People are an organisation’s biggest asset and are generally recognised as the most important source of competitive advantage. However, they are frequently misunderstood, ineffectively leveraged and in some cases they can also become be greatest threat. The threat posed by insider’s, someone who (knowingly or unknowingly) misuses legitimate access to commit a malicious act or damage their employer is increasing. The strains and challenges that individuals experience in their personal lives, alongside the ever present activities of criminal and terrorist groups, and potentially the intelligence services of foreign states, results in an array of threat sources which organisations should consider during risk management processes and the subsequent design and implementation of mitigation methods.
Insider’s have traditionally been categorized as belonging to one of three groups;
• Exploited individuals
• Malicious opportunists
In a previous article, Insider Risk: A Fourth Element, we suggested that a fourth group should be considered, uneducated or non-compliant individuals. Alongside considering each of these types of insider, an added dimension should also be considered, one which focuses upon IT exploitation and been appropriately termed by the UK Centre for the Protection of National Infrastructure (CPNI) as a “Cyber Insider”.