Kapatau rāroto

Insider threat

'Insider threat' is a malicious threat to a business or organisation from someone who has inside knowledge. It’s one of the biggest cyber security threats that businesses face.

What it is

An insider threat most often comes from either a current or an ex-employee of your business.

It might be someone who:

  • knows how your business infrastructure works – for example, they may know how your networks are set up, and how to access your computer system
  • understands the strengths and weaknesses of your infrastructure
  • has physical access to things like your servers
  • knows which of your employees have access to the kind of information they want
  • knows which employees are an easy target — in other words, they know which employees will give them any information they ask for without question.

The insider might use information about your business:

  • to commit
  • to sabotage or cause harm to your business, or
  • for revenge.

Insider threat can also happen when someone with inside information unintentionally exposes your business to risk, either through: 

  • negligence, for example choosing to ignore security policies you have in place, or
  • accident – like accidentally sending sensitive information to an incorrect email address.

The risks

An attacker with inside knowledge can:

  • steal your trade secrets or (IP)
  • bring down your or your services, like your website
  • cause brand damage, affecting your reputation and share price.