Monthly Threat intelligence, cyber security and regulation news – straight into your inbox. Sign up to our newsletter

Insider Threat – How your own employees are your biggest risk

Insider threats are often overlooked in discussions about cyber security, yet they represent some of the most significant risks organisations face today. Based on findings from our 2025 Cyber Resilience Report, this blog explores how insider threats manifest across industries and demographics, the challenges they present, and practical steps to mitigate them.

 

What is an Insider Threat?

Insider Threat can be defined as where a threat occurs inside of an organisation.

Unlike external attackers, these threats can come in the form of employees, contractors, or partners who have authorised access to sensitive data and systems. These risks may be intentional, driven by malicious intent, or unintentional, caused by carelessness or even just human error.

Regardless of the cause, insider threats can have big impact, often resulting in data breaches, financial losses, and harm to an organisation’s reputation. Addressing these risks is essential to developing a comprehensive cyber security strategy.

 

Why Insider Threats Are a Growing Concern

According to our research, 73% of cyber risk owners believe that a lack of employee diligence is the root cause of most cyber attacks. This underscores a critical truth: employees, whether through errors, neglect, or malicious intent, are often a weak link in cyber defences.

One of the most pressing concerns highlighted in the report is the unauthorised use of AI tools like ChatGPT and Microsoft Copilot. While these tools allow for increased productivity, 41% of employees admit to using them at least weekly, often without employer approval. This practice not only introduces new vulnerabilities but also highlights the vast gap between cyber policies and employee behaviour.

 

The Demographic Divide

Our findings reveal intriguing patterns in how insider threats vary by demographics:

  • Age Differences: Younger employees (18-24) are both the most likely to use unauthorised software and the most frequent victims of cyber-attacks, with 51% experiencing an attack – 20% in the past year alone. Conversely, workers aged 55+ show lower engagement with unauthorised tools but demonstrate a stronger collective sense of responsibility for cyber security.
  • Gender Disparities: Men are more likely than women to use AI tools regularly (19% vs 12%), but women are less likely to fully understand their company’s AI policies. This lack of awareness further widens the gap between policy intentions and practical application, creating additional vulnerabilities. Men are also more likely to fall victim to a cyber attack at work (56% vs 32% of women), highlighting the risks associated with unauthorised AI usage.

 

Insider Threats by Industry

The report also highlights variations in insider risk across sectors:

  • Professional Services: Employees in this sector lead in AI tool adoption, with 65% using tools like ChatGPT weekly. While this reflects an eagerness for efficiency, it also introduces risks if policies are unclear or ignored.
  • Financial Services: Although 41% of employees in this industry use AI tools weekly, many organisations lack robust AI usage policies, leaving them vulnerable to insider errors.
  • Healthcare: With only 29% of employees using AI tools, this sector demonstrates lower risk. However, complex operational environments and legacy technology make it particularly susceptible to human error.

 

Bridging the Gap: Engagement and Accountability

One of the starkest insights from our research is the engagement gap in cyber security training. While 84% of cyber risk owners believe employees are engaged in training, only 27% of employees describe themselves as very engaged. This disconnect weakens organisational resilience, as employees may lack the skills to recognise or respond to threats.

Additionally, employees often misunderstand their role in maintaining security. Many see it as the responsibility of the IT team, with only 21% identifying themselves as accountable. This misalignment between perception and reality makes it critical for organisations to foster a culture of shared responsibility.

Tackling Insider Threats: Practical Solutions

Our findings underscore the need for a holistic approach to addressing insider threats:

  1. Strengthen Communication
    Ensure employees understand why security policies exist and how they apply to their roles. Clearer communication about AI policies, in particular, is crucial, as many employees remain unaware of these rules.
  2. Tailor Training
    Customised, scenario-based training resonates with employees. For instance, 75% of workers said training that involves real-life scenarios or addresses personal online safety would improve engagement.
  3. Monitor AI Usage
    Establish clear policies for AI adoption and enforce them through transparent oversight. Partnering with employees to understand their needs can help reduce the unauthorised use of risky tools.
  4. Adopt Advanced Detection Tools
    Implement solutions like role-based access controls and behaviour analytics to identify and mitigate insider risks in real time. These tools help organisations quickly detect anomalies and limit the potential damage of insider incidents.

 

Building Collective Resilience

Addressing insider threats requires more than policies and training…it demands a shift in an entire organisational culture.

Cyber security must be seen as a collective effort, with employees actively engaged as defenders of the organisation. By closing the engagement gap, improving communication, and integrating effective tools, businesses can turn their insider vulnerabilities into strengths.

At e2e-assure, we aim to empower organisations to tackle insider threats through customised strategies and cutting-edge technology recommended by our expert team. With the right tools and people in your extended team, we can help you build a resilient, secure workforce.

You can download our full Futureproofing AI in 2025 report here.

Related Posts

As 2024 draws to a close, now felt like the perfect time to reflect and summarise our ‘Year In Review’ for what has been a

The Digital Operational Resilience Act (DORA) is set to redefine cyber security priorities for financial services across the EU. With enforcement beginning on 17th January