Security news aggregator

Latest coverage for Insider Threat

Insider threats involve trusted users misusing authorized access, causing data loss, fraud, disruption, or exposure of sensitive systems and records.

49 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Insider threat is the risk that someone with authorized access—such as an employee, contractor, partner, or former staff member—misuses that access, deliberately or accidentally. It can involve stealing sensitive data, abusing privileges, sabotaging systems, exposing information through mishandling, or enabling an attacker after an account is compromised. The defining issue is that activity may resemble legitimate work.

Security teams reduce this risk with least-privilege access, separation of sensitive duties, strong offboarding, and timely removal of unused accounts and credentials. Audit logs and access monitoring can help identify unusual downloads, privilege changes, or access outside a person’s role, while data-loss controls limit unauthorized movement of sensitive files. Monitoring should respect privacy and applicable employment or data-protection requirements. When suspicious activity is identified, response may include preserving logs, containing the account, reviewing accessed data, and coordinating security, legal, and human-resources processes.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 49
Bank Info Security 1 month, 2 weeks ago

AI Agents Are the New Insiders

Rethinking Insider Threats in the Age of Autonomous SystemsAI systems are no longer passive tools. They make decisions, execute multi-step workflows and access sensitive data repositories with minimal human intervention. They begin to resemble something security leaders understand very well yet are ill-equipped to manage in a digital form: insider risk.

Startup Exits Stealth Targeting Insider Risk, Shadow AI and GenAI Data ExposureCybersecurity startup Jazz has raised $61 million with an AI-driven approach to data loss prevention. Its platform deploys agent investigators that analyze data context, users, systems and processes to detect insider threats and risky AI usage more accurately than legacy rule-based tools.

Krebs on Security 4 months, 1 week ago

How AI Assistants are Moving the Security Goalposts

AI-based assistants or "agents" -- autonomous programs that have access to the user's computer, files, online services and can automate virtually any task -- are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey.

Lock 'em down interview AI agents represent the new insider threat to companies in 2026, according to Palo Alto Networks Chief Security Intel Officer Wendi Whitmore, and this poses several challenges to executives tasked with securing the expected surge in autonomous agents.…

Bank Info Security 9 months, 3 weeks ago

How Autonomous AI Agents Amplify Insider Threats

Sumitomo's Sawant on the Internal Risks of Autonomous AI AgentsAutonomous AI agents are shifting the nature of insider threats by operating at machine speed and mimicking human-level access and privilege. These synthetic entities can act independently within systems and carry out actions traditionally reserved for human users, introducing new security risks.

Researchers Say AI Bots Blur Lines Between Identity, Consent and Cyber DefenseAs generative AI programs continue to evolve, they are introducing new threats to the modern workplace. Digital twins, once confined to industrial systems, now enable hyper-realistic copies of actual employees to mimic vocal patterns, behaviors and even pick up on decision-making trends.

Ransomware, Quantum Computing, Geopolitics, Gen AI and More on the AgendaInfosecurity Europe is set to return June 3 to London. Hot topics at this year's event include everything from quantum computing, geopolitics and artificial intelligence, to supply chain attacks, insider threats and the cybercrime juggernaut that continues to be ransomware.

Ransomware, Quantum Computing, Geopolitics, GenAI and More on the AgendaInfosecurity Europe is set to return June 3 to London. Hot topics at this year's event include everything from quantum computing, geopolitics and artificial intelligence, to supply chain attacks, insider threats and the cybercrime juggernaut that continues to be ransomware.

Loading more headlines...