Although “insider threat” is a commonplace term, it is a misnomer. “Insider risk” would more accurate since there is more to this than the threat posed by insiders.
“Insiders” in this context are primarily employees - both staff and management - of the organization, those on its payroll. “Outsiders”, then, are third-party employees (particularly those working for competitors or other adversaries) and unemployed people – a much larger group of course. In the government/military context, ‘foreigners’ (citizens of other nations and cultures, regardless of where they live) are generally considered outsiders too.
Insiders present an insidious threat within the organization. Their access and extensive knowledge of the organization's operations presents opportunities to exploit vulnerabilities, compromise information assets, commit fraud and sabotage, or steal and disclose information.
- Introduce insider threats, providing general context and background information;
- Expand on the information risks (threats, vulnerabilities and impacts) arising from and involving insiders, particularly for the management audience;
- Describe and promote the corresponding information security controls, which are numerous and varied (policies, procedures, practices, technologies …);
- Leave the lasting impression that the insider threat is real, antisocial and unacceptable.
Your situation may differ. Think about your learning objectives in relation to insider threats, or information risks involving workers. Are there any business angles or concerns to emphasize? What do you hope to achieve by increasing awareness of insider threats?
Insider threats awareness
This awareness and training module addresses the information security issues arising from workers (employees on the payroll and third party employees), particularly their deliberate attempts to compromise or harm the organization's interests.
This module directly complements the one on outsider threats.