Whether it involves a disgruntled employee seeking retribution, a worker looking to profit over the sale of proprietary data, or simply someone accessing data for the sake of curiosity, insiders are as important a consideration as any external threat.
September 2021 marks the third annual National Insider Threat Awareness Month. In collaboration with the Office of the Director of National Intelligence's National Counterintelligence and Security Center, the U.S. Coast Guard is emphasizing the importance of safeguarding our nation by detecting, deterring, and mitigating insider threats.
“The last year and a half presented an increasingly challenging risk environment, with significant adjustments to work and home life, disrupted supply chains, financial insecurity, unreliable or overwhelmed technology capabilities, political and cultural fissures, and serious health concerns,” the DNI office shared in a memo earlier this year. “The risks for espionage, violence, unauthorized disclosure, and even unwitting insider threat actions are higher than ever as our adversaries seek to take advantage of our vulnerabilities through increased targeting of insiders.”
What, exactly, is an insider threat? Insider Threat is defined as the threat that an employee or a contractor will use his or her authorized access, wittingly or unwittingly, to do harm to the security of the United States. This threat can include damage to the United States through espionage, terrorism, unauthorized disclosure of national security information, or through the loss or degradation of organizational resources or capabilities (personnel, facilities, information, equipment, networks, or systems). Simply, it’s a potential unauthorized access or theft of data from within the organization, rather than from an external source.
An external attacker who compromises a user’s account is also considered an insider threat, since that individual now has authorized access to that user’s accounts, data, and applications.
Insider threat awareness is not about curtailing protected free speech or suppressing legitimate whistleblowing; it is about preventing the exploitation of authorized access to avoid harm to an organization and its resources. Reporting concerning behaviors and risk indicators allows insider threat programs to take proactive measures that can lead to positive outcomes for individuals and organizations.
And who mitigates insider threats? You do! One of the most important ways is through awareness and education. The vast majority of Coast Guard employees are honest and want to do the right thing. Being educated in what to look for and how to respond, best helps safeguard the Coast Guard and our Nation.
Additionally, the Coast Guard Insider Threat program is comprised of multidisciplinary teams that address insider threats while protecting members’ privacy and civil liberties.
Over the next four weeks, Coast Guard Insider Threat posters will be displayed around Coast Guard installations, reminding each of us of our responsibility to help prevent threats from insiders with access. The message is simple, says John Goodwill, who coordinates the U.S. Coast Guard’s Insider Threat Awareness Program: If you see something, say something.
To make a confidential report about suspicious behavior click on the dedicated Insider Threat portal.
You will be asked to include your name, but this is primarily so the team can contact you if they have questions or need additional information. Your involvement will remain undisclosed – unless more details are needed to support law enforcement or counterintelligence investigations.