U.S. CODE
Rulings
AD/CVD
Notices
HTSUS
U.S. Code
Regs
More
Ports
About
Updates
Apps
Larger font
Smaller font
SEARCH
Toggle Dropdown
Search US Code
Search Leg. Notes
Sort by Rank
Titles Ascending
Titles Descending
10 per page
25 Result/page
50 Result/page
U.S Code last checked for updates: Apr 12, 2026
All Titles
Title 10
Subtitle A
Part IV
Chapter 131
§ 2224a. Information security: c...
[§ 2226. Renumbered § 4602]...
§ 2224a. Information security: c...
[§ 2226. Renumbered § 4602]...
U.S. Code
Notes
§ 2225.
Insider threat detection
(a)
Program Required
.—
The Secretary of Defense shall establish a program for information sharing protection and insider threat mitigation for the information systems of the Department of Defense to detect unauthorized access to, use of, or transmission of classified or controlled unclassified information.
(b)
Elements
.—
The program established under subsection (a) shall include the following:
(1)
Technology solutions for deployment within the Department of Defense that allow for centralized monitoring and detection of unauthorized activities, including—
(A)
monitoring the use of external ports and read and write capability controls;
(B)
disabling the removable media ports of computers physically or electronically;
(C)
electronic auditing and reporting of unusual and unauthorized user activities;
(D)
using data-loss prevention and data-rights management technology to prevent the unauthorized export of information from a network or to render such information unusable in the event of the unauthorized export of such information;
(E)
a roles-based access certification system;
(F)
cross-domain guards for transfers of information between different networks; and
(G)
patch management for software and security updates.
(2)
Policies and procedures to support such program, including special consideration for policies and procedures related to international and interagency partners and activities in support of ongoing operations in areas of hostilities.
(3)
A governance structure and process that integrates information security and sharing technologies with the policies and procedures referred to in paragraph (2). Such structure and process shall include—
(A)
coordination with the existing security clearance and suitability review process;
(B)
coordination of existing anomaly detection techniques, including those used in counterintelligence investigation or personnel screening activities; and
(C)
updating and expediting of the classification review and marking process.
(4)
A continuing analysis of—
(A)
gaps in security measures under the program; and
(B)
technology, policies, and processes needed to increase the capability of the program beyond the initially established full operating capability to address such gaps.
(5)
A baseline analysis framework that includes measures of performance and effectiveness.
(6)
A plan for how to ensure related security measures are put in place for other departments or agencies with access to Department of Defense networks.
(7)
A plan for enforcement to ensure that the program is being applied and implemented on a uniform and consistent basis.
(Added
Pub. L. 119–60, div. A, title XVI, § 1623(a)
,
Dec. 18, 2025
,
139 Stat. 1183
.)
cite as:
10 USC 2225
.list_box li,p,.cm-search-info,.cm-search-detail,.abt span,.expand-collapse_top
Get the CustomsMobile app!