In this week’s tip, we talk about Insider Threat, which is a security risk that come from within an organization. While it can be, it doesn’t necessarily mean the threat is a disgruntled employee. It could be someone socially engineered to do a bad thing, or someone who as access to information they shouldn’t and doesn’t know how to protect it.
Why should we care? – According to the 2019 Verizon Data Bread Investigations Report, 34% of data breaches involve internal actors.
What can we do? – a lot of things!
- Notice odd behavior in coworkers. Are they trying to violate policies or bypass security? Are they disgruntled?
- If you are a data or system owner, make sure that security controls are in place so that only the people who need access to the data have it, and only at the level they need to do their job (least privilege).
- Monitor access to your data.
- Train staff to adopt a data security mindset.
So now you are thinking about our campus and organization. Think beyond that.
What if the insider threat was to your family and your child is the one being socially engineered to give away a password or access to the “home” computer that has banking information on it?
What if the insider threat was a member of your church committee that has access to funds to help your charity organizations?
If you want to have a deeper discussion about insider threats or any other cybersecurity topic, please reach out to the Office of Cybersecurity at itsecurity@uthsc.edu or 901.448.1880. We’d love to talk with you and your group.