Some more ways to define insider threats

CERT's Common Sense Guide to Mitigating Insider Threats defines an insider as a current or former employee, contractor, or business partner who meets the following criteria:

• Has or had authorized access to an organization's network, system, or data
• Has intentionally exceeded or intentionally used that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization's information or information systems