Trusted insiders commit intentional or unintentional disruptive or harmful acts across all infrastructure sectors and in virtually every organizational setting. Individuals entrusted with access to or knowledge of an organization represent potential risks and include current or former employees or any other person who has been granted access, understanding, or privilege.
This site is designed to assist individuals, organizations and communities in improving or establishing an insider threat mitigation program. To combat insider threats, organizations should consider a proactive and prevention-focused insider threat mitigation program. This approach can help an organization define specific insider threats unique to their environment, detect and identify those threats, assess their risk, and manage that risk before concerning behaviors manifest in an actual insider incident.
What is an Insider and Insider Threat?
According to the National Insider Threat Task Force (NITTF) “an insider is any person with authorized access to an organization’s resources to include personnel, facilities, information, equipment, networks, or systems”.
The NITTF defines the insider threat as “the risk an insider will use their authorized access, wittingly or unwittingly, to do harm to their organization. This can include theft of proprietary information and technology; damage to company facilities, systems or equipment; actual or threatened harm to employees; or other actions that would prevent the company from carrying out its normal business practice”
How Organizations Mitigate the Insider Threat
The links below describe how organizations can establish an insider threat program, identify and protect critical assets, recognize and report suspicious behavior, and assess and respond to insider threats.
Insider Threats 101 What You Need to Know fact sheet introduces key concepts and important fundamentals for establishing an insider threat mitigation program.
Human Resources’ Role in Preventing Insider Threats fact sheet provides human resource managers with useful and relevant information pertaining to observable behaviors, indicators, and security solutions that can assist organizations with mitigating risk against an insider attack.
The Insider Threat Mitigation Guide provides comprehensive guidance for organizations of all sizes in support of the establishment or enhancement of an insider threat mitigation program. The information within the Guide is scalable and allows for the consideration of the level of maturity and size of the organization.
To get more information on insider threats, please send an email to InTmitigation@hq.dhs.gov
In case of an emergency, or to report suspicious activity or events, call 9-1-1 or contact local law enforcement.