{"id":13323,"date":"2023-04-18T06:18:00","date_gmt":"2023-04-18T13:18:00","guid":{"rendered":"https:\/\/www.syteca.com\/?page_id=13323"},"modified":"2025-06-18T06:18:48","modified_gmt":"2025-06-18T13:18:48","slug":"nispom-change-2-and-h-r-act-666","status":"publish","type":"page","link":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666","title":{"rendered":"NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program"},"content":{"rendered":"\n\t\t<div  class=\"block-67e2b287-0795-41cc-a2cc-9a46d5d39db8 areoi-element\">\n\t\t\t\n\t\t<div class=\"areoi-background  \">\n\t\t\t<div class=\"container-fluid\" style=\"padding: 0;\">\n\t\t\t\t<div class=\"row justify-content-start\">\n\t\t\t\t\t<div class=\"col \">\n\t\t\t            <div class=\"areoi-background__color\" \n\t                        \tstyle=\"background: rgba(16, 206, 158,0.1)\">\n\t                        <\/div>\n\n\t                    \n\n\t                    \n\n\t                    \n\t    \t\t\t<\/div>\n\t    \t\t<\/div>\n\t    \t<\/div>\n\t    <\/div>\n\t\n\t\t\t\n\n\t\t<div  class=\"block-b2f2178d-5314-4b4c-ab42-70360a8c05d7 areoi-element container\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-09bb0a99-d491-4b93-9278-1fadc90f6773 row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-1543887d-3c55-4997-8d14-d23a8963eb3e col areoi-element d-flex flex-column align-items-center d-md-block align-self-center\">\n\t\t\t\n\t\t\t\n\n<h1 class=\"wp-block-heading has-text-align-center mb-4\">NISPOM Change 2 and H.R.666<\/h1>\n\n\n\n<p class=\"has-text-align-center p-poppins mb-4 main-screen-description\">Monitor insider activity. Detect anomalies. Respond to incidents. <strong>ALL-IN-ONE<\/strong><\/p>\n\n\n\n\t\t<div  class=\"block-de7e8613-e6ca-4b06-bc52-5028401b0236 areoi-element  d-flex flex-column flex-md-row align-items-center justify-content-center mt-lg-4\">\n\t\t\t\n\t\t\t\n\n\t\t\t\t\n\t\t<a data-bs-target=\"#hsModal-demo\" data-bs-toggle=\"modal\" \n\t\t\t\n\t\t\tclass=\"block-2bb80e38-c51c-4f1b-9520-f531d1fbd2e9 btn areoi-has-url position-relative me-md-4 mb-3 hsBtn-demo btn-secondary\"\n\t >\n\t\t\t\t\t\n\t\t\t\t\tAccess the Demo Portal \n\t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t<\/a>\n\t\t\t\n\n\n\t\t\t\t\n\t\t<a \n\t\t\t\n\t\t\tclass=\"block-38e8b4fe-2f41-4713-8dc5-58a2061ee407 btn areoi-has-url position-relative  mb-3 btn-outline-secondary\"\n\t href=\"\/en\/get-in-touch\" rel=\"noreferrer noopener\" target=\"_blank\" >\n\t\t\t\t\t\n\t\t\t\t\tGet in Touch \n\t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t<\/a>\n\t\t\t\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\t\t\t \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-129c579c-c60b-458f-b2df-c28be797de32 areoi-element lets-talk\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-c61b635a-ad5d-4bc5-b3d1-42f6b590bd59 areoi-element container\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-d642f202-5c1e-4dda-be13-de28a0892008 row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-071b8efc-96ca-453e-a359-a01eca4dd5ce col areoi-element with-link align-self-center align-self-md-center\">\n\t\t\t\n\t\t\t\n\n<p class=\"pe-xxl-5\">NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 specified a new set of requirements for your insider threat program. Learn more about these regulations, the importance of the introduced changes, and tools to help you empower insider threat protection within your company.<\/p>\n\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-12b60851-3453-42cf-a871-c7eed6e07b35 col areoi-element align-self-lg-center d-none d-sm-none d-md-none d-lg-block\">\n\t\t\t\n\t\t\t\n\n<figure class=\"wp-block-image size-full text-xxl-end\"><img decoding=\"async\" width=\"571\" height=\"334\" src=\"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png\" alt=\"\" class=\"wp-image-13325\" srcset=\"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png 571w, https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM-300x175.png 300w\" sizes=\"(max-width: 571px) 100vw, 571px\" \/><\/figure>\n\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\t\t\t \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-6c258763-e0ff-4e97-a925-02b8f2bbdf1c areoi-element container marked-container marked-container-green\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-6c9e68f8-bcc5-44df-9179-1ea7e2fd0886 row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-4b4d2d76-0246-47fc-91d2-21d76495f16a col areoi-element\">\n\t\t\t\n\t\t\t\n\n<h2  class=\"wp-block-heading mb-3 mb-md-4\">What is NISPOM?<\/h2>\n\n\n\n<p class=\"with-link\">DoD 5220.22-M National Industrial Security Policy Operating Manual (NISPOM) is a set of requirements and guidelines for implementation, published by the US Department of Defense and applicable to all third party providers and subcontractors working with US government on any projects that may involve classified information.<\/p>\n\n\n\n<p>NISPOM was created with the purpose of protecting all sensitive information regarding national security, and as a result, any company that has contracts with the Department of Defense or the Defense Security Service (DSS) can be a subject to NISPOM regulations.<\/p>\n\n\n\n<p>An additional NISPOM requirement related to insider threats took effect on 18 May. Called Change 2, it requires companies to establish a fully-fledged insider threat program in order to deter, detect and respond to potential incidents.<\/p>\n\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-e99c4470-6d77-405c-938b-e08a866853bb areoi-element container marked-container marked-container-green\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-1cf85f59-068c-4818-8ad1-e5ab1dc13253 row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-7dd8b455-8bfe-4ec2-a870-173d84a47471 col areoi-element\">\n\t\t\t\n\t\t\t\n\n<h2  class=\"wp-block-heading mb-3 mb-md-4\">NISPOM Change 2 requirements<\/h2>\n\n\n\n<p class=\"with-link\">The insider threat program requirement states that any data related to insider threats needs to be collected and stored in a single centralized location for analysis and reporting. The form of this central hub and the methods of collecting and centralizing all the necessary data can depend on the specifics of your organization.<\/p>\n\n\n\n<p class=\"with-link\">The main set of requirements for compliance with Conforming Change 2 include:<\/p>\n\n\n\n<p class=\"p-poppins\" style=\"font-size:1.25rem;font-style:normal;font-weight:600\">Establish and maintain an insider threat program<\/p>\n\n\n\n<p>NISPOM requires that companies maintain an insider threat program, including <strong>gathering<\/strong>, <strong>integrating <\/strong>and <strong>reporting <\/strong>any information potentially relevant to insider threats. This program should be consistent with other legislation in this area, including the National Insider Threat Policy, Minimum Standards for Executive Branch Insider Threat Programs, and E.O. 13587.<\/p>\n\n\n\n<p class=\"p-poppins\" style=\"font-size:1.25rem;font-style:normal;font-weight:600\">Designate a senior employee as the chief manager of an insider threat program<\/p>\n\n\n\n<p>Companies need to designate an employee to establish and manage their insider threat program as a senior official. Such an employee needs to have US citizenship, and be cleared in connection with the FCL.<\/p>\n\n\n\n<p class=\"p-poppins\" style=\"font-size:1.25rem;font-style:normal;font-weight:600\">Conduct insider threat training<\/p>\n\n\n\n<p>The insider threat program senior official needs to ensure that all employees involved with the program, as well as any employees with a sufficient level of clearance complete insider threat training that CSA considers appropriate.<\/p>\n\n\n\n<p>Such training should generally include counterintelligence and security fundamentals, laws and regulations regarding gathering and handling of data, as well as general indicators of insider threats and methods used by adversaries to recruit personnel, among other things.<\/p>\n\n\n\n<p class=\"p-poppins\" style=\"font-size:1.25rem;font-style:normal;font-weight:600\">Monitor user activity on classified networks<\/p>\n\n\n\n<p class=\"with-link\">Companies need to implement measures that allow detection activity indicative of insider threats on classified networks. Such measures need to correspond to the guidance issued by the CSA (Cognizant Security Agency), as well as other federal regulations with regard to tools that can be used in federal agencies.<\/p>\n\n\n\n<p class=\"with-link\">The capability to collect <strong>screen captures<\/strong>, <strong>full application content<\/strong>, and <strong>keystrokes <\/strong>are only some of the requirements that federal laws (in this case, CNSS Directive No. 504) pose for monitoring tools used for insider threat detection.<\/p>\n\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-cd819d5e-cba8-4104-b7d9-7d81d916fab6 areoi-element container marked-container marked-container-green\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-b0181a59-2417-42bf-b94c-a3081329639c row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-e6c13270-7eb9-485d-91b0-2b289a39ac1b col areoi-element\">\n\t\t\t\n\t\t\t\n\n<h2  class=\"wp-block-heading mb-3 mb-md-4\">Department of Homeland Security Insider Threat and Mitigation Act of 2017<\/h2>\n\n\n\n<p class=\"with-link\"><a href=\"https:\/\/www.congress.gov\/bill\/115th-congress\/house-bill\/666\/text\" target=\"_blank\" rel=\"noreferrer noopener\">The Department of Homeland Security Insider Threat and Mitigation Act of 2017<\/a> was approved by the House of Representatives on 31 January. This legislation is similar to NISPOM Change 2 in that it requires the establishment of an insider threat program, but this time the subject is the Department of Homeland Security itself.<\/p>\n\n\n\n<p class=\"with-link\">The main requirements of the Department of Homeland Security Insider Threat and Mitigation Act of 2017 include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Development of a holistic strategy for a department-wide detection, prevention, and mitigation of insider threats<\/li>\n\n\n\n<li>Implementation of the said strategy across all DHS branches and offices<\/li>\n\n\n\n<li>Creation of formal insider threat policies and controls<\/li>\n\n\n\n<li>A basic risks assessment with regard to insider threats<\/li>\n\n\n\n<li>Examination of existing technologies and best practices for insider threat protection, as well as deployment of new tools and implementation of new procedures<\/li>\n\n\n\n<li>Assessment of the effectiveness of the insider threat program<\/li>\n<\/ul>\n\n\n\n<p>Training and education that allows for the detection of, and responding to, insider threats, should be provided to personnel as part of the insider threat program. The program should also be used to support investigations into various incidents involving insider threats.<\/p>\n\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-4b6c92ef-d75d-4889-9406-ad7a01b554ff areoi-element container marked-container marked-container-green\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-1f1bf2aa-5086-460d-9037-612c34d03d01 row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-4d377787-d573-4e9f-9f5d-e71977318922 col areoi-element\">\n\t\t\t\n\t\t\t\n\n<h2  class=\"wp-block-heading mb-3 mb-md-4\">Why insider threat programs are important<\/h2>\n\n\n\n<p>NISPOM Change 2 and the Department of Homeland Security Insider Threat and Mitigation Act of 2017 introduced much tighter insider threat controls both for the DoD and for private subcontractors working with it. This wave of legislation represents a paradigm shift that has occurred lately regarding insider threats, both from the government and from private business standpoints.<\/p>\n\n\n\n<p>Many more organizations have come to realize the importance of an effective insider threat program. The main <strong>benefits <\/strong>of an <strong>insider threat program<\/strong> include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Protection from leaks, data theft, and misuse by trusted employees<\/li>\n\n\n\n<li>Timely insider attack detection<\/li>\n\n\n\n<li>The ability to issue a quick targeted response and mitigate damage<\/li>\n\n\n\n<li>Compliance with numerous regulations<\/li>\n<\/ul>\n\n\n\n<p>Training and education that allows for the detection of, and responding to, insider threats, should be provided to personnel as part of the insider threat program. The program should also be used to support investigations into various incidents involving insider threats.<\/p>\n\n\n\n\t\t<div  class=\"block-e3354934-635f-4055-b403-0d3c6023922b areoi-element rounded-bg-13px lh-sm\">\n\t\t\t\n\t\t<div class=\"areoi-background  \">\n\t\t\t<div class=\"container-fluid\" style=\"padding: 0;\">\n\t\t\t\t<div class=\"row justify-content-start\">\n\t\t\t\t\t<div class=\"col \">\n\t\t\t            <div class=\"areoi-background__color\" \n\t                        \tstyle=\"background: rgba(26, 59, 78,1)\">\n\t                        <\/div>\n\n\t                    \n\n\t                    \n\n\t                    \n\t    \t\t\t<\/div>\n\t    \t\t<\/div>\n\t    \t<\/div>\n\t    <\/div>\n\t\n\t\t\t\n\n<p class=\"has-text-align-left p-poppins with-link has-white-color has-text-color\" style=\"font-size:1.63rem;font-style:normal;font-weight:600\">Syteca is a <a href=\"https:\/\/www.syteca.com\/en\/solutions\/preventing-insider-threat\" target=\"_blank\" rel=\"noreferrer noopener\">insider threat management software<\/a> that can help you reap all of these benefits and establish an <a href=\"https:\/\/www.syteca.com\/en\/blog\/insider-threat-program\" target=\"_blank\" rel=\"noreferrer noopener\">insider threat program<\/a> that is actually effective. Whether you want to improve your cyber security by introducing insider threat detection tools, or are simply looking for more effective and affordable tools, Syteca will be able to help you.<\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-e72f3313-c1e0-4352-9da4-d286c9933ed3 areoi-element container marked-container marked-container-green\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-2edbbfd7-14a3-44af-b237-ab6b47baab56 row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-89d740ee-ed62-4886-bcae-3fd5d71624ee col areoi-element\">\n\t\t\t\n\t\t\t\n\n<h2  class=\"wp-block-heading mb-3 mb-md-4\">How Syteca can help you fight insider threats<\/h2>\n\n\n\n<p class=\"with-link\">With a great feature set that includes robust monitoring and incident response capabilities, Syteca can serve as a solid foundation for any insider threat program. The main features it offers include:<\/p>\n\n\n\n<p class=\"p-poppins\" style=\"font-size:1.25rem;font-style:normal;font-weight:600\">Monitoring<\/p>\n\n\n\n<p>Syteca provides <strong>full video recording<\/strong> of the user screen, including mouse movement. All recordings are stored in a centralized database in an indexed format, specifically optimized for low storage and bandwidth requirements.<\/p>\n\n\n\n<p>Along with video recording, Syteca also records numerous additional <strong>metadata<\/strong>, such as keystrokes, names of <em>windows opened<\/em> and <em>applications launched<\/em>, <em>websites visited<\/em>, <em>commands executed in Linux<\/em>, connected devices, etc. There are extensive options for <strong>filtering recording<\/strong>, allowing recording to start automatically, recording only at specific times, or even recording only certain applications.<\/p>\n\n\n\n<p>Any recording can be reviewed at any time along with the corresponding metadata via a convenient <strong>web-based management tool<\/strong>. Recordings are easily searchable, allowing for easy investigation and analysis.<\/p>\n\n\n\n<p class=\"p-poppins\" style=\"font-size:1.25rem;font-style:normal;font-weight:600\">Detection<\/p>\n\n\n\n<p>Syteca monitors all Windows server and <strong>desktop<\/strong>, macOS desktop, Linux SSH\/Telnet, and various Unix sessions regardless of the level of privilege a user has, or the applications or network protocols used. Automatic license provisioning makes Syteca ideal for <strong>virtual environments<\/strong>, as it allows the redistribution of licenses automatically as you shut down and create new virtual machines.<\/p>\n\n\n\n<p class=\"with-link\">Apart from multi-factor authentication, privileged account and session management (PASM), one-time passwords and other <a href=\"\/en\/product\/privileged-access-management\" target=\"_blank\" rel=\"noreferrer noopener\">access management<\/a> features, the platform includes a secondary authentication tool. <strong>Secondary authentication<\/strong> is used to distinguish between users of shared accounts, allowing Syteca to clearly attribute each recording to a specific user.<\/p>\n\n\n\n<p>Syteca also features robust <strong>alerting <\/strong>capabilities to facilitate incident detection. It has a set of built-in predefined alerts, specifically designed to cover most common incidents linked to insider threats. Users can also create custom alerts based on their specific needs and situation.<\/p>\n\n\n\n<p>When an alert is triggered, a <strong>notification <\/strong>will be sent to your security personnel, allowing them to quickly review the incident and issue an appropriate response.<\/p>\n\n\n\n<p class=\"p-poppins\" style=\"font-size:1.25rem;font-style:normal;font-weight:600\">Response<\/p>\n\n\n\n<p>When an alert is triggered, security personnel will receive a notification with a link to the corresponding session recording. If the session is still ongoing, then it can be <strong>viewed live<\/strong>, and if malicious activity is detected, the user can be <strong>blocked <\/strong>immediately. For high-risk actions, you can configure automatic user and\/or process blocking when the corresponding alert is triggered.<\/p>\n\n\n\n<p>Apart from allowing users to be blocked manually, Syteca can also monitor and optionally block any USB devices connected automatically. This allows you to protect your infrastructure from <strong>mass storage devices<\/strong> and infected USB drives.<\/p>\n\n\n\n<p class=\"p-poppins\" style=\"font-size:1.25rem;font-style:normal;font-weight:600\">Reporting and analysis<\/p>\n\n\n\n<p class=\"with-link\">Syteca has a number of built-in <strong>reports <\/strong>that can be both scheduled and generated manually, allowing you to prove <a href=\"\/en\/solutions\/meeting-compliance-requirements\" target=\"_blank\" rel=\"noreferrer noopener\">compliance<\/a> and quickly assess the effectiveness of your insider threat program.<\/p>\n\n\n\n<p class=\"with-link\">The data collected is also a great asset for investigation and analysis. Syteca allows you to <strong>export <\/strong>any part of a recording in a fully <strong>protected and encrypted format<\/strong> that guarantees that the said data has not been tampered with. This data can be used as evidence in an official investigation. The internal Management Tool Log also guarantees that system administrators have not tampered with the data<\/p>\n\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-6f20fe7e-f567-48d7-bd1a-8a86f261b005 areoi-element container marked-container marked-container-green\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-55d81222-cede-4596-ae68-887be9fb2a1d row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-38b6b251-990e-4117-ad70-7c3f397d7cd1 col areoi-element\">\n\t\t\t\n\t\t\t\n\n<h2  class=\"wp-block-heading mb-3 mb-md-4\">Syteca \u2013 a powerful tool for fighting insider threats<\/h2>\n\n\n\n<p class=\"with-link\">Syteca is aimed at helping organizations with insider threat detection, as well as employee and subcontractor monitoring. Large organizations will undoubtedly find the robust set of features, including <strong>high availability<\/strong>, <strong>database archiving<\/strong>, and <strong>automatic agent updates<\/strong> to be more than enough to cover their needs.<\/p>\n\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-414d3b4f-bf1a-4b73-9e06-c6cf59691a47 areoi-element container\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-11b6e401-6951-4d0e-b884-830193dcc8b7 row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-9f6c2f8a-0f3b-4f68-b76a-c8230e238439 col areoi-element\">\n\t\t\t\n\t\t\t\n\n<h2  class=\"wp-block-heading has-text-align-center\">Meet other IT security requirements with Syteca<\/h2>\n\n\n\n\t\t<div  class=\"block-ce59ecde-e09c-4dc0-8772-a2845b211ce1 row areoi-element standard-set\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-b5b19f3a-8089-430d-b8df-57779e2561cb col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-b76cc725-7c87-49f5-8142-351b878979d7 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100 \"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/iso-compliance-solution\" target=\"_blank\" rel=\"noreferrer noopener\">ISO 27001<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-a6bed40c-b544-464a-a83b-b3204282f7cf col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-a124878b-4ffa-4003-b4cc-a0b614be59c9 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/pci-dss-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">PCI DSS<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-33613801-d2d1-48a5-a170-d3cd136178ca col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-8add58f2-3e03-40bd-825b-92e94567f5f8 