An insider threat is a risk posed to an organization’s security, data, or systems by individuals who have access to its internal network. This can include current or former employees, contractors, business partners, or anyone with authorized access. Insider threats may be deliberate, such as malicious actions by disgruntled workers, or accidental, stemming from careless mistakes or negligent behaviors. These threats can result in data breaches, theft of intellectual property (IP), financial loss, and damage to the organization’s reputation. Managing insider threats effectively requires vigilant monitoring and implementing strong security measures to identify and mitigate potential risks.

Insider threats, such as IP theft by employees or contractors, pose significant risks when securing sensitive information in the form of unstructured data, such as office documents, PDFs, or CAD files. A 2020 survey by the Ponemon Institute, sponsored by ObserveIT and Proofpoint, found that 60% of organizations worldwide experienced over 30 insider-related incidents annually involving digital assets.

To help organizations address these threats, the National Insider Threat Awareness Month library at the Center for the Development of Security Excellence offers guides, real-world case studies, videos, and web-based games designed to detect, deter, and mitigate insider threats.