Introduction to Insider Risk

If you're new to the topic, get started here with this helpful insider risk overview

Last Updated 10 November 2023

Understand the issue and what it means for you 

People are an organisation’s biggest asset, however in some cases, they can also pose an insider risk. Find out what this means for you and what measures you can take to protect your assets from internal and external threats. 

On this page you will find out:

  • What is insider risk (definitions) ​

  • Types of insider events ​

  • What creates insider threat? ​

  • How a multi-specialist approach can help ​

What is insider risk?

As organisations implement increasingly sophisticated physical and cyber security measures, the recruitment of insiders becomes a more attractive option for external parties seeking to gain access to your resources.

Insider Any person who has, or previously had, authorised access to or knowledge of the organisation’s resources, including people, processes, information, technology, and facilities.
Insider Risk The likelihood of harm or loss to an organisation, and its subsequent impact, because of the action or inaction of an insider.
Insider Threat An insider, or group of insiders, that either intends to or is likely to cause harm or loss to the organisation. 
Insider Event The activity, conducted by an insider (whether intentional or unintentional) that could result in, or has resulted in, harm or loss to the organisation.  


More background to the definitions can be found here.

What creates insider threat?

The behaviours and motivations for insider threat are complex, made up of  a combination of individual personality factors, lifestyle stressors and organisational vulnerabilities. You can read more about it, in the Insider Data Collection Study Report.

Types of Insider Event

Insider events take different forms, and their consequences can be widespread, loss of assets, eroding staff morale and even shattering your reputation.

Passing on privileged information (for example to a state actor or competitor) without permission. ​

Most notably, but not exclusively, fraud.

Helping a third party access an organisation’s assets including premises, information and people without permission.

Physical or virtual sabotage can be both an organisational and a reputational crisis, creating long-term effects.

Insider violence includes any action or threat of physical violence, harassment, sexual harassment, intimidation, bullying or other threatening behaviour by a co-worker in the workplace. 

How a multi-specialist approach can help

For an Insider Risk Mitigation Programme to be effective it will require senior decision makers having an understanding of insider risk which translates into visible engagement and oversight from them.  But, effective mitigation is a team sport,   requiring collaboration from the key stakeholders across the business.   Knowing what assets and systems need to be protected from clearly identified threats is vital in providing ongoing support to your insider risk programme.

The NPSA Insider Risk Mitigation Framework provides full guidance to support getting your programme up and running.

Did you find this page useful? Yes No