An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

News | Sept. 11, 2019

Know the insider threat potential risk indicators

By Hugh Wiley DCMA Security

September is Insider Threat Awareness Month. The Defense Contract Management Agency is embracing this opportunity to raise insider threat program awareness across the workforce.

As a reminder, an insider threat is anyone with authorized access who uses that access to wittingly or unwittingly harm the organization and its resources and may include employees, vendors, or partners. Most insider threats exhibit risky or anomalous behaviors before committing negative events in the workplace. If such behaviors are identified early, many risks can be mitigated before harm occurs.

The questions most often asked are, “What should an employee be looking for? How does an employee report concerning behaviors?” To assist employees in identifying such indicators, the Center for Development of Security Excellence has developed a job aid that list potential threat indicators. The aid can be accessed at

Once indicators are identified, they must be reported and evaluated in a timely manner. Personnel can report identified indicators or concerning behaviors through a number of channels, including their chain of command, security, the agency’s inspector general or general counsel, DCMA hotline, or contact insider threat program personnel. All reports received are reviewed and evaluated using a multi-functional team referred to as the insider threat hub.

The insider threat hub provides recommendations to the chain of command to address potential threats. If an additional investigation is necessary, the action is referred to the agency's inspector general, but it will be tracked through completion by the insider threat program manager.

Safeguarding employees, information, systems, facilities and other assets against the full range of threats, to include insider threat, is one of DCMA’s highest priorities. Significant resources and efforts are expended annually to ensure a safe and secure work environment, however insider threats, using his or her authorized access, can undermine even the best security programs. While unwarranted suspicion should be avoided, employees must remain vigilant to potential risks to the agency and promptly report such concerns to the appropriate authorities. Remember, if you see something, say something.

Editor’s Note: Hugh Wiley is the director of DCMA Security. For more information about the initiative, contact Brian J. Sullivan, insider threat program manager, at 804-734-0805 or Additional information can be found at  or (login required).