People Risk
Understand the Risk People Pose to Your Organisation
People are often said to be an organisation’s greatest asset, but they can also be a weakness. Insider threats come from current and former employees, contractors, or business partners who may misuse their knowledge or access to harm people, customers, assets, or reputation.
An ‘insider threat’ is any person who exploits, or intends to exploit, their legitimate access to an organisation’s assets to cause harm, either wittingly or unwittingly, through espionage, unauthorised disclosure of information, or degradation of a resource or capability.
Studies show that most insiders who breach security usually had no malicious intent when they began working. They may become apathetic or ‘go bad’ due to later events.
Common Ways an Insider May Breach Security
Common insider acts include:
- Unauthorised disclosure of official, private, or proprietary information
- Fraud, process corruption, or economic/industrial espionage
- Theft, violence, or physical harm to others
Common Reasons an Insider May Breach Security
Insiders are usually motivated by a mix of factors and pressures, such as:
- Revenge against an employer or colleagues
- Fear of job loss
- Greed or financial gain
- Political or religious ideology
- Ego or notoriety
- Coercion or manipulation from a third party
Investigations often find a pattern of past security-related behaviour. In some cases, individuals have been flagged by previous managers.