Signs an Employee Might Be an Insider Threat

“An insider is any person with authorized access to an organization’s resources to include personnel, facilities, information, equipment, networks, or systems.[2]”

The insider threat is the risk an insider will use their authorized access, wittingly or unwittingly, to do harm to their organization. This can include theft of proprietary information and technology; damage to company facilities, systems or equipment; actual or threatened harm to employees; or other actions that would prevent the company from carrying out its normal business practices.”[2]

• Anger/revenge - wanting to retaliate against the company for reasons including a perceived lack of recognition, missed promotions, issues with management or co-workers, or a pending layoff
• Compulsive or destructive behaviors - drug, gambling or alcohol dependencies
• Family problems and other personal sterrosors
• Removing proprietary information or seeking access to material outside the scope of assigned job duties
• Working odd hours without approval
• Taking multiple short unexplained trips
• Making unapproved contacts with competitors or business partners
• Showing interest in projects or work outside the employee’s job areas
• Remotely accessing the computer network from home or vacation outside approved work routines
• Unnecessarily copying large volumes of materials or transferring information out of company systems

• Train employees on recognizing the indicators of an insider threat
• Identify important information at your company and implement strong access controls and auditing for that information
• Conduct background checks on personnel before hiring them. Consider conducting background checks on your employees every few years
• Include a non-disclosure agreement and non-compete agreement in your work agreements
• Have an organized employee termination process that involves IT and HR

1 -20 Insider Threat Statistics to Look Out For in 2020

2 -NITTF: Protect Your Organization from the Inside Out