1. A person or group of persons within an organization who pose a potential risk through violating security policies.
2. One or more individuals with the access and/or inside knowledge of a company, organization, or enterprise that would allow them to exploit the vulnerabilities of that entity's security, systems, services, products, or facilities with the intent to cause harm.
Source: Explore Terms: A Glossary of Common Cybersecurity Terminology National Initiative for Cybersecurity Careers and Studies (NICCS) https://niccs.us-cert.gov/about-niccs/glossary
3. The risk that one or more individuals with the access to and/or internal knowledge of a company, organization, or enterprise would exploit the vulnerabilities of that entity’s security, systems, services, products, or facilities with the intent to cause harm.
Source: Cyber Threats to Elections – A Lexicon, Cyber Threat Intelligence Integration Center & Office of the Director of National Intelligence, https://www.dni.gov/files/CTIIC/documents/CTIIC_2018_Lexicon_without_banner_small_file_for_Post.pdf
4. The threat that an insider will use their authorized access, wittingly or unwittingly, to do harm to the organization.
Source: U.S. Cyberspace Solarium Commission, March 2020, https://subscriber.politicopro.com/f/?id=00000170-c638-d8f7-a7f1-f63b33510000