What is the Insider Threat?

I could get a dictionary definition here – but instead I will simply say it is a trusted employee betraying that trust and revealing your information to an unauthorised party. Most of us would immediately think people in high positions of trust selling high value information to your competitors and so you take steps to protect that type of information. But it could be someone in a less trusted role, having access to just what someone else wants. Such as the person at the breakdown service who knows you have had an accident and then gives your details to an claims company so they can phone you. Just like this:

Former RAC employee fined for stealing data of victims of road traffic incidents | ICO

Now there is not much anyone can do to stop this type of low level breaking of trust – what you need to have (just like the RAC had) is accountability in your systems so you can determine, who did what, to what and when. Then you can take action against the employee and show your accountability to the stakeholders who were affected.

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading

Credential sharing contributes to your insider risk – read about that here:

Credential Sharing and Passwordless – CyberAwake