Definitions: Internal Threat

Definition

Internal threat refers to the threat posed by the users of  an organization’s network and/or information systems. These users are insiders  in that they are authorized, at some level, to use the organization’s technological  resources. However, every user poses a threat to the integrity and availability  of those resources, either through malicious intent or accidental misuse.

Business applications

The internal threat is often considered an organization’s biggest security risk because users require a level of trust to carry out their  day-to-day tasks. Also, organizations tend to focus on securing the network perimeter from outsiders, as opposed to securing network resources from insiders.

Experts recommend educating users about security and proper computer use to help reduce internal threat. There are also technical controls organizations can implement. Together, security-awareness training and technical controls can help prevent malicious attacks and accidental misuse of IT resources.

Deployment concerns

There are several  dynamics to the internal threat. We’re not just talking about insiders sharing  passwords. There’s also the full-time telecommuter versus the office worker; the user working around stringent policies to get her work done versus the accountant shaving a few pennies off the numbers. Then, of course, there is the laid-off IT manager  who uses his access as blackmail. Organizations need to account for these many possibilities and implement appropriate risk-mitigation techniques.