True or False: Lisa's insider threat program is compliant if it cannot monitor user activity on classified networks.

The statement is false because an insider threat program is inherently designed to monitor and assess risks associated with potential insider threats, which includes the ability to monitor user activity, particularly on classified networks. Monitoring user activity is a critical component in detecting anomalies or suspicious behavior that could indicate an insider threat. If the program is unable to monitor these actions, it significantly undermines its effectiveness and compliance with established security protocols and regulations. Compliance typically necessitates robust monitoring capabilities to safeguard sensitive information and prevent unauthorized access or potential insider breaches.