Network Security Threat Insiders

An Insider Threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization’s security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems.

Some attacks, whether from criminals, terrorists or competitors seeking a business advantage, may rely upon the co-operation of an insider. This could be an employee or any contract or agency staff (e.g. cleaner, caterer, security guard) who has authorized access to your premises.

He or she may already be working for you, or may be someone newly joined who has infiltrated your organisation specifically in order to seek information or exploit the access that the job might provide.

Almost all physical and electronic attacks can be assisted or conducted by an insider. There are some attacks that can only be committed by insiders, such as the unauthorised release of proprietary information, or the sabotage of assets that only employees can access. In addition, there are some tactics that insiders are likely to use in the course of preparing or conducting their attacks, these include manipulation (deliberate attempts to acquire information or access by manipulating staff).