Insider-Threat Insider Threat Matrix Proactive Messures Initial Discovery Collection Exfiltration Business Impact DLP Enforcement Browsing Job Sites Downloads from Application Upload to 3rd Party File Share Bulk Delete Files Prevent Backups to Unapproved Storage Locations Employee Facing Disiplinary Actions Downloads from Internal File Share External Email with Attachments Destruction of Physical Device Employee Awareness Pending Termination/Resignation Downloads from Email Upload to Removable Storage Device Changing Service Account Password Collaboration with HR Corporate Restructuring/Reduction in Workforce Downloads from IM/Chat AirDrop to a Device Malicious Changes to Application/System Collaboration with Legal Correspondence with Competitors Downloads from Intranet Printing Malicious Social Media Post Role Based Access Attempted Access to Restricted Areas Copying System Backups Use of File Share Site with External User Misappropriations of Funds Logging/Monitoring Suspicious Intranet Activity Screenshots Excessive Overtime Collaboration with Privacy Team Activity Outside of Normal Scope Misappropriations of Assets Activity Outside of Normal Hours Forwarding Internal Communications to 3rd Party Suspicious Creation of New Account Insider Trading Violations Correspondence with Former Employee Use of Offensive/Malicious Tools Modify/Delete Logs Exposure of Sensitive/Confidential Information in Public Repositories Use of Offensive/Malicious Tools Tampering with Physical Security Devices Multiple Employees Leaving to Same Company Unauthorized 3rd Party Outsourcing Downloading Pre-Employment Paperwork Unusually Short Employment Nation State Recruiting Program