Skip to main content

Insider threat - Managing people security

Published on 22 January 2020

What types of threat do organisations experience?

Unintentional threats come from people who, without intending to cause harm, carry out some action which damages the organisation. This could be as simple as someone clicking on a link in a phishing email or inserting an infected USB stick into their networked computer.

Disgruntled employees or former employees could pose a threat to their organisation if their accesses are not properly managed. Access includes physical access to buildings and other physical assets as well as access to IT systems, applications and other web based accounts.

Administration access rights abuses are particularly dangerous for an organisation: these happen when someone who has legitimate access to systems abuses their access rights to compromise data or exploit weaknesses in a system (see Privileged Users).