What it is
An insider threat most often comes from either a current or an ex-employee of your business.
It might be someone who:
- knows how your business infrastructure works – for example, they may know how your networks are set up, and how to access your computer system
- understands the strengths and weaknesses of your infrastructure
- has physical access to things like your servers
- knows which of your employees have access to the kind of information they want
- knows which employees are an easy target — in other words, they know which employees will give them any information they ask for without question.
The insider might use information about your business:
- to commit fraud
- to sabotage or cause harm to your business, or
- for revenge.
Insider threat can also happen when someone with inside information unintentionally exposes your business to risk, either through:
- negligence, for example choosing to ignore security policies you have in place, or
- accident – like accidentally sending sensitive information to an incorrect email address.
The risks
An attacker with inside knowledge can:
- steal your trade secrets or intellectual property (IP)
- bring down your network or your services, like your website
- cause brand damage, affecting your reputation and share price.