Optiv Cybersecurity Dictionary

What is Insider Risk?

Insider risk is the potential for an employee, contractor or other party with legitimate access to negatively impact an organization’s people, data or resources. 


Insiders can be current or former employees, as well as current or former contractors, vendors, etc. Posed risks can be intentional (think: sabotage, intellectual property (IP) theft, espionage and fraud), and because malicious insiders use legitimate permissions, they’re often more difficult to detect than external threat actors and can therefore cause more damage. Risks can also be unintentional (human error, bad judgment, phishing, malware, unintentional aiding and abetting and stolen credentials). Regardless of intention, insider risk can negatively impact an organization's finances, reputation, business relationships, people and mission. 


Contact Us