ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: PV022
  • Created: 12th June 2024
  • Updated: 21st July 2024
  • Contributor: The ITM Team

Internal Whistleblowing

Provide a process for all staff members to report concerning and/or suspicious behaviour to the organization's security team for review. An internal whistleblowing process should take into consideration the privacy of the reporter and the subject(s) of the report, with specific regard to safeguarding against reprisals against reporters.

Sections

ID Name Description
MT007Resentment

A subject is motivated by resentment towards the organisation to access and exfiltrate or destroy data or otherwise contravene internal policies. 

MT004Political or Philosophical Beliefs

A subject is motivated by their political or philosophical beliefs to access and destroy or exfiltrate sensitive data or otherwise contravene internal policies.

MT012Coercion

A subject is persuaded against their will to access and exfiltrate or destroy sensitive data, or conduct some other act that harms or undermines the target organization. 

MT010Self Sabotage

A subject accesses and exfiltrates or destroys sensitive data or otherwise contravenes internal policies with the aim to be caught and penalised.

MT005Personal Gain

A subject seeks personal gain from another by accessing and exfiltrating or destroying sensitive data or otherwise contravening internal policies.

MT011Hubris

A subject accesses and exfiltrates or destroys sensitive data or otherwise contravenes internal policies with the aim to successfully defeat controls in order to demonstrate ability and/or skill.

MT001Joiner

A subject joins the organisation with the pre-formed intent to gain access to sensitive data or otherwise contravene internal policies.

MT002Mover

A subject moves within the organisation to a different team with the intent to gain access to sensitive data or to circumvent controls or to otherwise contravene internal policies.

MT005.001Speculative Corporate Espionage

A subject covertly collects confidential or classified information, or gains access, with the intent to sell it to a third party private organization.

MT005.002Corporate Espionage

A third party private organization deploys an individual to a target organization to covertly steal confidential or classified information or gain strategic access for its own benefit.

MT012.003Psychological Manipulation

A third party uses deception, exploitation, or other unethical methods to psychologically manipulate a subject over time, with the intent to influence their perceptions, actions, and decisions. This manipulation can lead the subject to, knowingly or unknowingly, act against the organization’s interests.