While threats to the confidentiality, integrity, and availability of data may originate from many types of attackers, the information security threats from trusted insiders—such as employees, vendors, and contractors—can be particularly insidious because the attackers have legitimate credentials on enterprise systems and networks. Insider threats may be difficult to detect because it can be challenging to differentiate between potentially harmful actions and an employee’s authorized work.
Share a relevant story—ideally based on your personal or professional experiences—about how a security incident originated with an attack vector that was opened, either maliciously or accidentally, by a trusted insider. Focus your discussion on the features that make this particular insider attack unique by describing the salient features of the attack, when and how the breach incident was discovered, the data that was illegally accessed, and the short- and long-term consequences of the attack to the organization.