Insider Threat is a human security risk that originates within an organization. According to the Verizon Data Breach Investigation Report, a third of all data breaches within organizations involve internal staff. Part of patient safety and protection of our university is knowing what is acceptable while accessing UTHSC technology, data, and resources. Help combat insider threats by understanding your responsibilities and report violations that exposes us all to this threat.
Any violations or suspicious behavior should be reported to the Office of Cybersecurity at itsecurity@uthsc.edu.
Examples of an insider threat include:
- Malicious Insiders
- a disgruntled employee
- someone who has access to information they shouldn't
- Negligent Insiders
- someone tricked by social engineering
- someone who doesn't know how to protect the data they have
Both negligent and malicious insiders are highly dangerous. Their actions must be detected before any harm is done, such as granting access to sensitive data, bypassing approved security protocols, or leaking data.
Insider threats can be difficult to spot, and vigilance is needed from the UTHSC community to protect our assets. Here are some signs to watch for:
- personality and behavioral changes
- disagreements with coworkers/campus policies
- accessing large amounts of data if that is not normal work processes
- odd working hours
- attempts to move data offsite
- staff and/or Students permanently leaving campus
- unauthorized attempts to access servers and data
- authorized but unusual access to servers and data
- financial distress/unexplained financial gain