Security news aggregator

Latest coverage for Insider Threat

Insider threats involve trusted users misusing authorized access, causing data loss, fraud, disruption, or exposure of sensitive systems and records.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Insider threat is the risk that someone with authorized access—such as an employee, contractor, partner, or former staff member—misuses that access, deliberately or accidentally. It can involve stealing sensitive data, abusing privileges, sabotaging systems, exposing information through mishandling, or enabling an attacker after an account is compromised. The defining issue is that activity may resemble legitimate work.

Security teams reduce this risk with least-privilege access, separation of sensitive duties, strong offboarding, and timely removal of unused accounts and credentials. Audit logs and access monitoring can help identify unusual downloads, privilege changes, or access outside a person’s role, while data-loss controls limit unauthorized movement of sensitive files. Monitoring should respect privacy and applicable employment or data-protection requirements. When suspicious activity is identified, response may include preserving logs, containing the account, reviewing accessed data, and coordinating security, legal, and human-resources processes.

Volume over time

Weekly headline count for the current query.

Showing 16 most recent headlines Filtered view
Bank Info Security 1 month, 2 weeks ago

AI Agents Are the New Insiders

Rethinking Insider Threats in the Age of Autonomous SystemsAI systems are no longer passive tools. They make decisions, execute multi-step workflows and access sensitive data repositories with minimal human intervention. They begin to resemble something security leaders understand very well yet are ill-equipped to manage in a digital form: insider risk.

Startup Exits Stealth Targeting Insider Risk, Shadow AI and GenAI Data ExposureCybersecurity startup Jazz has raised $61 million with an AI-driven approach to data loss prevention. Its platform deploys agent investigators that analyze data context, users, systems and processes to detect insider threats and risky AI usage more accurately than legacy rule-based tools.

Bank Info Security 9 months, 3 weeks ago

How Autonomous AI Agents Amplify Insider Threats

Sumitomo's Sawant on the Internal Risks of Autonomous AI AgentsAutonomous AI agents are shifting the nature of insider threats by operating at machine speed and mimicking human-level access and privilege. These synthetic entities can act independently within systems and carry out actions traditionally reserved for human users, introducing new security risks.

Researchers Say AI Bots Blur Lines Between Identity, Consent and Cyber DefenseAs generative AI programs continue to evolve, they are introducing new threats to the modern workplace. Digital twins, once confined to industrial systems, now enable hyper-realistic copies of actual employees to mimic vocal patterns, behaviors and even pick up on decision-making trends.

Ransomware, Quantum Computing, Geopolitics, Gen AI and More on the AgendaInfosecurity Europe is set to return June 3 to London. Hot topics at this year's event include everything from quantum computing, geopolitics and artificial intelligence, to supply chain attacks, insider threats and the cybercrime juggernaut that continues to be ransomware.

Ransomware, Quantum Computing, Geopolitics, GenAI and More on the AgendaInfosecurity Europe is set to return June 3 to London. Hot topics at this year's event include everything from quantum computing, geopolitics and artificial intelligence, to supply chain attacks, insider threats and the cybercrime juggernaut that continues to be ransomware.

Also: Why AI Falls Short in Zero Trust, Gaps in Insider Threat PreventionIn this week's update, ISMG editors discussed how AI is reshaping behavioral biometrics, the impact of AI on zero trust strategies and whether organizations are finally getting a handle on insider threats - or just throwing more money at a nagging problem.

Bank Info Security 1 year, 2 months ago

AI’s Invisible Data Risks and AI-Driven Insider Threats

Cyera CEO Yotam Segev on Data Security Risks From Copilot, ChatGPT, Other AI BotsArtificial intelligence tools such Microsoft Copilot, ChatGPT and Cortex AI offer enterprises incredible gains in workplace productivity and automation, but they also pose new risks to data security to the business, said Yotam Segev, co-founder and CEO of Cyera.

North Korea Continues Refining Profit-Making Scheme, Says CrowdStrike's Adam MeyersIn recent years, cash-starved North Korea has deployed legions of domestically trained workers to secure remote IT jobs to generate revenue for the Pyongyang-based regime. They can work for many months before being spotted, said Adam Meyers, head of counter adversary operations at CrowdStrike.

Bank Info Security 1 year, 3 months ago

Redefining Insider Risk in a Perimeterless World

OFX CISO Santanu Lodh on the Changing Nature of Insider Threats"The profile of insider risk has changed over a period of time," said Santanu Lodh, CISO at OFX. It is no longer confined to malicious intent. He explains how shifting workforce models, third-party engagement and evolving technology demand continuous monitoring and rethinking of security strategies.

Bank Info Security 1 year, 4 months ago

The Time to Speak to Employees About Insider Risk Is Now

Recent Upheavals in Job Market Underscore the Need for a Security-Minded CultureTechnology and training are key components of a strong insider risk program, but in times like these, the real key to success lies in your organization's culture. Do your employees feel valued? If the answer is no, your insider threat level could be off the charts.

Data Regulator Likely Reviewing Insider Threat Case at Intesa Sanpaolo BankIntesa Sanpaolo bank of Italy this week told the country's data regulator that an employee - who has since been fired - accessed sensitive banking details of the country's prime minister and other politicians for years. The Italian Data Protection Authority is investigating the data breach.

Healthcare organizations should rethink some of their approach to security, enhancing focus on insider threats, improving cyber awareness training and securing mobile applications and devices, said Ryan Witt, vice president of industry solutions at Proofpoint, discussing findings of a new study.