As tough as it is to believe, some cyberattacks originate from inside the company under attack. Whether it be a malicious insider or a careless employee, plenty of data breaches occur from within an organization.
An insider threat is a human security risk that originates within an organization. According to the 2019 Verizon Data Breach Investigation Report, a third of all data breaches within organizations involve internal staff. Part of patient safety and protection of our University is knowing what is acceptable while accessing UTHSC technology, data, and resources. Help combat insider threats by understanding your responsibilities and reporting violations that expose us all to this threat.
Any violations or suspicious behavior should be reported to the Office of Cybersecurity at firstname.lastname@example.org.
Examples of an insider threat include:
- Malicious Insiders
- a disgruntled employee
- someone who has access to information they shouldn’t
- Negligent Insiders
- someone tricked by social engineering
- someone who doesn’t know how to protect the data they have
Both negligent and malicious insiders are highly dangerous. Their actions must be detected before any harm is done, such as granting access to sensitive data, bypassing approved security protocols, or leaking data.
Insider threats can be difficult to spot, and vigilance is needed from the UTHSC community to protect our assets. Here are some signs to watch for:
- personality and behavioral changes
- disagreements with coworkers/campus policies
- accessing large amounts of data if that is not normal work processes
- odd working hours
- attempts to move data offsite
- staff and/or Students permanently leaving campus
- unauthorized attempts to access servers and data
- authorized but unusual access to servers and data
- financial distress/unexplained financial gain