Recently, one executive of a NBA (National Basketball Association) team had his hard drive stolen and copied by a disgruntled employee. A reported 5,700 files had been copied that contained employment and player contracts as well as strategic and pertinent NBA information. The executive was the head of the analytics department and was responsible for sensitive proprietary information. Releasing such information could be damaging to any team or player involved. The employee worked around the NBA for at least 12 years.
The Cybersecurity and Infrastructure Security Agency (CISA) defines an insider threat as the potential for an insider, someone that the organization trusts and who may have access to sensitive information, uses that authorized access or understanding to harm the organization.
The "Malicious Insider" usually takes intentional actions to harm an organization for personal benefit or a personal grievance. The insider may manifest themselves in various ways: violence, sabotage, theft, or cyber related acts.
Any organization should consider an insider threat mitigation program. Learn to detect, identify, and assess any observable concerning behaviors and bring those behaviors to the attention of the organizations threat management team. Insiders that choose to turn to intentional malicious activity rarely commit some spontaneous act. They are usually the result of a thought out and deliberate decision to act.
“We discovered in our research that insider threats are not viewed as seriously as external threats, like a cyberattack. But when companies had an insider threat, in general, they were much more costly than external incidents. This was largely because the insider that is smart has the skills to hide the crime, for months, for years, sometimes forever.”
— Dr. Larry Ponemon.