Cyber risks come not only from threat actors external to your company but also from insiders. Employees, former employees, and third parties who have the advantage of operating within a company’s perimeter can easily compromise confidential data, trade secrets, and even employee safety. Some of these compromises may happen inadvertently as the result of phishing schemes.
Many companies have data-loss prevention programs to help mitigate this risk. Other times, however, these compromises are malicious in nature. A malicious insider may have struggled with a recent life change that triggered bad behavior or exposed a vulnerability to act at the behest of a bad actor. Or, they may have intent to do harm for personal gain or because of a grievance with the company.