Michelle Del Guercio writes:
On June 8, the Health Sector Cybersecurity Coordination Center (“HC3”) published Types of Cyber Threat Actors That Threaten Healthcare. In that publication, they identify five basic types of insider threats:
- careless or negligent workers
- malicious insiders
- inside agents
- disgruntled employees
- third parties
In 2016, when Protenus and DataBreaches first began collaborating on collecting and analyzing data from reported breaches involving health data, we focused on what is often called the “insider threat” by breaking it down into two categories: human error or breaches due to accidents, which we called “insider-error,” and breaches due to intentional wrongdoing by employees or contractors, which we called “insider-wrongdoing.” Because we have used this categorization for the last few years, we thought this might be a good time to do a look-back and see if, using that framework, insider-wrongdoing reports appear to have increased, decreased or stayed approximately the same over the years.
Read more at Protenus.