Who can be an insider threat? ~~
“An insider threat is a malicious threat to an organization that comes from people, such as employees, former employees, contractors, or business associates, who have inside information concerning the organization’s security practices, data, and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems. The insider threat comes in three categories: 1) malicious insiders, which are people who take advantage of their access to inflict harm on an organization; 2) negligent insiders, which are people who make errors and disregard policies, which place their organizations at risk; and 3) infiltrators, who are external actors that obtain legitimate access credentials without authorization”. Read more here