CISA Urges Critical Infrastructure Organizations to Take Action Against Insider Threats

PRESS RELEASE CISA Urges Critical Infrastructure Organizations to Take Action Against Insider Threats New Guidance Empowers Stakeholders Build Strong, Multi-Disciplinary Threat Management Teams ReleasedJanuary 28, 2026 RELATED TOPICS: CYBERSECURITY BEST PRACTICES WASHINGTON - The Cybersecurity and Infrastructure Security Agency (CISA) is calling on critical infrastructure organizations to take decisive action against insider threats. To support this effort, CISA has released today a powerful new resource—Assembling a Multi-Disciplinary Insider Threat Management Team. Designed for critical infrastructure entities and state, local, tribal, and territorial (SLTT) governments, this comprehensive infographic provides actionable strategies guidance to proactively prevent, detect and mitigate insider threats-helping organizations stay ahead of evolving organizational vulnerabilities. Insider threats often take two forms: calculated acts of harm and unintentional mistakes. Malicious insiders may exploit access for personal gain or revenge, causing severe damage to systems and trust, At the same time, negligence or simple human errors can open the door to vulnerabilities that adversaries can exploit. Whether driven by intent or accident, insider threats pose one of the most serious risks to organizational security and resilience- demanding proactive measures to detect, prevent and respond. “Insider threats remain one of the most serious challenges to organizational security because they can erode trust and disrupt critical operations.” said Acting CISA Director Dr. Madhu Gottumukkala. “CISA is committed to helping organizations confront this risk head-on by delivering practical strategies, expert guidance, and actionable resources that empower leaders to act decisively — building resilient, multi-disciplinary teams, fostering accountability, and safeguarding the systems Americans rely on every day.” In today’s dynamic threat landscape, insider threat management teams can play a vital role in organizational resilience and should not be viewed as optional—they are essential. By following this roadmap and implementing its recommendations, organizations can reduce vulnerabilities, prevent workplace violence, and transform vulnerability into strength, ultimately reinforcing their defenses against evolving threats. “Insider threats can disrupt operations, compromise safety, and cause reputational damage without warning. Organizations with mature insider threat programs are more resilient to disruptions, should they occur. People are the first and best line of defense against malicious insider threats and organizations should act now to safeguard their people and assets,” said CISA Executive Assistant Director for Infrastructure Security Steve Casapulla. “With input from our industry and government partners, our new infographic delivers clear, actionable guidance for building insider threat management teams. We encourage leadership to draw expertise from across departments for a holistic defense, while fostering a culture of trust where employees feel empowered to report concerns and stop threats before they escalate.” For more information and to access this product, visit: Insider Threat Mitigation Resources and Tools. ### About CISA  As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day. Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram. Related Articles FEB 25, 2026 PRESS RELEASE Immediate Action Required: CISA Issues Emergency Directive to Secure Cisco SD-WAN Systems FEB 13, 2026 PRESS RELEASE CISA Announces New Town Halls to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure FEB 11, 2026 PRESS RELEASE CISA’s 2025 Year in Review: Driving Security and Resilience Across Critical Infrastructure FEB 05, 2026 PRESS RELEASE CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats