DOCSLIB.ORG

Insider Threat Mitigation Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Insider Threat Mitigation Guide Insider Threat Mitigation Guide NOVEMBER 2020 Cybersecurity and Infrastructure Security Agency [This page left intentionally blank] Insider Threat Mitigation Guide Table of Contents Letter from the Acting Assistant Director ....................................... v Introduction .................................................................................. 1 Costs of Insider Threats ................................................................................2 Return on Investment for Insider Threat Mitigation Programs ...........................4 Insider Threat Mitigation Program .................................................................5 Defining Insider Threats ................................................................. 8 Definition of an Insider ..................................................................................9 Definition of Insider Threat ............................................................................10 Types of Insider Threats ................................................................................12 Expressions of Insider Threat ........................................................................13 Concluding Thoughts ....................................................................................18 Key Points....................................................................................................19 Building an Insider Threat Mitigation Program ................................ 20 Characteristics of an Effective Insider Threat Mitigation Program ......................21 Core Principles .............................................................................................23 Keys for Success ..........................................................................................26 Establishing an Insider Threat Mitigation Program ...........................................28 Concluding Thoughts ....................................................................................51 Key Points....................................................................................................54 Detecting and Identifying Insider Threats ....................................... 56 Threat Detection and Identification ................................................................57 Progression of an Insider Threat Toward a Malicious Incident ...........................58 Threat Detectors ..........................................................................................61 Threat Indicators ..........................................................................................63 Concluding Thoughts ....................................................................................70 Key Points....................................................................................................72 Assessing Insider Threats .............................................................. 73 Assessment Process ....................................................................................74 Violence in Threat Assessment .....................................................................80 Profiles – No Useful Profile in Threat Assessment ...........................................83 Cybersecurity and Infrastructure Security Agency iii Insider Threat Mitigation Guide Making a Threat vs. Posing a Threat .............................................................84 Leakage in Targeted Violence ........................................................................85 Awareness of Scrutiny ...................................................................................85 Use of a Behavioral Scientist.........................................................................86 Case Considerations for the Involvement of Law Enforcement ..........................86 Concluding Thoughts ....................................................................................87 Key Points....................................................................................................89 Managing Insider Threats .............................................................. 90 Characteristics of Insider Threat Management Strategies ................................91 Intervention Strategies .................................................................................93 Managing Domestic Violence .......................................................................95 Managing Mental Health ..............................................................................96 Use of Law Enforcement in Threat Management .............................................97 Suspensions and Terminations for Persons of Concern ...................................98 Monitoring and Closing a Case .....................................................................99 Avoid Common Pitfalls ..................................................................................100 Concluding Thoughts ....................................................................................100 Key Points....................................................................................................103 Conclusion .................................................................................... 105 Appendix A. Summary of Key Points ............................................... 107 Chapter 2: Defining Insider Threats ................................................................107 Chapter 3: Building an Insider Threat Mitigation Program .................................108 Chapter 4: Detecting and Identifying Insider Threats .......................................109 Chapter 5: Assessing Insider Threats .............................................................110 Chapter 6: Managing Insider Threats .............................................................111 Appendix B. Tools and Resources ................................................... 114 Program Management ...................................................................................114 Detecting and Identifying Insider Threats ........................................................117 Assessing Insider Threats .............................................................................119 Appendix C. Terms and Acronyms ................................................... 