Insider Threat Program

Texas Tech University has legal, contractual, and ethical obligations to protect its sensitive research information, systems, research environments, and individuals with access to sensitive information. This policy implements U.S. Government requirements to protect Federally-designated sensitive research information. It establishes an insider threat mitigation process that includes awareness and training along with information security and physical security. The program applies to all staff offices, regions, and personnel with access to any government or contractor resources dedicated to classified research. The ITP Plan includes personnel, facilities, information, equipment, networks, or systems.

Insider Threat comes from any person with authorized access to any university resources who uses that access either wittingly or unwittingly to do harm. The best defense is an active one, which helps to identify the threat before loss of information or research data, and to serve as an effective deterrent. By reporting adverse information, suspicious activities, and other insider threat indicators, you will actively help to detect, deter, and mitigate the insider threats.

At TTU we strive to fulfill our values of diversity, collaboration, and academic freedom. Given the examples listed below and the growing emphasis placed by the U.S. government, insider threats would take advantage of those values for personal gain. TTU’s Insider Threat Program aims to preserve our cherished values and protect researchers and our research institutions by building a culture of reporting, detecting possible threats, and facilitating training and awareness to our research personnel.

Actual Insider Threat Cases

Insider Threat Indicators

• Unreported requests for critical assets outside official channels
• Unreported offers of financial assistance, gifts, or favors by a foreign national or stranger
• Unauthorized downloads or copying of files
• Seeking to obtain access to critical assets inconsistent with present duty requirements
• Attempting to conceal any work-related or personal foreign travel
• Frequently working after hours or at unusual times
• Attempts to expand access
• Changes in financial circumstances (affluence or financial difficulties)
• Repeated and continued patterns of performance deterioration

Keep in mind though that even if an individual exhibits all these indicators, it does not mean they pose an insider threat. Contrarily, but also important to remember, is that if an individual exhibited none of these indicators, then that does not mean they do not pose an insider threat. An insider threat evolves and indicators such as these can overlap and reflect patterns of activities over time.

According to a Defense Counterintelligence and Security Agency (DCSA) 2021 report, “Foreign Intelligence Entities target U.S subject matter experts, professors, and researchers in order to obtain sensitive U.S government information and technology.” The protection of classified and proprietary information is in your hands; it is up to you to report. If you have any questions or concerns about Insider Threat, a potential export control violation, or something to report please contact the Office of Export and Security Compliance or the FSO directly at 806-834-3139 or oesc.fso@ttu.edu

For more resources on Insider Threats, you can visit the Insider Threat Toolkit from the Center for the Development of Security Excellence.