Let’s take a look at some of the major terms
and concepts you will need to understand as we move forward with this module.
A trusted employee of any organization or entity is called an “insider.”
An insider has access to or knowledge of the organization’s sensitive information, materials,
or physical locations. An insider does not, however, have to be a current employee. Any
current or past employee who has at any point had contact with sensitive information, materials,
or physical locations is considered an insider. Although commonly depicted in Hollywood as
a mole in key government positions or large international businesses, an “insider” could
include anyone with any kind of access to physical locations or information, such as
a bank teller dealing with client accounts, or simply a janitor at a nuclear facility.
Insiders are not inherently dangerous, and are even necessary for organizations to function.
However, the prevalence of such personnel leaves the organization vulnerable to exploitation.
These insiders are human too, which means they are susceptible to outside factors and
pressures which may cause them to engage in criminal acts.
An “insider threat” is the potential for malicious action to be taken by an insider, with the
intent to abuse or exceed their access to sensitive material or information. In short,
an “insider threat” is the ability for an insider to use their access to harm the organization
or entity. The objective of such behavior is to exploit the vulnerabilities of the organization’s
security, facilities, products, or services, in an effort to cause harm or sabotage, or
to aid outsiders to do so. This threat can also be unintentional, but we will discuss
that in a bit.