Insider Threat

An insider threat is a security risk originating from within an organization, typically from current or former employees, contractors, or business partners who have authorized access to systems or data. Insider threats may be malicious, such as data theft or sabotage, or unintentional, such as accidental data exposure. In third-party cyber risk management, insider threats at a vendor organization represent a risk pathway that external scanning alone cannot fully address.