HOME   ADVISORY BOARD   MEMBERSHIP  CHAPTERS   MEETINGS   PUBLIC SPEAKING

INSIDER THREAT INCIDENTS E-MAGAZINE

INSIDER THREAT SURVEYS, REPORTS, INCIDENTS

INSIDER THREAT MITIGATION RESOURCES

INSIDER THREAT SYMPOSIUM & EXPO

INSIDER THREAT MITIGATION VENDORS 

SPONSORS   PRESS RELEASES   CONTACT US

 

 

 

 

The Silent And Damaging Threat From Within Organizations - The Insider Threat

What Is Insider Threat?
There are many definitions of Insider Threats. The example listed below is one of many definitions.

The potential for an individual that will use their authorized or unauthorized access, wittingly or unwittingly, to cause harm to the organizations assets (Employees, Facilities, Data, Computer Systems, Networks, Etc.), that can impact the organization through the loss or degradation of organizational resources or capabilities.

Who Is An Insider?

  • Employees'

  • Trusted Business Partners / Sub Contractors

  • Any Individual(s) With Trusted Access To The Organization Assets

 

Insider Threat Incidents Can Be Caused By

  • Just 1 Employee

  • Multiple Employees' In Collusion

  • Employees' In Collusion With External Cyber Criminals / Co-Conspirator(s)

 

Reasons Behind Insider Threat Incidents

  • Non-Malicious (Un-Trained, Careless, Negligent, Etc.)

  • Disgruntled, Malicious, Revenge

  • Opportunist /  Job Jumpers

 

Why Are Organizations So Vulnerable To The Insider Threat?
What Advantages Do Insiders (Employees') Have Over Cyber Criminals?

  • Insiders Have Authorized Access To An Organization Facilities

  • Insiders Have A Login / Password To Access Computer Systems / Networks

  • Insiders Know What Data In An Organization Has The Most Value And Where It Is Stored

  • Insiders Have Access To Financial Information / Bank Accounts And Know How To Exploit Weaknesses To Their Benefit

  • Insiders Know The Security Weaknesses Of An Organization That Are Overlooked, Ignored And Could Be Exploited For Malicious Purposes

 

 

 

 

Insider Threat Damages

 

The damages caused to U.S. National Security and businesses by Malicious Insiders has been severe. Insider Threat incidents are usually not covered in the news, and they happen a lot more frequently then most people realize. Financial damages from Insider Threat incidents can be in the MILLIONS To BILLIONS!!!.

Examples Of Damages / Impacts

  • Government Or Corporate Espionage

  • Financial Loss (Loss Of Trade Secrets / Data Theft, Fraud Schemes, Embezzlement, Etc.)

  • Espionage / Trade Secrets (National Security, Corporate, Research)

  • Operational Impact For The Organization To Execute Its Mission (IT / Network Sabotage, Data Destruction, Sabotage To Facility, Etc.)

  • Legal, Compliance & Liability Impacts

  • Damages To Organizations Reputation

  • Loss Of Customers

  • Stock Price Reduction

  • Workplace Violence (WPV) (To Include Bullying / Sexual Harassment That Turns Into WPV)

  • Workplace Culture - Impact On Employees’

  • Employees Lose Jobs / Company Goes Out Of Business

  • And More........

 

Insider Threat Incidents Reports
Many employees come to work everyday with the best of intentions to work hard and help their organization be the best it can be. But lurking in the shadows could be Trusted Employees' on the verge of becoming Malicious Insiders.

Some senior leaders in organizations may downplay or ignore the Insider Threat problem, and may not want to invest any additional time, resources or funding to support the development of an Insider Threat Program.

In many cases upper management has not been briefed on how damaging JUST 1 Insider Threat incident could be to the organization. Ignoring or discounting the severity of the Insider Threat problem, can end up causing very serious problems for an organization.

While some CEO's may look at an Insider Threat Program as a cost to the organization, an Insider Threat Program should be looked at as proactive program to protect the organization from serious incidents, financial impacts or dire consequences caused by employees'.

The capabilities of a disgruntled or opportunist employee can be very sophisticated and should never be underestimated. An employee can sit silently and morph into the company's worst nightmare before they realize the damages that have been done.

Some organizations invest thousands of dollars in securing their data, computers and networks against Insider Threats, from primarily a technical perspective, using Network Security Tools or Insider Threat Detection Tools. But the Insider Threat problem is not just a technical problem.

The Insider Threat Incidents Reports (Produced Monthly) by the National Insider Threat Special Interest Group (NITSIG), provide an EYE OPENING view of the severe damages that are being caused by Malicious or Opportunist employees'.

These reports serve as an excellent Insider Threat Awareness Tool to educate CEO's, Key Stakeholders supporting the Insider Threat Program, and the workforce on on the dangers of not reporting employees' who may pose a risk or threat to the organization.

 

 

 

 

NITSIG Mission / Overview

U.S. / Global Insider Risk Management Practitioners Alliance

 

  • The mission of the NITSIG is to serve as a Trusted Partner / Information Sharing And Analysis Center for Insider Threat Mitigation.

  • Since 2014, when the NITSIG was established, it has been successful in bringing together Insider Risk Management Professionals and other Security Professionals from the U.S. Government, universities and private sector businesses, to enhance the collaboration and sharing of information, best practices and resources related to Insider Risk Management. This has lead to a more focused and concentrated national effort to reduce the severe impacts (MILLION, BILLIONS) that can be caused by Just 1 Employee, Multiple Employees In Collusion or Employees In Collusion With External Co-Conspirator(s).

  • Sine 2012, there has continued to be a growing demand for individuals to manage or support Insider Threat Programs.

  • The willingness of NITSIG members to collaborate and share information among the membership has been the driving force that has made the NITSIG very successful.

  • The NITSIG Advisory Board is comprised of Insider Risk Management Subject Matter Experts that support government and business Insider Threat Programs.

       More Information / NITSIG Membership Application (Free To Join)

 

 

 

 

National Insider Threat Special Interest Group Platinum Sponsors

 

 

         

 

 

 

 

 

 

                                                                                                                          

                                             

    

  

 

 

 

The National Insider Threat Special Interest Group

Is Not Affiliated With Or Endorsed By The U.S. Federal Government,

The Department of Defense  Or Any Intelligence Community Agency.

 

 

web statistics

 

Copyright © 2021 - National Insider Threat Special Interest Group ™ - All Rights Reserved - Legal Notice