An Insider Threat Program is aimed at reducing the risk to the organization from trusted individuals that cause harm to the organization from the inside. These individuals have access to resources, strategy, personnel and locations specific to the organization and are able to exploit the weakness in processes or persuade personnel. The key steps to developing an insider threat management program, includes defining Insider Threats, Detecting and Identifying Insider Threats, Assessing Insider Threats, and Managing Insider Threats. Within the context of defining insider threats, the potential exists for espionage, terrorism, unauthorized disclosure of information, corruption, participation in international organized crime, sabotage, workplace violence, and intentional or unintentional loss or degradation of department resources and capabilities

 

URL:  Insider Threat

Insider Threat Mitigation | Cybersecurity and Infrastructure Security Agency CISA

Defining Insider Threats | CISA