Insight 25 July 2025

The hidden threat of insider risk – and how to prevent it

From terrorism to state-sponsored activity, most leaders are well-versed on the external threats that could impact their organisation.  

But what about insider risk – from those operating within?  

For this Perspectives article, Mitie Intelligence Services colleagues Scott Huntley and Scott Wesley reveal this threat is often dangerously overlooked and organisations need to act now.

In recent years, the rise in terrorism and malicious state-sponsored activity has brought greater focus to external threats to organisations. 

We have noticed this has been at the expense of what can happen internally.  

Insider risk must be accounted for in security strategies to avoid consequences that are at best disruptive – and at worst strike at the organisation’s very existence.

Access and knowledge are power

During a recent Mitie security audit for a large global corporation, it became clear there was nothing to prevent an employee from sabotaging a business-critical area of the estate. 

It’s a risk ‘blind spot’ that happens time and again, across business sectors. 

Many organisations fail to realise that due to access and knowledge, insiders have considerable power and can cause far more disruption than those operating externally. 

And this needs to change.

Ignorance towards increasing threat complexity 

Such oversight is regrettable but perhaps understandable. Leaders are dealing with high volumes of threats. However, there must be more awareness of their increasing breadth and complexity. After all, ‘insider risk’ and ‘external risk’ are umbrella terms that cover a wide range of activity including terrorism, sabotage and organised crime. 

In the wake of the tragic 2024 Southport stabbings, in which three young girls were murdered, Prime Minister, Sir Keir Starmer, acknowledged the complex nature of crime today, remarking, “Terrorism has changed.” He also noted that threats were increasingly posed by, “loners, misfits, young men in their bedroom,” rather than by organised groups.  

The same could be said for insider risk. Insider-enabled risks are constantly changing and motives for why an employee may turn to nefarious activity are diversifying. This is making it harder to mitigate and tackle the root cause.

No ‘silver bullet’ 

Even if an organisation does recognise the threat of insider risk, what can be done about it?  

There is no single ‘silver bullet’, but rather a range of security solutions are required. For example, adopting the National Protective Security Authority’s Insider risk Mitigation Framework (see below) supports organisations in preventing, detecting and managing insider risk. 

Insider risk mitigation framework
Figure 1: NPSA Insider Risk Mitigation Framework (Link – Reducing Insider Risk | NPSA

Management and culture are key

Good management also plays a role – and in our experience, organisations often fail to realise it. After all, when colleagues are valued and treated with respect, they are much less likely to become disenfranchised or use sabotage to address a perceived grievance. They also perform better and are more engaged, so a happy workforce delivers multiple benefits.  

All the same, it’s dangerous to assume everyone working for an organisation has its best interests at heart. Creating a culture where colleagues value security and feel able to raise concerns openly is beneficial. One of the best defences in this process is vigilance and the simple ‘power of hello’ to deter a hostile actor. Whether you are looking at cyber risks or physical security risks, vigilant staff can be the first and best line of defence – but it takes time, effort and engagement at all levels to have a vigilant and security alert culture.  

Online profile can be Achilles heel 

Activism comes in many forms but is often focused on bringing down high-profile individuals, such as CEOs. 

Luigi Mangione, who stands accused of the murder of UnitedHealthcare CEO, Brian Thompson, in the USA, is an extreme example. It is alleged Luigi’s motive was anger over healthcare insurance practices. 

In today’s world, where so much information exists on the internet, we’re finding online vulnerability reviews are increasingly popular to mitigate threats to prominent figures. 

Think about the volume of information that has accumulated about each of us during use of the internet. It’s just as staggering as the widespread assumption that all due precautions have been taken and there’s nothing to worry about. 

Even if an individual’s data is watertight, it’s likely private information can be obtained from their wider circle. For example, sharing a running route through a data-rich fitness application divulges favourite locations and the time you’re most likely to be there. 

This risk can also be mitigated by developing your organisation’s security culture and making sure everyone knows risks aren’t always obvious. Mitie’s approach recommends… 

  • Establishing an environment which supports, challenges and rewards employees. 
  • Developing proactive policies and procedures to deal with insider risk – far more effective than being reactive. 
  • Implementing physical and technical security measures, making sure ‘need to know’ and ‘need to access’ principles are adhered to, underpinned by screening and vetting.  
  • Providing education and training on the ramifications of insider risk and how to detect and report incidents.  
Man in a grey suit using a tablet while looking worried
Vigilant staff can be the first and best line of defence against insider risk.

Benefit to wider community 

Today businesses are increasingly conscious of their place within the community. From decarbonisation, to volunteering and providing satisfying employment, generating social value is a priority for the most dynamic organisations.  

Mitigating against insider risk, together with improving security in general, creates a positive ripple effect on the wider community. So, there are hidden benefits to eliminating what we’ve shown for many remains a hidden threat. For example, intelligence can stop disruption to infrastructure, transport networks and ‘business as usual’, avoiding associated costs and inconvenience. Additional security measures like lighting, CCTV, fencing and guarding positively impact local environments, instilling confidence that the area is safe and well-managed. 

Don’t fall victim 

A further benefit is that expert advice about insider risk from organisations like Mitie usually travels beyond the individuals involved in professional consultations. 

Precautions are shared with colleagues, family and friends, leading to increased awareness and adoption of safeguarding measures to prevent malicious activity. This helps to counteract what many organisations still unfortunately overlook. 

So, be alert, recognise the hidden threat and make sure your organisation doesn’t fall victim to insider risk. 

Find out more about Mitie Intelligence Services

Read next

See Resource Archive