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/swift-customer-security-program-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">SWIFT CSP<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-e43326f9-047f-494e-af2d-695055055472 col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-e7b7441d-517e-4d22-8c31-5939b6b7cf14 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/sox-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">SOX<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-9ed3edea-864d-4cd9-8204-0f39f65ea416 col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-2c0dd273-60c2-48b0-a1d1-0d5bf595e4f0 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/fisma-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">FISMA<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-f5c71927-e795-4fc7-b5d8-1336d19fefb0 col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-71978f43-04dc-4ab3-83ed-a8c22cca778e areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/gdpr-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">GDPR<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-f3b08ab4-5a59-4633-af80-1f6ede1c1bf6 col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-c6aee13f-6acd-496a-b450-3c7793846e59 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/nist-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">NIST 800-53<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-af56e4f7-5aa8-4e97-9e7f-1110ff8c81d6 col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-d277acf6-c0e8-4906-b4b8-9eeb22640812 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/nist-800-171-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">NIST 800-171<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-6c49f66f-789d-4a8e-a47d-f2eef32621f7 col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-988ff469-99a6-48bb-a06c-749de2e59159 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/nerc-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">NERC<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-9977c2a2-163d-48ca-ba4f-9b6132704998 col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-e40e22a8-388b-4aa8-bd14-36c9f33c479b areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/glba-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">GLBA<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-38bc542e-0b69-47f3-89c2-01acc885743b col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-7da2f8b4-83f4-4b04-94ca-8093fb5d0020 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666\" target=\"_blank\" rel=\"noreferrer noopener\">NISPOM Change 2 and H.R. 666<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-954a3a8e-95fa-406a-a329-4ce26852cb6a col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-0820a35f-52fd-4605-bd29-8f6f7d0e2431 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/soc-2-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">SOC 2<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-9977c2a2-163d-48ca-ba4f-9b6132704998 col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-e40e22a8-388b-4aa8-bd14-36c9f33c479b areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/hipaa-compliance-solutions\" target=\"_blank\" rel=\"noreferrer noopener\">HIPAA<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-38bc542e-0b69-47f3-89c2-01acc885743b col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-7da2f8b4-83f4-4b04-94ca-8093fb5d0020 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/dora-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">DORA<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-954a3a8e-95fa-406a-a329-4ce26852cb6a col areoi-element col-12 col-md-6 col-lg-3 col-xl-3 col-xxl-2\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-0820a35f-52fd-4605-bd29-8f6f7d0e2431 areoi-element card-b-rounded h-100\">\n\t\t\t\n\t\t\t\n\n<p class=\"has-text-align-center mb-0 h-100\"><a href=\"\/en\/solutions\/meeting-compliance-requirements\/nis2-compliance\" target=\"_blank\" rel=\"noreferrer noopener\">NIS2<\/a><\/p>\n\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-8c89124e-253f-4805-9f93-347c86377a5b areoi-element lets-talk overflow-hidden\">\n\t\t\t\n\t\t<div class=\"areoi-background  \">\n\t\t\t<div class=\"container-fluid\" style=\"padding: 