All organizations are vulnerable to the threat that insiders may use their access to compromise information, disrupt operations, or cause physical harm to employees. To mitigate this threat, organizations are encouraged to establish and maintain a comprehensive insider threat program that protects physical and cyber assets from intentional or unintentional harm.
What is an Insider and Insider Threat?
According to the National Insider Threat Task Force (NITTF) “an insider is any person with authorized access to an organization’s resources to include personnel, facilities, information, equipment, networks, or systems”.
The NITTF defines the insider threat as “the risk an insider will use their authorized access, wittingly or unwittingly, to do harm to their organization. This can include theft of proprietary information and technology; damage to company facilities, systems or equipment; actual or threatened harm to employees; or other actions that would prevent the company from carrying out its normal business practice”.
To get more information on insider threats, please send an email to InTmitigation@hq.dhs.gov
In case of an emergency, or to report suspicious activity or events, call 9-1-1 or contact local law enforcement.
How Organizations Mitigate the Insider Threat
The links below describe how organizations can establish an insider threat program, identify and protect critical assets, recognize and report suspicious behavior, and assess and respond to insider threats.