that operate or access classified computer networks shall have the responsibility for appropriately sharing and safeguarding classified information on computer networks. As part of this responsibility, they shall implement an insider threat detection and prevention program consistent with guidance and standards developed by the Insider Threat Task Force.  2. National Defense Authorization Act for Fiscal year 2017- “In order to enable detection and mitigation of potential insider threats the Secretary shall ensure that insider threat programs of the Department collect, store, and retain information from the following: Personnel security, Physical security, Information security, Law Enforcement, Counterintelligence, User activity monitoring, Information assurance, Such other data sources as the Secretary considers necessary and appropriate.  3. DoDD 5205.16- The DoD Component heads shall: implement the minimum standards for Executive Branch insider threat programs in accordance with the DoD implementation plan; establish or maintain a multi-disciplinary threat management capability to conduct and integrate the monitoring, analysis, reporting, and response to insider threats.
   

 

Headquarters Marine Corps