Insider threat is commonly defined as a current or former employee, contractor or business associate who has information or access to an organization’s network, computer systems or data and utilizes this inside knowledge to harm the organization. Criminal and malicious insider threats include sabotage, theft, espionage and fraud. A Ponemon Institute study of 159 organizations with a 1,000 or more employees revealed that criminal and malicious insider threat incidents involving data breaches cost an average of $607,745 per incident.
Organizations protect their information from external threats by “hardening” their facilities and systems. Organizations protect their information from internal threats by limiting access. Obviously, this is ineffective against the insider who has access and wants to harm the organization. These individuals are frequently only identified after the harm to the organization has occurred.
MacKizer Behavioral Analysis Consulting assists organizations in preventing and addressing insider threat incidents. Our team provides organization managers training in identifying behavioral indicators of insider threat, conduct confidential risk assessments and provide mitigation strategies designed to manage the threat.