Insider threat incidents are possible in any sector or organization. An insider threat is typically a current or former employee, third-party contractor, or business partner. In their present or former role, the person has or had access to an organization's network systems, data, or premises, and uses their access (sometimes unwittingly). To combat the insider threat, organizations can implement a proactive, prevention-focused mitigation program to detect and identify threats, assess risk, and manage that risk - before an incident occurs.

This guide provides comprehensive information on how to establish or enhance an insider threat prevention and mitigation program. National governments and territorial authorities, as well as non-governmental organizations and the private sector, are encouraged to enhance their own security postures.