Insider Threat
Insider Threat is a human security risk that originates within an organization. According to the 2019 Verizon Data Breach Investigation Report, a third of all data breaches within organizations involve internal staff. Part of patient safety and protection of our University is knowing what is acceptable while accessing UTHSC technology, data, and resources. Help combat insider threats by understanding your responsibilities and report violations that exposes us all to this threat.
Any violations or suspicious behavior should be reported to the Office of Cybersecurity at itsecurity@uthsc.edu or 901.448.1880.
Examples of an insider threat include:
- Malicious Insiders
- a disgruntled employee
- someone who has access to information they shouldn't
- Negligent Insiders
- someone tricked by social engineering
- someone who doesn't know how to protect the data they have
Both negligent and malicious insiders are highly dangerous. Their actions must be detected before any harm is done, such as granting access to sensitive data, bypassing approved security protocols, or leaking data.
Insider threats can be difficult to spot, and vigilance is needed from the UTHSC community to protect our assets. Here are some signs to watch for:
- personality and behavioral changes
- disagreements with coworkers/campus policies
- accessing large amounts of data if that is not normal work processes
- odd working hours
- attempts to move data offsite
- staff and/or Students permanently leaving campus
- unauthorized attempts to access servers and data
- authorized but unusual access to servers and data
- financial distress/unexplained financial gain
In the News
Maryland Nuclear Engineer and Spouse Arrested on Espionage-Related Charges
Banking Insider Accused of Role in $1m BEC Scheme
Terminated Worker Accessed PHI After Leaving Job
Insider sentenced for sabotaging PPE shipments.
Amazon fires employees over a data leak.
Tesla's employee didn't fall for social engineering and stopped a ransomware attack.