Combating the Insider Threat   [open pdf - 97KB]

"An insider threat is generally defined as a current or former employee, contractor, or other business partner who has or had authorized access to an organization's network, system, or data and intentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization's information or information systems. Insider threats, to include sabotage, theft, espionage, fraud, and competitive advantage are often carried out through abusing access rights, theft of materials, and mishandling physical devices. Insiders do not always act alone and may not be aware they are aiding a threat actor (i.e. the unintentional insider threat). It is vital that organizations understand normal employee baseline behaviors and also ensure employees understand how they may be used as a conduit for others to obtain information. The following product is intended to act as a springboard for organizations to consider policies and practices used to detect and deter the insider threat."

Retrieved From:
U.S. Computer Emergency Readiness Team: http://www.us-cert.gov/
Media Type:
Help with citations