An insider is someone who (knowingly or unknowingly) misuses legitimate access to commit a malicious act or damage their employer. These days, most insider acts involve IT exploitation termed “Cyber Insider”. CPNI has been engaging with industry and academia through a broad range of research initiatives that aim to improve IT monitoring capabilities to identify insider precursors and behaviour; raising awareness in employer and employee communities about insider threats; establish methods for designing IT and policies to deter staff from committing insider acts; designing IT and work practices to block insider acts.
See the video below on system sabotage - a common insider act involving exploitation of IT.
Further information on protecting against insider acts is available under Related Pages below, covering guidance on insider risk assessment.
Follow this link to visit the Legal Considerations for Employee IT Monitoring page.