What is Insider Threat?

Written By tim harris

What is Insider Threat?

Insider threat is the potential for someone within your organisation to use their authorised access or understanding of your business to harm your organisation. This harm can include malicious, complacent, or unintentional acts that negatively affect the integrity, confidentiality, and availability of the organization, its data, personnel, or facilities.

•          Espionage

•          Terrorism

•          Unauthorised disclosure of information

•          Corruption, including participation in transnational organised crime

•          Sabotage

•          Workplace violence

•          Intentional or unintentional loss or degradation of departmental resources or capabilities

The insider threat can be either negligence or intentional.

Negligence – An insider of this type exposes an organisation to a threat through carelessness. Negligent insiders are generally familiar with security and/or IT policies but choose to ignore them, creating risk for the organisation. Examples include allowing someone to “tailgate” through a secure entrance point, misplacing or losing a portable storage device containing sensitive information, and ignoring messages to install new updates and security patches.

Intentional Threats - Intentional threats are actions taken to harm an organisation for personal benefit or to act on a personal grievance. The intentional insider is often synonymously referenced as a “malicious insider.” This type of action includes leaking sensitive information, harassing associates, sabotaging equipment, or perpetrating violence.

tim harris
Previous

If you are a business owner, security manager or event organiser you need to be aware of what the Protect Duty means for you?
Next

What is Counter Terrorism Policing?