Enemies within: Redefining the insider threat in organizational security policy

The critical importance of electronic information exchanges in the daily operation of most large modern organizations is causing them to broaden their security provision to include the custodians of exchanged data – the insiders. The prevailing data loss threat model mainly focuses upon the criminal outsider and mainly regards the insider threat as ‘outsiders by proxy’, thus shaping the relationship between the worker and workplace in information security policy. A policy that increasingly takes the form of social policy for the information age as it acquires the power to include and exclude sections of society and potentially to re-stratify it? This article draws upon empirical sources to critically explore the insider threat in organizations. It looks at the prevailing threat model before deconstructing ‘the insider’ into various risk profiles, including the well-meaning insider, before drawing conclusions about what the building blocks of information security policy around the insider might be.