A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Optiv Cybersecurity Dictionary Breadcrumb Home Cybersecurity Dictionary Insider Risk What is Insider Risk? Insider risk is the potential for an employee, contractor or other party with legitimate access to negatively impact an organization’s people, data or resources. Who Could Be an Insider? Insiders can be current or former employees, as well as current or former contractors, vendors, etc. Posed risks can be intentional (think: sabotage, intellectual property (IP) theft, espionage and fraud), and because malicious insiders use legitimate permissions, they’re often more difficult to detect than external threat actors and can therefore cause more damage. Risks can also be unintentional (human error, bad judgment, phishing, malware, unintentional aiding and abetting and stolen credentials). Regardless of intention, insider risk can negatively impact an organization's finances, reputation, business relationships, people and mission. Image Insider Risk: Why It Matters People are an organization’s most valuable asset. They drive operations forward, develop IP and perform tasks that bring value. But they also present a large risk to an organization’s security and wellbeing, both virtually and physically. These risks are on the rise. According to the Ponemon Institute’s Cost of Insider Threats Global Report, insider risk costs for organizations have jumped from $11.45 million in 2020 to an average of $15.38 million in 2021.1 The price on reputational damage, however, is often incalculable due to a loss of trust - something that an organization may never earn back. Despite these dangers, only an estimated 29% of organizations have an insider risk management solution.2 Because of the dual nature of insider risks, management programs aren’t a pure cybersecurity solution and must be implemented holistically across your organization. This change starts culturally and builds into a solution that proactively reduces risk and drives value. 1 https://www.proofpoint.com/sites/default/files/threat-reports/pfpt-us-tr-the-cost-of-insider-threats-ponemon-report.pdf2 https://www.code42.com/resources/reports/2021-insider-landscape-report Related Services Insider Risk Management Cyber Education CMMC Risk Automation & Reporting Related Terms Phishing Phishing is a fraudulent attempt to trick individuals into divulging sensitive information (usernames, passwords and banking details) by pretending to be a trusted source, often through an email communication. See Full Definition IAM – Identity and Access Management Identity Access Management (IAM) represents the processes, technology and people used to create, manage, authenticate, control and remove user (internal, external or customer) permission to corporate technology resources. See Full Definition Indicator or Compromise (IOC) Indicators of compromise (IOCs) are clues to compromise (pieces of forensic data, system log entries or files) that can be considered unusual and may identify potentially malicious activity on a system or network. See Full Definition TTPs – Tactics, Techniques and Procedures Tactics, techniques, and procedures (TTPs) define how hackers orchestrate and manage attacks. See Full Definition Other Sources Insider Threat Insights – Forrester Share: Contact Us