IT teams that solely focus on finding adversaries external to the organization only get half the picture. Insider threats are internal actors such as current or former employees that pose danger to an organization because they have direct access to the company network, sensitive data, and intellectual property (IP), as well as knowledge of business processes, company policies or other information that would help carry out such an attack.
Internal actors that pose a threat to an organization tend to be malicious in nature. Some motivators include financial gains in exchange for selling confidential information on the dark web, and/or emotional coercion using social engineering tactics, such as pretexting or business email compromise (BEC) attacks. On the other hand, some insider threat actors are not malicious in nature but instead are negligent in nature. To combat this, organizations should implement a comprehensive cybersecurity training program that teaches stakeholders to be aware of any potential attacks, including those potentially performed by an insider.