How insider fraud can be detected and avoided in the enterprise

The CERT/CC defines insider fraud as “an insider’s use of IT for the unauthorized modification, addition or deletion of an organization’s data (not programs or systems) for personal gain or the theft of information that leads to an identity crime.” The U.S. Secret Service defines identity crime as “the misuse of personal or financial identifiers in order to gain something of value and/or facilitate some other criminal activity.”

Information targeted for fraud covers a wide range of personal data, including personal identification data, personal financial data, and personal medical data. Understanding the insider threat requires understanding what motivates people to behave, whether that behavior is positive or negative.

Read more about IT sabotage and insider threats, and learn about the preventative measures organizations can take, on TechTarget.