Defense

H.R.666 – Department of Homeland Security Insider Threat and Mitigation Act of 2017

Short Titles as Introduced:

Department of Homeland Security Insider Threat and Mitigation Act of 2017

Official Title as Introduced:

To amend the Homeland Security Act of 2002 to establish the Insider Threat Program, and for other purposes.

Summary:

Passed House without amendment (01/31/2017)

(This measure has not been amended since it was introduced. The summary has been expanded because action occurred on the measure.)

Department of Homeland Security Insider Threat and Mitigation Act of 2017

(Sec. 2) This bill amends the Homeland Security Act of 2002 to direct the Department of Homeland Security (DHS) to establish an Insider Threat Program, which shall: (1) provide training and education for DHS personnel to identify, prevent, mitigate, and respond to insider threat risks to DHS’s critical assets; (2) provide investigative support regarding such threats; and (3) conduct risk mitigation activities for such threats.

DHS shall establish a Steering Committee. The Under Secretary for Intelligence and Analysis shall serve as the Chair and the Chief Security Officer as the Vice Chair of the Committee.

The Under Secretary and the Chief Security Officer, in coordination with the Steering Committee, shall:

  • develop a holistic strategy for DHS-wide efforts to identify, prevent, mitigate, and respond to insider threats to DHS’s critical assets;
  • develop a plan to implement the strategy across DHS components and offices;
  • document insider threat policies and controls;
  • conduct a baseline risk assessment of such threats;
  • examine existing programmatic and technology best practices adopted by the federal government, industry, and research institutions;
  • develop a timeline for deploying workplace monitoring technologies, employee awareness campaigns, and education and training programs related to potential insider threats;
  • consult with the the Under Secretary for Science and Technology and other stakeholders to ensure that the Insider Threat Program is informed by current information regarding threats, best practices, and available technology; and
  • develop, collect, and report metrics on the effectiveness of DHS’s insider threat mitigation efforts.

DHS must submit to specified congressional committees biennial reports over the next six years on:

  • how DHS and its components and offices have implemented such strategy;
  • the status of DHS’s risk assessment of critical assets;
  • the types of insider threat training conducted;
  • the number of DHS employees who have received such training; and
  • information on the effectiveness of the Insider Threat Program, based on such metrics.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s