Stay informed on insider threat risks with the latest news, strategies for prevention, and insights into mitigating internal cybersecurity breaches.
Search across headline titles and summaries.
Background for this topic.
Insider Threat is a security risk that originates from within the targeted organization. This threat typically involves current or former employees, contractors, or business associates who have access to sensitive information or privileged systems within the organization. In the context of information security, an insider threat can manifest in various forms, such as intentional data breaches, theft of intellectual property, sabotage of IT systems, or unintentional exposure of confidential data due to negligence or a lack of awareness.
Insider threats are particularly challenging to detect and mitigate because insiders inherently possess legitimate access to the organization's resources, making malicious activities harder to distinguish from routine operations. Protecting against insider threats requires a multi-layered approach, including robust access controls, regular monitoring of user activities, strict data protection practices, employee training on cybersecurity awareness, and a prompt response plan for potential incidents.
Weekly headline count for the current query.
Rethinking Insider Threats in the Age of Autonomous SystemsAI systems are no longer passive tools. They make decisions, execute multi-step workflows and access sensitive data repositories with minimal human intervention. They begin to resemble something security leaders understand very well yet are ill-equipped to manage in a digital form: insider risk.
Startup Exits Stealth Targeting Insider Risk, Shadow AI and GenAI Data ExposureCybersecurity startup Jazz has raised $61 million with an AI-driven approach to data loss prevention. Its platform deploys agent investigators that analyze data context, users, systems and processes to detect insider threats and risky AI usage more accurately than legacy rule-based tools.
AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey.
The call is coming from inside the house opinion Maybe everything is all about timing, like the time (this week) America's lead cyber-defense agency sounded the alarm on insider threats after it came to light that its senior official uploaded sensitive documents to ChatGPT.…
CISA urges action against insider threats with publication of a new infographic offering strategies to manage risks
Where the shiny new FOMO object collides with insider-threat reality AI agents arrived in Davos this week with the question of how to secure them - and prevent agents from becoming the ultimate insider threat - taking center stage during a panel discussion on cyber threats.…
Lock 'em down interview AI agents represent the new insider threat to companies in 2026, according to Palo Alto Networks Chief Security Intel Officer Wendi Whitmore, and this poses several challenges to executives tasked with securing the expected surge in autonomous agents.…
Hackers impersonate IT pros with deepfakes, fake resumes, and stolen identities, turning hiring pipelines into insider threats. Huntres sLabs explains how stronger vetting and access controls help stop these threats. [...]
Security analyst Michael Robinson spent 14 months mining thousands of legal filings to uncover who malicious insiders really are, how they operate, and why traditional detection models keep missing them.
The FinWise breach shows that when insider threats strike, encryption is the last line of defense. Penta Security's D.AMO platform unites encryption, key management, and access control to keep sensitive data secure. [...]
AI is transforming cybersecurity—from detecting phishing and insider threats to accelerating response. See how Waziuh, the open-source XDR and SIEM, integrates AI to turn raw security data into actionable insights and smarter threat hunting. [...]
Threat actors claiming to represent the Medusa ransomware gang tempted a BBC correspondent to become an insider threat by offering a significant amount of money. [...]
Sumitomo's Sawant on the Internal Risks of Autonomous AI AgentsAutonomous AI agents are shifting the nature of insider threats by operating at machine speed and mimicking human-level access and privilege. These synthetic entities can act independently within systems and carry out actions traditionally reserved for human users, introducing new security risks.
Researchers Say AI Bots Blur Lines Between Identity, Consent and Cyber DefenseAs generative AI programs continue to evolve, they are introducing new threats to the modern workplace. Digital twins, once confined to industrial systems, now enable hyper-realistic copies of actual employees to mimic vocal patterns, behaviors and even pick up on decision-making trends.
Ransomware, Quantum Computing, Geopolitics, Gen AI and More on the AgendaInfosecurity Europe is set to return June 3 to London. Hot topics at this year's event include everything from quantum computing, geopolitics and artificial intelligence, to supply chain attacks, insider threats and the cybercrime juggernaut that continues to be ransomware.
Ransomware, Quantum Computing, Geopolitics, GenAI and More on the AgendaInfosecurity Europe is set to return June 3 to London. Hot topics at this year's event include everything from quantum computing, geopolitics and artificial intelligence, to supply chain attacks, insider threats and the cybercrime juggernaut that continues to be ransomware.
Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow. Just fixing problems isn’t enough anymore—resilience needs to be built into everything from the ground up.
Also: Why AI Falls Short in Zero Trust, Gaps in Insider Threat PreventionIn this week's update, ISMG editors discussed how AI is reshaping behavioral biometrics, the impact of AI on zero trust strategies and whether organizations are finally getting a handle on insider threats - or just throwing more money at a nagging problem.