Optiv Cybersecurity Dictionary

What is Insider Risk?

Insider risk is the potential for an employee, contractor or other party with legitimate access to negatively impact an organization’s people, data or resources. 


Who Could Be an Insider?

Insiders can be current or former employees, as well as current or former contractors, vendors, etc. Posed risks can be intentional (think: sabotage, intellectual property (IP) theft, espionage and fraud), and because malicious insiders use legitimate permissions, they’re often more difficult to detect than external threat actors and can therefore cause more damage. Risks can also be unintentional (human error, bad judgment, phishing, malware, unintentional aiding and abetting and stolen credentials). Regardless of intention, insider risk can negatively impact an organization's finances, reputation, business relationships, people and mission. 


Insider Risk: Why It Matters


People are an organization’s most valuable asset. They drive operations forward, develop IP and perform tasks that bring value. But they also present a large risk to an organization’s security and wellbeing, both virtually and physically. 
These risks are on the rise. 


According to the Ponemon Institute’s Cost of Insider Threats Global Report, insider risk costs for organizations have jumped from $11.45 million in 2020 to an average of $15.38 million in 2021.1 The price on reputational damage, however, is often incalculable due to a loss of trust - something that an organization may never earn back. Despite these dangers, only an estimated 29% of organizations have an insider risk management solution.2


Because of the dual nature of insider risks, management programs aren’t a pure cybersecurity solution and must be implemented holistically across your organization. This change starts culturally and builds into a solution that proactively reduces risk and drives value.


 1  https://www.proofpoint.com/sites/default/files/threat-reports/pfpt-us-tr-the-cost-of-insider-threats-ponemon-report.pdf
2  https://www.code42.com/resources/reports/2021-insider-landscape-report

Related Terms

Other Sources


Contact Us