Former OMB cyber officials outline user-focused approach to implementing insider threat programs

A new report by two former senior OMB cyber officials says developing a comprehensive insider threat program should include “User Activity Monitoring,” while clearing up “misconceptions” about a technology that some see as controversial.

The report defines UAM as a “capability that allows organizations to track user action on devices that belong to the employer” where “[o]rganizations use these tools to detect, stop, and intervene when an insider threat arises.”

Former Federal CISO Grant Schneider and Ross Nodurft, ex-chief...