0;\">\n\t\t\t\t<div class=\"row justify-content-start\">\n\t\t\t\t\t<div class=\"col \">\n\t\t\t            <div class=\"areoi-background__color\" \n\t                        \tstyle=\"background: rgba(71, 144, 234,0.2)\">\n\t                        <\/div>\n\n\t                    \n\n\t                    \n\n\t                    \n\t    \t\t\t<\/div>\n\t    \t\t<\/div>\n\t    \t<\/div>\n\t    <\/div>\n\t\n\t\t\t\n\n\t\t<div  class=\"block-72b6197e-3dfe-4ec1-89f6-e5d6a1394c3a areoi-element container\">\n\t\t\t\n\t\t\t\n\n\t\t<div  class=\"block-03ae15ca-7610-4452-ac69-d7f00edd880d row areoi-element\">\n\t\t\t\n\n\t\t\t\n\n\t\t<div  class=\"block-0e8081c0-dbaf-469c-bf7f-523ca6f7694a col areoi-element align-self-md-center col-xxl-5\">\n\t\t\t\n\t\t\t\n\n<h2  class=\"wp-block-heading text-center text-md-start\"><mark style=\"background-color:rgba(0, 0, 0, 0);color:#4790ea\" class=\"has-inline-color\">Let\u2019s <\/mark>get the conversation started<\/h2>\n\n\n\n<div style=\"height:16px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"text-center text-md-start opacity-75 pe-xxl-5\">Contact our team to learn how our insider risk management software can safeguard your organization&#8217;s data from any risks caused by human factors. Book a call with us at a time that suits you best, and let&#8217;s explore how we can help you achieve your security goals.<\/p>\n\n\n\n<div style=\"height:24px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n\t\t<div  class=\"block-cf14a16c-6c30-4ce2-96c4-909d173f9c7b areoi-element d-flex justify-content-center justify-content-md-start\">\n\t\t\t\n\t\t\t\n\n\t\t\t\t\n\t\t<a \n\t\t\t\n\t\t\tclass=\"block-5446f9ca-cbaa-42df-8020-fec51b20785e btn areoi-has-url position-relative btn-secondary\"\n\t href=\"\/en\/get-in-touch\" rel=\"noreferrer noopener\" target=\"_blank\" >\n\t\t\t\t\t\n\t\t\t\t\tGet in Touch \n\t\t\t\t\t\n\t\t\t\t\t \n\t\t\t\t<\/a>\n\t\t\t\n\n\t\t\t \n\t\t<\/div>\n\t\n \n\t\t\t\n\t\t<\/div>\n\t\n\n\n\t\t<div  class=\"block-3a7702ac-7e87-4702-abff-88e557a0d73c col areoi-element align-self-md-center col-xxl-7 d-none d-sm-none d-md-block\">\n\t\t\t\n\t\t\t\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/www.syteca.com\/wp-content\/uploads\/2022\/12\/Rectangle-205.png\" alt=\"\"\/><\/figure>\n\n \n\t\t\t\n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n \n\t\t<\/div>\n\t\n\n\t\t\t \n\t\t<\/div>\n\t","protected":false},"excerpt":{"rendered":"","protected":false},"author":16,"featured_media":0,"parent":12284,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-full.php","meta":{"footnotes":""},"class_list":["post-13323","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program | Syteca<\/title>\n<meta name=\"description\" content=\"Brief overview of the main requirements introduced by NISPOM Change 2 and Department of Homeland Security Insider Threat and Mitigation Act of 2017 with explanations and tools recommendations\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program | Syteca\" \/>\n<meta property=\"og:description\" content=\"Brief overview of the main requirements introduced by NISPOM Change 2 and Department of Homeland Security Insider Threat and Mitigation Act of 2017 with explanations and tools recommendations\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666\" \/>\n<meta property=\"og:site_name\" content=\"Syteca\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-18T13:18:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png\" \/>\n\t<meta property=\"og:image:width\" content=\"571\" \/>\n\t<meta property=\"og:image:height\" content=\"334\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"14 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666\",\"url\":\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666\",\"name\":\"NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program | Syteca\",\"isPartOf\":{\"@id\":\"https:\/\/www.syteca.