U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

insider threat

Definition(s):

  The threat that an insider will use her/his authorized access, wittingly or unwittingly, to do harm to the security of the United States. This threat can include damage to the United States through espionage, terrorism, unauthorized disclosure, or through the loss or degradation of departmental resources or capabilities.
Source(s):
CNSSI 4009-2015 from CNSSD No. 504 - Adapted
NIST SP 800-171 Rev. 2
NIST SP 800-171 Rev. 1 [Superseded]

  An entity with authorized access (i.e., within the security domain) that has the potential to harm an information system or enterprise through destruction, disclosure, modification of data, and/or denial of service. 
Source(s):
NIST SP 800-53 Rev. 4 under Insider Threat from CNSSI 4009

  An entity with authorized access (i.e., within the security domain) that has the potential to harm an information system or enterprise through destruction, disclosure, modification of data, and/or denial of service.
Source(s):
NIST SP 800-53 Rev. 4 under Insider Threat from CNSSI 4009

  The threat that an insider will use her/his authorized access, wittingly or unwittingly, to do harm to the security of United States. This threat can include damage to the United States through espionage, terrorism, unauthorized disclosure of national security information, or through the loss or degradation of departmental resources or capabilities.
Source(s):
NIST SP 800-53 Rev. 4 under Insider Threat from Presidential Memorandum, National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs

  An entity with authorized access that has the potential to harm an information system through destruction, disclosure, modification of data, and/or denial of service.
Source(s):
NIST SP 800-32 under Inside threat

  The threat that an insider will use her/his authorized access, wittingly or unwittingly, to do harm to the security of organizational operations and assets, individuals, other organizations, and the Nation. This threat can include damage through espionage, terrorism, unauthorized disclosure of national security information, or through the loss or degradation of organizational resources or capabilities.
Source(s):
NIST SP 800-53 Rev. 5 from CNSSI 4009-2015 - Adapted

  The threat that an insider will use their authorized access, wittingly or unwittingly, to do harm to the security of the United States. This threat can include damage to the United States through espionage, terrorism, unauthorized disclosure, or through the loss or degradation of departmental resources or capabilities.
Source(s):
NIST SP 800-172