DOD Insider Threat Management and Analysis Center (DITMAC)

Our Mission   

Provide the DOD enterprise a capability to identify, assess, and mitigate risk from insiders, to oversee and manage unauthorized disclosures, and to integrate, manage, mature, and professionalize insider threat (InT) capabilities. 

Role 

DOD Insider Threat (InT) Components report cases to the DITMAC if an individual's behavior meets the criteria under one or more of DITMAC's reporting thresholds. DITMAC's case management system enables information sharing across the InT enterprise. DITMAC analyzes the reported incident and provides recommendations for mitigation. Then, InT Component hubs implement mitigation recommendations and DITMAC oversees to resolution. 

Key Programs 

Analysis and Mitigation (A&M) - Provides the capability to consolidate and share information necessary to identify potential insider threats, develop a holistic picture of risk posed by insiders, and coordinate actions to mitigate risk across the Department.  

Behavioral Threat Analysis Center (BTAC) - Provides tailored insider threat (InT) case-specific recommendations in behavioral science, threat management, cyber, counterintelligence, law enforcement, and human resources.  

Prevention, Assistance, Response (PAR) - Insider threat (InT) support and coordination at the installation level primarily focused on preventing acts of workplace violence.  

What is an Insider Threat? 

According to the 2017 National Defense Authorization Act, an insider threat is “a threat presented by a person who has, or once had, authorized access to information, a facility, a network, a person, or a resource of the Department and wittingly, or unwittingly, commits an act in contravention of law or policy that resulted in, or might result in, harm through the loss or degradation of government or company information, resources, or capabilities; or a destructive act, which may include physical harm to another in the workplace."

Insider Threat Training and Tools