A security risk that originates from people within the organization who have authorized access to systems and may intentionally or unintentionally harm the organization.
Insider threats encompass malicious insiders (employees who intentionally harm the organization), negligent insiders (employees who inadvertently cause harm through careless actions), and compromised insiders (employees whose credentials have been stolen by external attackers). Research shows that 68% of breaches involve a human element, making insider risk management critical for organizational security.