At CORAS, we’re committed to architecting and securing our environments from external threats. Firewalls, MFA, and other security tools and approaches are used to protect the data we’re charged with guarding.
Protecting information from external threats is important, but equally important is being aware of challenges coming from within CORAS. These risks are known as insider threats, as they come from people within CORAS.
These threats can include employees, as well as contractors or business associates. Anyone who has inside information concerning our security practices, data and computer systems could present a threat that may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems. In addition to commercial threats, anyone with access to company information, government information, systems or facilities can also use his or her authorized access, wittingly or unwittingly, to do harm to the security of the United States.
This threat is why CORAS requires regular training on what to look out for when it comes to an insider threat. In case you’ve forgotten, here are some warning signs that could indicate that employees are spying and/or stealing secrets from us:
Do any of these warning signs remind you of someone working with or within CORAS? Let us know! If you suspect someone may be committing economic espionage, report it to our corporate security officer. For instructions on step to follow, please see the Insider Threat Reporting Process document, loaded into the CORAS Teams site. You will need to authenticate to open the file using your Office 365 credentials.
Remember: government created or owned information must be safeguarded from unauthorized disclosure. They are trusting CORAS to protect this information and we are trusting you!