Document Type


Publication Date



The term insider threats refers to insiders who pose risks of harm to an organization’s valued assets, members, or reputation. •Malicious vs. non-malicious insider threats ▪ Malicious insiders pose intentional threats to an organization and are the focus of this summary. -Intentional threats are often categorized into specific incidents, such as sabotage, theft of intellectual property, fraud, espionage, and targeted violence. ▪ Non-malicious insiders do not aim to compromise the security or integrity of an organization. Still, they may do so unintentionally (i.e., by honest mistake) or through negligence (i.e., lack of care). - The sources of non-malicious threats have implications for threat management. For example, unintentional threats may be prevented through better training or procedures, whereas threats from negligence may be deterred through improved worker engagement.