According to Verizon Insider Threat Report which drawn from 2018 Verizon Data Breach Investigations Report (DBIR), there are five types of insider threat actors:
1. Careless Worker (misusing assets)
Employees or partners who misappropriate resources, break acceptable use policies, mishandle data, install unauthorized applications and use unapproved workarounds; their actions are inappropriate as opposed to malicious.
2. Inside Agent (stealing information on behalf of outsiders)
Insiders recruited, solicited or bribed by external parties to exfiltrate data.
3. Disgruntled Employee (destroying property)
Insiders who seek to harm their organization via destruction of data or disruption of business activity.
4. Malicious Insider (stealing information for personal gain)
Actors with access to corporate assets who use existing privileges to access information for personal gain.
5. Feckless Third Party (compromising security)
Business partners who compromise security through negligence, misuse, or malicious access to or use of an asset.
Only by seeing what threats lying in front of us, we can formulate a way to tackle them.