121 Terms ..........................................................................................................121 Acronyms .....................................................................................................127 Cybersecurity and Infrastructure Security Agency iv Insider Threat Mitigation Guide Letter from the Acting Assistant Director America’s critical infrastructure assets, systems, and networks, regardless of size or function, are susceptible to disruption or harm by an insider, or someone with institutional knowledge and current or prior authorized access. This status makes it possible for current or former employees, contractors, and other trusted insiders to cause significant damage. Insiders have compromised sensitive information, damaged organizational reputation, caused lost revenue, stolen intellectual property, reduced market share, and even harmed people. Allowing America’s critical infrastructure to be compromised by an insider could have a debilitating effect on the Nation’s economic security, public health, or public safety. That is why it is important to understand this complicated threat, its many dimensions, and the concepts and practices needed to develop an effective insider threat program. To mitigate physical and cybersecurity threats, it is important to understand the risks posed by insiders and then build a comprehensive insider threat mitigation program that accounts for operational, legal, and regulatory considerations. The Cybersecurity and Infrastructure Security Agency (CISA) plays an integral role in supporting public and private sector efforts to prevent and mitigate a wide range of risks, including those posed by insiders. This Insider Threat Mitigation Guide is an evolution in the series of resources CISA makes available on insider threats. This Guide draws from the expertise of some of the most reputable experts in the field to provide comprehensive information to help federal, state, local, tribal, and territorial governments; non-governmental organizations; and the private sector establish or enhance an insider threat prevention and mitigation program. Moreover, this Guide accomplishes this objective in a scalable manner that considers the level of maturity and size of the organization. It also contains valuable measures for building and using effective threat management teams. Through a case study approach, this Guide details an actionable framework for an effective insider threat mitigation program: Defining the Threat, Detecting and Identifying the Threat, Assessing the Threat, and Managing the Threat. On CISA.gov, visitors will find extensive tools, training, and information on the array of threats the Nation faces, including insider threats. They will also find options to help protect against and prevent an incident and steps to mitigate risks if an incident does occur. The measures you incorporate into your practices today could pay for themselves many times over by preventing an insider threat or mitigating the impacts of a successful attack in the future. I urge you to use CISA.gov and this Guide to increase your own organization’s security and resilience. Sincerely, Steve Harris Acting Assistant Director for Infrastructure Security Cybersecurity and Infrastructure
Load more

Recommended publications
  • Joy Harjo Reads from 'Crazy Brave' at the Central Library
    Joy Harjo Reads From 'Crazy Brave' at the Central Library [0:00:05] Podcast Announcer: Welcome to the Seattle Public Library's podcasts of author readings and Library events; a series of readings, performances, lectures and discussions. Library podcasts are brought to you by the Seattle Public Library and Foundation. To learn more about our programs and podcasts visit our website at www.spl.org. To learn how you can help the Library Foundation support the Seattle Public Library go to foundation.spl.org. [0:00:40] Marion Scichilone: Thank you for joining us for an evening with Joy Harjo who is here with her new book Crazy Brave. Thank you to Elliot Bay Book Company for inviting us to co-present this event, to the Seattle Times for generous promotional support for library programs. We thank our authors series sponsor Gary Kunis. Now, I'm going to turn the podium over to Karen Maeda Allman from Elliott Bay Book Company to introduce our special guest. Thank you. [0:01:22] Karen Maeda Allman: Thanks Marion. And thank you all for coming this evening. I know this is one of the readings I've most look forward to this summer. And as I know many of you and I know that many of you have been reading Joy Harjo's poetry for many many years. And, so is exciting to finally, not only get to hear her read, but also to hear her play her music. Joy Harjo is of Muscogee Creek and also a Cherokee descent. And she is a graduate of the Iowa Writers Workshop at the University of Iowa.
    [Show full text]
  • MUSIC and MOVEMENT in PIXAR: the TSU's AS an ANALYTICAL RESOURCE
    Revis ta de Comunicación Vivat Academia ISSN: 1575-2844 Septiembre 2016 Año XIX Nº 136 pp 82-94 DOI: https://doi.org/10.15178/va.2016.136.82-94 INVESTIGACIÓN/RESEARCH Recibido: 18/12/2015 --- Aceptado: 27/05/2016 --- Publicado: 15/09/2016 Recibido: 18/12/2015 --- Aceptado: 27/05/2016 --- Publicado: 15/09/2016 MUSIC AND MOVEMENT IN PIXAR: THE TSU’s AS AN ANALYTICAL RESOURCE Diego Calderón Garrido1: University of Barcelona. Spain [email protected] Josep Gustems Carncier: University of Barcelona. Spain [email protected] Jaume Duran Castells: University of Barcelona. Spain [email protected] ABSTRACT The music for the animation cinema is closely linked with the characters’ movement and the narrative action. This paper presents the Temporary Semiotic Units (TSU’s) proposed by Delalande, as a multimodal tool for the music analysis of the actions in cartoons, following the tradition of the Mickey Mousing. For this, a profile with the applicability of the nineteen TSU’s was applied to the fourteen Pixar movies produced between 1995-2013. The results allow us to state the convenience of the use of the TSU’s for the music comprehension in these films, especially in regard to the subject matter and the characterization of the characters and as a support to the visual narrative of this genre. KEY WORDS Animation cinema, Music – Pixar - Temporary Semiotic Units - Mickey Mousing - Audiovisual Narrative – Multimodality 1 Diego Calderón Garrido: Doctor in History of Art, titled superior in Modern Music and Jazz music teacher and sound in the degree of Audiovisual Communication at the University of Barcelona.
