I recently sat down with Mary K. Pratt (always wonderful to speak with her) to discuss “insider threats” for her CSO Online article.
My message was that the definition of an “insider” has fundamentally changed. It’s no longer just about disgruntled employees; it’s about a complex web of social engineering, digital savviness, and agentic AI.
Below are three critical takeaways from our discussion on “new” face of insider threats:
>> Social Media as a Recruitment Tool: Threat actors are using OSINT on social platforms to find “mercenaries”. By identifying employees under economic or personal pressure, they can bribe or blackmail insiders to do their dirty work.
>> The Rise of the “High-Risk” Average User: You don’t need to be a developer to be a threat. With modern digital tools and GenAI, the average staffer now has the capability to become a high-impact threat actor, intentionally or otherwise.
>> AI as the New Insider: We must start viewing AI agents as insiders. If an agent has privileged access and goes rogue — or is manipulated — it can exfiltrate data at machine speed. Essentially, AI has changed the paradigm of what constitutes an insider threat!
But what’s the solution? It’s time to move beyond “set and forget” background checks. Security pros must insist on regular, tiered background reinvestigations (especially for high-access roles), integrating behavioral signals with technical telemetry, and extending risk frameworks to include non-human/AI identities. In a world of remote work and outsourced contractors, trust must be continuous, not just a one-time onboarding event.
How is your organization adapting its Insider Risk Management framework for the AI era?
Check out the article here: https://lnkd.in/dkwhGMNE
Niel Harper 