Skip to Main Content

Understanding Insider Threats

Rows of employee icons with a red imposter employee icon in the midst

When people think of cyberattacks, they often imagine shadowy hackers breaking in from the outside. But some of the most damaging threats actually come from within. Insider threats — whether accidental, careless or intentional — can expose sensitive data, disrupt operations and put the entire UCLA community at risk. These threats are especially dangerous because they come from individuals who already have access to systems and information, making them harder to detect and stop.

Q: What exactly is an insider threat?

An insider threat is a security risk that comes from within an organization — employees, contractors or even former staff. These individuals already have access to systems or data, and whether through mistake, negligence, or intent, they can cause harm. In fact, 84% of organizations experienced at least one insider attack in 2024, and these attacks are often harder to detect than external ones.

Q: Are all insider threats malicious?

Not at all. Some are accidents. For example, an employee may mistakenly email payroll details to the wrong recipient. Others involve negligence — like saving sensitive data in an unsecured cloud folder. Of course, some cases are deliberate: a disgruntled employee leaking files or installing malware before leaving a job.

Q: Why should UCLA students, faculty, and staff care?

Because insider threats don’t just affect “the organization.” At our university, they can compromise research, expose personal data and damage trust in the entire academic community. Everyone plays a role in keeping UCLA secure.

Q: What can Bruins do to prevent insider threats?

  • Be cautious with data. Double-check before sending emails or sharing files.
  • Follow policies. Use approved storage and communication tools, not personal accounts or unsecured services.
  • Report concerns. If you notice unusual behavior — like repeated requests for data outside someone’s role — speak up. UCLA encourages a culture of reporting without fear of retaliation.
  • Stay alert. Privileged access, such as administrative rights, carries greater responsibility. Handle it carefully.

Q: What’s the most important takeaway?

That insider threats are not just an IT problem — they’re a community problem. Vigilance, communication, and a culture of security are our strongest defenses.

Bruins, cybersecurity starts with you. #becybersafeUCLA

Learn more about Cybersecurity Awareness Month at UCLA, explore resources, and enter the raffle for a chance to win tickets to the UCLA vs. USC football game: Cybersecurity Awareness Month 2025.

Tags
2025