    [Show full text]
  • Brave Waiting No
    Sermon #1371 Metropolitan Tabernacle Pulpit 1 BRAVE WAITING NO. 1371 A SERMON DELIVERED ON LORDS-DAY MORNING, AUGUST 26, 1877, BY C. H. SPURGEON, AT THE METROPOLITAN TABERNACLE, NEWINGTON. “Wait on the Lord: be of good courage and He shall strengthen your heart: wait, I say, on the Lord.” Psalm 27:14. THE Christian’s life is no child’s play. All who have gone on pilgrimage to the celestial city have found a rough road, sloughs of despond and hills of difficulty, giants to fight and tempters to shun. Hence there are two perils to which Christians are exposed—the one is that under heavy pressure they should start away from the path which they ought to pursue—the other is lest they should grow fearful of failure and so become faint-hearted in their holy course. Both these dangers had evidently occurred to David and in the text he is led by the Holy Spirit to speak about them. “Do not,” he seems to say, “do not think that you are mistaken in keeping to the way of faith. Do not turn aside to crooked policy. Do not begin to trust in an arm of flesh, but wait upon the Lord.” And, as if this were a duty in which we are doubly apt to fail, he repeats the exhortation and makes it more emphatic the second time, “Wait, I say, on the Lord.” Hold on with your faith in God. Persevere in walking according to His will. Let nothing seduce you from your integrity—let it never be said of you, “You ran well, what did hinder you that you did not obey the truth?” And lest we should be faint in our minds, which was the second danger, the psalmist says, “Be of good courage, and He shall strengthen your heart.” There is really nothing to be depressed about.
    [Show full text]
  • Competing Theories of Blackmail: an Empirical Research Critique of Criminal Law Theory
    Competing Theories of Blackmail: An Empirical Research Critique of Criminal Law Theory Paul H. Robinson,* Michael T. Cahill** & Daniel M. Bartels*** The crime of blackmail has risen to national media attention because of the David Letterman case, but this wonderfully curious offense has long been the favorite of clever criminal law theorists. It criminalizes the threat to do something that would not be criminal if one did it. There exists a rich liter- ature on the issue, with many prominent legal scholars offering their accounts. Each theorist has his own explanation as to why the blackmail offense exists. Most theories seek to justify the position that blackmail is a moral wrong and claim to offer an account that reflects widely shared moral intuitions. But the theories make widely varying assertions about what those shared intuitions are, while also lacking any evidence to support the assertions. This Article summarizes the results of an empirical study designed to test the competing theories of blackmail to see which best accords with pre- vailing sentiment. Using a variety of scenarios designed to isolate and test the various criteria different theorists have put forth as “the” key to blackmail, this study reveals which (if any) of the various theories of blackmail proposed to date truly reflects laypeople’s moral judgment. Blackmail is not only a common subject of scholarly theorizing but also a common object of criminal prohibition. Every American jurisdiction criminalizes blackmail, although there is considerable variation in its formulation. The Article reviews the American statutes and describes the three general approaches these provisions reflect.
    [Show full text]
  • Definitions of Child Abuse and Neglect
    STATE STATUTES Current Through March 2019 WHAT’S INSIDE Defining child abuse or Definitions of Child neglect in State law Abuse and Neglect Standards for reporting Child abuse and neglect are defined by Federal Persons responsible for the child and State laws. At the State level, child abuse and neglect may be defined in both civil and criminal Exceptions statutes. This publication presents civil definitions that determine the grounds for intervention by Summaries of State laws State child protective agencies.1 At the Federal level, the Child Abuse Prevention and Treatment To find statute information for a Act (CAPTA) has defined child abuse and neglect particular State, as "any recent act or failure to act on the part go to of a parent or caregiver that results in death, https://www.childwelfare. serious physical or emotional harm, sexual abuse, gov/topics/systemwide/ or exploitation, or an act or failure to act that laws-policies/state/. presents an imminent risk of serious harm."2 1 States also may define child abuse and neglect in criminal statutes. These definitions provide the grounds for the arrest and prosecution of the offenders. 2 CAPTA Reauthorization Act of 2010 (P.L. 111-320), 42 U.S.C. § 5101, Note (§ 3). Children’s Bureau/ACYF/ACF/HHS 800.394.3366 | Email: [email protected] | https://www.childwelfare.gov Definitions of Child Abuse and Neglect https://www.childwelfare.gov CAPTA defines sexual abuse as follows: and neglect in statute.5 States recognize the different types of abuse in their definitions, including physical abuse, The employment, use, persuasion, inducement, neglect, sexual abuse, and emotional abuse.
    [Show full text]
  • Sing out Loud Music Festival Schedule
    SING OUT LOUD FESTIVAL, THE FREE, MULTI-DAY, MULTI-VENUE MUSIC FESTIVAL ANNOUNCES FESTIVAL SCHEDULE FEATURING OVER 200 ARTISTS PLAYING 50 SHOWCASES AT 15 VENUES AROUND ST. AUGUSTINE, FLORIDA PRESENTED BY COMMUNITY FIRST CREDIT UNION St. Augustine, Fla. (August 14, 2017) – Nine days, 15 venues, 50 showcases, over 200 performing artists. All free and open to the public. This is the Sing Out Loud Festival, the largest free music festival ever held in North Florida. The official Sing Out Loud schedule is now available, detailing the epic celebration of live entertainment that will take place throughout St. Augustine, Florida for three weekends this September. The schedule with full performance lineups, show times and locations is available online at www.singoutloudfestival.com/schedule. The Sing Out Loud Festival is presented by Community First Credit Union and produced by the St. Johns County Cultural Events Division with support from St. Johns County Tourist Development Council, the St. Johns Cultural Council and the St. Augustine, Ponte Vedra, & The Beaches Visitors and Convention Bureau. In a convergence of musical genres as wide ranging as Texas Outlaw Country, New Orleans Brass and Funk, Alternative Indie Rock, Americana, Bluegrass, Neo-Soul, Folk, Punk, Hip Hop, Spoken Word, Comedy, Electronic and more, the Sing Out Loud Music Festival, now in its second year, has expanded to include over 200 national, local and regional acts playing 50 showcases at 15 St. Augustine venues during September 8 – 10, 15 -17 and 22 - 24. The free, multi-day, multi-venue festival features national acts including Steve Earle & the Dukes, Lake Street Dive, Wolf Parade, Dirty Dozen Brass Band, Los Lobos and more in addition to a massive regional and local lineup.
    [Show full text]
  • How to Analyze the Cyber Threat from Drones
    C O R P O R A T I O N KATHARINA LEY BEST, JON SCHMID, SHANE TIERNEY, JALAL AWAN, NAHOM M. BEYENE, MAYNARD A. HOLLIDAY, RAZA KHAN, KAREN LEE How to Analyze the Cyber Threat from Drones Background, Analysis Frameworks, and Analysis Tools For more information on this publication, visit www.rand.org/t/RR2972 Library of Congress Cataloging-in-Publication Data is available for this publication. ISBN: 978-1-9774-0287-5 Published by the RAND Corporation, Santa Monica, Calif. © Copyright 2020 RAND Corporation R® is a registered trademark. Cover design by Rick Penn-Kraus Cover images: drone, Kadmy - stock.adobe.com; data, Getty Images. Limited Print and Electronic Distribution Rights This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited. Permission is given to duplicate this document for personal use only, as long as it is unaltered and complete. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial use. For information on reprint and linking permissions, please visit www.rand.org/pubs/permissions. The RAND Corporation is a research organization that develops solutions to public policy challenges to help make communities throughout the world safer and more secure, healthier and more prosperous. RAND is nonprofit, nonpartisan, and committed to the public interest. RAND’s publications do not necessarily reflect the opinions of its research clients and sponsors. Support RAND Make a tax-deductible charitable contribution at www.rand.org/giving/contribute www.rand.org Preface This report explores the security implications of the rapid growth in unmanned aerial systems (UAS), focusing specifically on current and future vulnerabilities.
    [Show full text]
  • Five Threats Series: Threat 2 – Ransomware Attack
    405(d) Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP) Five Threats Series: Threat 2 – Ransomware Attack March 2019 In Partnership With The 405(d) Aligning Health Care Industry Security Practices initiative, along with the Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP) publication and this engagement are in partnership with the Healthcare & Public Health Sector Coordinating Council (HSCC) 2 Agenda Time Topic Speaker 5 Minutes Opening Remarks & Introductions 5 Minutes CSA Section 405(d)’s Mandate, Purpose, and Desired Goals 5 Minutes HICP Overview 10 Minutes Using HICP and Supporting Resources 40 Minutes Threat 2 – Ransomware Attack and Mitigating Practices 5 Minutes Looking Forward 5 Minutes Upcoming 5 Threats 15 Minutes Questions 3 CSA Section 405(d)’s Mandate, Purpose, and Desired Goals Cybersecurity Act of 2015 (CSA): Legislative Basis CSA Section 405 Improving Cybersecurity in the Health Care Industry Section 405(b): Health Section 405(c): Health Section 405(d): Aligning care industry Care Industry Health Care Industry preparedness report Cybersecurity Task Force Security Approaches 5 Industry-Led Activity to Improve Cybersecurity in the Healthcare and Public Health (HPH) Sector WHAT IS THE 405(d) EFFORT? WHO IS PARTICIPATING? An industry-led process to develop The 405(d) Task Group is consensus-based guidelines, convened by HHS and comprised practices, and methodologies to of over 150 information security strengthen the HPH-sector’s officers, medical professionals, cybersecurity posture against privacy experts, and industry cyber threats. leaders. HOW WILL 405(d) ADDRESS HPH WHY IS HHS CONVENING THIS CYBERSECURITY NEEDS? EFFORT? With a targeted set of applicable To strengthen the cybersecurity & voluntary practices that seeks posture of the HPH Sector, to cost-effectively reduce the Congress mandated the effort in cybersecurity risks of healthcare the Cybersecurity Act of 2015 organizations.
    [Show full text]
  • The Pennsylvania State University Schreyer Honors College
    THE PENNSYLVANIA STATE UNIVERSITY SCHREYER HONORS COLLEGE DEPARTMENT OF ENGLISH FEAR OF WORKING-CLASS AGENCY IN THE VICTORIAN INDUSTRIAL NOVEL ADAM BIVENS SPRING 2018 A thesis submitted in partial fulfillment of the requirements for a baccalaureate degree in English with honors in English Reviewed and approved* by the following: Elizabeth Womack Assistant Professor of English Thesis Supervisor Paul deGategno Professor of English Honors Adviser * Signatures are on file in the Schreyer Honors College. i ABSTRACT This work examines the Victorian Industrial novel as a genre of literature that reflects the middle-class biases of influential authors like Charles Dickens and Elizabeth Gaskell, who cater to middle-class readers by simultaneously sympathizing with the poor and admonishing any efforts of the working class to express political agency that challenge the social order. As such, the Victorian Industrial novel routinely depicts trade unionism in a negative light as an ineffective means to secure socioeconomic gains that is often led by charismatic demagogues who manipulate naïve working people to engage in violent practices with the purpose of intimidating workers. The Victorian Industrial novel also acts as an agent of reactionary politics, reinforcing fears of mob violence and the looming threat of revolutionary uprising in England as had occurred throughout Europe in 1848. The novels display a stubborn refusal to link social ills to their material causes, opting instead to endorse temporary and idealist solutions like paternalism, liberal reformism, and marriage between class members as panaceæ for class antagonisms, thereby decontextualizing the root of the problem through the implication that all poor relations between the worker and employer, the proletariat and the bourgeoisie, can be attributed to a breakdown in communication and understanding.
    [Show full text]
  • Heroes (TV Series) - Wikipedia, the Free Encyclopedia Pagina 1 Di 20
    Heroes (TV series) - Wikipedia, the free encyclopedia Pagina 1 di 20 Heroes (TV series) From Wikipedia, the free encyclopedia Heroes was an American science fiction Heroes television drama series created by Tim Kring that appeared on NBC for four seasons from September 25, 2006 through February 8, 2010. The series tells the stories of ordinary people who discover superhuman abilities, and how these abilities take effect in the characters' lives. The The logo for the series featuring a solar eclipse series emulates the aesthetic style and storytelling Genre Serial drama of American comic books, using short, multi- Science fiction episode story arcs that build upon a larger, more encompassing arc. [1] The series is produced by Created by Tim Kring Tailwind Productions in association with Starring David Anders Universal Media Studios,[2] and was filmed Kristen Bell primarily in Los Angeles, California. [3] Santiago Cabrera Four complete seasons aired, ending on February Jack Coleman 8, 2010. The critically acclaimed first season had Tawny Cypress a run of 23 episodes and garnered an average of Dana Davis 14.3 million viewers in the United States, Noah Gray-Cabey receiving the highest rating for an NBC drama Greg Grunberg premiere in five years. [4] The second season of Robert Knepper Heroes attracted an average of 13.1 million Ali Larter viewers in the U.S., [5] and marked NBC's sole series among the top 20 ranked programs in total James Kyson Lee viewership for the 2007–2008 season. [6] Heroes Masi Oka has garnered a number of awards and Hayden Panettiere nominations, including Primetime Emmy awards, Adrian Pasdar Golden Globes, People's Choice Awards and Zachary Quinto [2] British Academy Television Awards.
    [Show full text]
  • Computer Crime
    r;r,s. D'~partment of Justice Bureau of Justice Statistics National Criminal Justice Reference Service nCJrs This microfiche was produced from documents received for inclusion in the NCJRS data base. Since NCJRS cannot exercise control over the physical condition of the documents submitted, the individual frame quality will vary. The resolution chart on this frame may be used to evaluate the document quality . , -!... "":'~ ~.' -"""'':-; "' ...c._" .""'~"o.A",,,~.,,,~ .'... ...., "'':''''-"''--_._. '\. COMPUTER l,!;i 2 8 11111 . 11I111~ CRIME !j,g w /////3,2 2.2 ~ . .W ~3.6 . ,., . u: w I~ ... , . ... ~ 1.1 I.I.U':'~ 111111.8 " • ..... I, • 111111.25 111111.4 111111.6 , ' \ t: I MICROCOPY RESOLUTION TEST CHART NATIONAL BUREAU OF STANDARDS-1963-A = _. • i j ~ • "~"'-"" ••• ' -.. ..- "'~"""7 .•.•• ~" .r Microfilming procedures used to create this fiche comply with the standards set forth in 41CFR 101-11.504. Points of view or opinions stated in this document are : . those of the author(s) and do not represent the official DATE FILMED I position or policies of the U. S. Department of Justice. r if , . J \ 10/22/81; National Institute of Justice ~.) ~ .-.... ,- .- .... + • United States Department of Justice .~ Washington, D. C. 205&1 1/ Ii _ ..Jf' .' I .: ...... ..,. U.S. Department of Justice Bureau of Justice Statistics , U.S. Department of Justice Computer Bureau of Justice Statistics Crime Benjamine H. Renshaw Acting Director I Carol G. Kaplan Expert Director, Privacy & Security Staff Witness Manual U.S. Department of Justice National Institute of Justice This document hilS been reproduced exactly as received from the person or organization originating it. Points of view or opinions stated in this document are those of the authors and do not necessarily represent the official position or policies of the National Institute of Justice.
    [Show full text]
  • 9/11 Report”), July 2, 2004, Pp
    Final FM.1pp 7/17/04 5:25 PM Page i THE 9/11 COMMISSION REPORT Final FM.1pp 7/17/04 5:25 PM Page v CONTENTS List of Illustrations and Tables ix Member List xi Staff List xiii–xiv Preface xv 1. “WE HAVE SOME PLANES” 1 1.1 Inside the Four Flights 1 1.2 Improvising a Homeland Defense 14 1.3 National Crisis Management 35 2. THE FOUNDATION OF THE NEW TERRORISM 47 2.1 A Declaration of War 47 2.2 Bin Ladin’s Appeal in the Islamic World 48 2.3 The Rise of Bin Ladin and al Qaeda (1988–1992) 55 2.4 Building an Organization, Declaring War on the United States (1992–1996) 59 2.5 Al Qaeda’s Renewal in Afghanistan (1996–1998) 63 3. COUNTERTERRORISM EVOLVES 71 3.1 From the Old Terrorism to the New: The First World Trade Center Bombing 71 3.2 Adaptation—and Nonadaptation— ...in the Law Enforcement Community 73 3.3 . and in the Federal Aviation Administration 82 3.4 . and in the Intelligence Community 86 v Final FM.1pp 7/17/04 5:25 PM Page vi 3.5 . and in the State Department and the Defense Department 93 3.6 . and in the White House 98 3.7 . and in the Congress 102 4. RESPONSES TO AL QAEDA’S INITIAL ASSAULTS 108 4.1 Before the Bombings in Kenya and Tanzania 108 4.2 Crisis:August 1998 115 4.3 Diplomacy 121 4.4 Covert Action 126 4.5 Searching for Fresh Options 134 5.
    [Show full text]