Short Answer 
Insider threats are individuals with authorized access who can compromise an organization’s security. To identify potential threats, organizations should evaluate access levels and backgrounds of key personnel, such as vendors and project managers. Implementing monitoring strategies is essential to manage risks, particularly for those in high-access roles and their associates.
Step 1: Understanding Insider Threats
Insider threats are individuals who have authorized access to an organization’s resources and use that access to compromise its security. According to the National Insider Threat Task Force (NITTF), these individuals pose a risk due to their ability to manipulate sensitive information or systems. Recognizing who qualifies as a potential insider threat involves assessing their roles and access levels within the organization.
Step 2: Evaluating Specific Cases
In order to classify individuals as potential insider threats, we can evaluate their backgrounds and access rights. Here are the key individuals assessed:
- Susan: Works in sanitation for a cleared defense contractor, but lacks national security eligibility and thus does not pose a threat.
- Jin: A vendor for the DoD who frequently visits cleared facilities, presenting a potential risk due to his access.
- Maria: A project manager with Secret eligibility in a cleared defense contractor, making her a significant potential insider threat.
Step 3: Monitoring and Risk Assessment
To effectively manage insider threats, organizations must implement monitoring strategies and risk assessments. For instance, while Ron may not be an insider threat himself due to lack of direct access, his close relationship with a DoD employee could justify increased surveillance. Organizations should focus on evaluating individuals with high-access roles and those who interact frequently with sensitive areas.