An individual with authorized access who intentionally uses that access to harm the organization.
Malicious insiders deliberately steal data, commit fraud, or sabotage systems for personal gain, revenge, or other malicious purposes. Ponemon Institute 2025 research shows malicious insider incidents account for 26% of all insider threats but cause 42% of the total damage costs. These threats are particularly dangerous because perpetrators have legitimate access and understand organizational security controls.