Click the icons to navigate. Show Insider threats present a complex and dynamic risk affecting the public and private domains of all critical infrastructure sectors. This section provides an overview to help frame the discussion of insiders and the threats they pose; defining these threats is a critical step in understanding and establishing an insider threat mitigation program. I. What is an Insider?An insider is any person who has or had authorized access to or knowledge of an organization’s resources, including personnel, facilities, information, equipment, networks, and systems. Examples of an insider may include:
II. What Is Insider Threat?Insider threat is the potential for an insider to use their authorized access or understanding of an organization to harm that organization. This harm can include malicious, complacent, or unintentional acts that negatively affect the integrity, confidentiality, and availability of the organization, its data, personnel, or facilities. External stakeholders and customers of DHS may find this generic definition better suited and adaptable for their organization’s use. The Cyber and Infrastructure Security Agency (CISA) defines insider threat as the threat that an insider will use his or her authorized access, wittingly or unwittingly, to do harm to the Department’s mission, resources, personnel, facilities, information, equipment, networks, or systems. This threat can manifest as damage to the Department through the following insider behaviors:
III. What Are the Types of Insider Threats?The insider threat can be either unintentional or intentional.
IV. How Does an Insider Threat Occur?Insider threats manifest in various ways: violence, espionage, sabotage, theft, and cyber acts. Expressions of insider threat are defined in detail below.
V. What Resources Are Available to Learn about Insider Threats?Carnegie Mellon University Software Engineering Institute’s the CERT Definition of 'Insider Threat' provides an updated definition of insider threat, including the potential for physical acts of harm. |