<aside> <img src="/icons/library_gray.svg" alt="/icons/library_gray.svg" width="40px" /> Cybersecurity threats that originate from within the organization are called Insider Threats

</aside>

Insider threats can take various forms:

• Data Theft
• Sabotage
• Misuse of access privileges

Each insider threat is driven by different motivations:

• Some are driven by financial gain and they want to profit from the sale of sensitive organizational data to others
• Some may be motivated by revenge and are aiming to harm the organization due to some kind of perceived wrong levied against the insider
• Some may take actions as a result of carelessness or a lack of awareness of cybersecurity best practices

REMEMBER

Insider threat refers to the potential risk posed by individuals within an organization who have access to sensitive information and systems, and who may misuse this access for malicious or unintended purposes

To mitigate the risk of an insider threat being successful, organizations should implement the following:

• Zero-trust architecture
• Employ robust access controls
• Conduct regular audits
• Provide effective employee security awareness programs