Infringement

A subject affects availability or integrity or systems or data, resulting in operational disruption.

A subject uses organizational resources, such as internet access, email, or work devices, for personal activities both during and outside work hours, exceeding reasonable personal use. This leads to reduced productivity, increased security risks, and the potential mixing of personal and organizational data, ultimately affecting the organization’s efficiency and overall security.

A subject uses electronic mail to exfiltrate data.

A subject uses an external device, such as a mobile phone or camera, to record audio, photos, or video to capture media.

A subject uses a messaging application to exfiltrate data through messages or uploaded media.

A subject exfiltrates files through a network. A network can be an Internet Protocol (IP) network or other technology enabling the communication of data between two or more digital devices.

A subject may exfiltrate data via a physical medium, such as a removable drive.

A subject uses an existing, legitimate external Web service to exfiltrate data

A subject engages in unauthorized conduct that amounts to harassment or discriminatory behavior within the workplace, targeting individuals or groups based on protected characteristics, such as race, gender, religion, or other personal attributes. Incidents of harassment and discrimination may expose the organization to legal risks, potential reputational damage, and regulatory penalties. Additionally, individuals affected by such behavior may be at higher risk of retaliating or disengaging from their work, potentially leading to further insider risks.

A subject accesses web content that is deemed inappropriate by the organization.

A subject installs unapproved software on a corporate device, contravening internal policies on acceptable use of company equipment.

A subject dishonestly makes false representations, fails to disclose information or abuses their access or position to make a financial gain and/or cause a loss to an organization. Methods to achieve this include unauthorized bank transfers, misuse of corporate cards, or creating fictitious invoices.

The subject performs work-related tasks on an unauthorized, non-organization-owned device, likely violating organizational policy. Without the organization’s security controls in place, this device could be used to bypass established safeguards. Moreover, using a personal device increases the risk of sensitive data being retained or exposed, particularly after the subject is offboarded, as the organization has no visibility or control over information stored outside its managed systems.

A subject intentionally provides system or data access to a third party that is not authorized to access it.

A subject makes comments either in-person or online that can damage the organization's brand through association.

A subject interacts with a public Artificial Intelligence (AI) chatbot (such as ChatGPT and xAI Grok), leading to the intentional or unintentional sharing of sensitive information.

A subject steals an item or items belonging to an organization, such as a corporate laptop or corporate mobile phone.

A subject makes changes to IT systems that have adverse effects and cause operational disruption.

A subject exfiltrates information by printing it to paper or other physical medium.

The subject installs and uses an unapproved VPN client, potentially violating organizational policy. By using a VPN service not controlled by the organization, the subject can bypass security controls, reducing the security team’s visibility into network activity conducted through the unauthorized VPN. This could lead to significant security risks, as monitoring and detection mechanisms are circumvented.

A subject unlawfully accesses copyrighted material, such as pirated media or illegitimate streaming sites.