CISA urges critical infrastructure organizations to take action against insider threats

(Glenn Carstens Peters / Unsplash)

By CISA • Jan 29, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) is calling on critical infrastructure organizations to take decisive action against insider threats.

To support this effort, CISA has released Assembling a Multi-Disciplinary Insider Threat Management Team, designed for critical infrastructure entities and state, local, tribal, and territorial (SLTT) governments. The comprehensive infographic provides actionable strategies guidance to proactively prevent, detect and mitigate insider threats-helping organizations stay ahead of evolving organizational vulnerabilities.

Insider threats often take two forms: calculated acts of harm and unintentional mistakes. Malicious insiders may exploit access for personal gain or revenge, causing severe damage to systems and trust, At the same time, negligence or simple human errors can open the door to vulnerabilities that adversaries can exploit. Whether driven by intent or accident, insider threats pose one of the most serious risks to organizational security and resilience- demanding proactive measures to detect, prevent and respond.