Potential Risk Indicators: Insider Threat: What is the 'Something' We Should Be Looking for? [open pdf - 1MB]
From the Document: "An Insider Threat is anyone with authorized access who uses that access to wittingly or unwittingly harm the organization and its resources. Insiders can be employees, vendors, partners, suppliers, etc.; they are individuals that you provide access to your facilities and/or information. Trusted insiders may commit malicious acts, such as fraud, theft, sabotage, espionage, unauthorized disclosure, workplace violence, and more. Unwitting insiders may inadvertently disclose sensitive information, unknowingly download malware, or facilitate other cybersecurity events. Anyone can be a potential insider threat. All organizations are vulnerable."
Center for Development of Security Excellence: https://www.cdse.edu/