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png\",\"datePublished\":\"2023-04-18T13:18:00+00:00\",\"dateModified\":\"2025-06-18T13:18:48+00:00\",\"description\":\"Brief overview of the main requirements introduced by NISPOM Change 2 and Department of Homeland Security Insider Threat and Mitigation Act of 2017 with explanations and tools recommendations\",\"breadcrumb\":{\"@id\":\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#primaryimage\",\"url\":\"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png\",\"contentUrl\":\"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Solutions\",\"item\":\"https:\/\/www.syteca.com\/en\/solutions\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"IT Compliance Solution\",\"item\":\"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.syteca.com\/en\/#website\",\"url\":\"https:\/\/www.syteca.com\/en\/\",\"name\":\"Syteca\",\"description\":\"Syteca | software to monitor privileged users and audit employee activity, detect insider threats, and protect servers in real time. Try a free demo now!\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.syteca.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program | Syteca","description":"Brief overview of the main requirements introduced by NISPOM Change 2 and Department of Homeland Security Insider Threat and Mitigation Act of 2017 with explanations and tools recommendations","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666","og_locale":"en_US","og_type":"article","og_title":"NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program | Syteca","og_description":"Brief overview of the main requirements introduced by NISPOM Change 2 and Department of Homeland Security Insider Threat and Mitigation Act of 2017 with explanations and tools recommendations","og_url":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666","og_site_name":"Syteca","article_modified_time":"2025-06-18T13:18:48+00:00","og_image":[{"width":571,"height":334,"url":"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"14 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666","url":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666","name":"NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program | Syteca","isPartOf":{"@id":"https:\/\/www.syteca.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#primaryimage"},"image":{"@id":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#primaryimage"},"thumbnailUrl":"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png","datePublished":"2023-04-18T13:18:00+00:00","dateModified":"2025-06-18T13:18:48+00:00","description":"Brief overview of the main requirements introduced by NISPOM Change 2 and Department of Homeland Security Insider Threat and Mitigation Act of 2017 with explanations and tools recommendations","breadcrumb":{"@id":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#primaryimage","url":"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png","contentUrl":"https:\/\/www.syteca.com\/wp-content\/uploads\/2023\/04\/pic-NISPOM.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements\/nispom-change-2-and-h-r-act-666#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Solutions","item":"https:\/\/www.syteca.com\/en\/solutions"},{"@type":"ListItem","position":2,"name":"IT Compliance Solution","item":"https:\/\/www.syteca.com\/en\/solutions\/meeting-compliance-requirements"},{"@type":"ListItem","position":3,"name":"NISPOM Conforming Change 2 and Insider Threat and Mitigation Act of 2017 requirements and insider threat program"}]},{"@type":"WebSite","@id":"https:\/\/www.syteca.com\/en\/#website","url":"https:\/\/www.syteca.com\/en\/","name":"Syteca","description":"Syteca | software to monitor privileged users and audit employee activity, detect insider threats, and protect servers in real time. Try a free demo now!","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.syteca.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/www.syteca.com\/en\/wp-json\/wp\/v2\/pages\/13323","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.syteca.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.syteca.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.syteca.com\/en\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/www.syteca.com\/en\/wp-json\/wp\/v2\/comments?post=13323"}],"version-history":[{"count":0,"href":"https:\/\/www.syteca.com\/en\/wp-json\/wp\/v2\/pages\/13323\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.syteca.com\/en\/wp-json\/wp\/v2\/pages\/12284"}],"wp:attachment":[{"href":"https:\/\/www.syteca.com\/en\/wp-json\/wp\/v2\/media?parent=13323"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}