August 24, 2018

What is Insider Threat? Identifying Types of Risky Insiders

by: Align

AdobeStock_70485377_Align_BusinessmanPhoto Credit: © peshkova -

What are insider threats?

Insider threats, also known as insider risks, can take multiple forms including malicious or inadvertent employees, contractors, business partners, consultants, former staff and other third-parties.

These many faces of threat pose significant dangers to organizations by leveraging the confidential information, strategic assets or authorized access they have been entrusted with to harm a company's data or security, wittingly or unwittingly.

What's worse about risky insiders is that some organizations undermine or overlook them as a security issue at all because they are preoccupied with thwarting malicious threats posed by outsiders, cybercriminals.

While both dangers are grave, a recent study by the Ponemon Institute revealed that enterprises spent twice the global average cost of breaches on insider threats in 2017. Furthermore, out of the 159 global organizations in North America, Europe, Africa, Middle East and Asia-Pacific that were interviewed for the study, each company experienced one or more material events caused by an insider.

Key takeaway: No one is immune.

To manage and mitigate insider risks and its associated costs, the first step is understanding the various types of insiders that could leave your environment in disorder. Below we have outlined five egregious models of risky insiders:

Negligent Insiders

Some employees may unintentionally avoid cybersecurity awareness training or security announcements because they are focused on completing their daily tasks. These are considered as the most precarious employees because their behavior is often consistent.

According to Ponemon's study, 64% of insider-related incidents were caused by negligent insiders over the past 12 months. At the opposite end of the spectrum, there are unhackable employees that complete security training and help prevent and protect their employers from cyber-related incidents. 

Inadvertent Insiders

These types of insiders come from employees who respect and comply with policies and participate in all the company’s security training, but they cause costly breaches due to an error or some misjudgments. For example, saving sensitive business data in personal devices or transferring information to personal accounts. 

Malicious Insiders

Malice, greed and corrupt motives combined with the election to enact inappropriately are what maketh a deliberate insider. For example, motivations for monetary rewards or personal gains cause this category of employees to misbehave and share company information with external parties, such as hackers or competitors.

Perhaps you've poured millions of dollars into product enhancements, spent massive resources to fortify perimeter defenses and dedicated decades to building strong client relationships and your company's prestigious reputation. However, if the adversary is within, all that is gone and useless in the blink of an eye. 

Collaborative Insiders

This category of insider is unique in that it involves multiple accomplices, both internal and external to an organization. In this scenario, numerous employees, or employees and third-parties are operating in tandem with criminals. This collaborative effort increases opportunities to perpetrate fraud, bypass security controls and restrictions, and conceal the crime longer.

According to a recent CERT study, collusion incidents committed by collaborative insiders have a duration that is nearly four times that of an adverse event caused by one insider. The study also found that although this is the rarest type of insider, it is among the hardest threats to detect by enterprises. 

Indignant Insiders

Gartner reported that 29 percent of employees tend to steal information after quitting or being fired. Indignant insiders are often attributed to ex-employees who have motivations for rewards, personal gains or revenge. This group of insiders usually start to gather data once they decide to resign or after being told to leave. 

Has your organization built and implemented an insider threat program?

With a wide variety of human behaviors, there is no single solution for overcoming insider risks. However, a multifaceted, layered approach to cybersecurity risk management will help combat insider threats. Align CybersecurityTM, Align's comprehensive risk management solution and award-winning Cybersecurity Advisory Practice, helps leading firms worldwide to design and implement a meaningful Cybersecurity Program that effectively cascades through the enterprise and fully integrates a customer's risk management objectives.

Through cybersecurity education, empowerment and accountability, with state-of-the-art tools and fully custom “white-glove” training, Align enables enterprises to effectively combat insider threats and change poor security habits into intelligent cybersecurity behavior. 

Align Cybersecurity offers tailored, advanced cybersecurity solutions encompassing Vulnerability Assessments/Penetration Testing, Cybersecurity Risk Management as a Service (Align Risk CSR), Customized Cybersecurity Programs, Third Party Management, Managed Threat Protection (Align Guardian), Cybersecurity Training and more.

Consider speaking with Align's cybersecurity and information security experts today, by clicking here or the button below. 

Contact Us ➜

Continue Reading

Related Articles


“Align is our trusted provider for all our Managed Services and cybersecurity needs. They provide us best-in-class IT services that not only help drive productivity and growth, but ensure we meet both current and evolving compliance and security requirements with ease. As consultants to financial advisors, trust and reliability are indispensable to our operations, which is why we never hesitate to refer Align to our very own client base. Align isn’t just our partner, they are an extension of our team. We look forward to entrusting them with our IT infrastructure for years to come.”

Ed Fasano - Experienced Advisory Consultants LLC