What is an Insider Threat?
The CERT Divisionās definition of a malicious insider is a current or former employee, contractor, or business partner who meets the following criteria:
- has or had authorized access to an organizationās network, system, or data
- has intentionally exceeded or intentionally used that access in a manner that negatively affected the confidentiality, integrity, availability, or physical well-being of the organizationās information or information systems or workforce.
For the purpose of this guide, an unintentional insider threat is defined as a current or former employee, contractor, or other business partner who meets the following criteria:
- who has or had authorized access to an organizationās network, system, or data and who, through
- their action/inaction without malicious intent
- cause harm or substantially increase the probability of future serious harm to the confidentiality, integrity, or availability of the organizationās information or information systems
See the full guide here
iTM covers all aspects of cybersecurity from Home cyber security managed solutions to automated, manage threat intelligence, forensic investigations and cyber security training. Our objective is to support organisations and consumers at every step of their cyber maturity journey. Contact Us