A common lexicon needs to be developed so organizations can take a holistic approach to the insider threat. The CERT Insider Threat Center defines insiders as those who pose a substantial threat by virtue of their knowledge of, and access to, their employers’ systems and databases. A draft of the document should be available in the coming months, says Randy Trzeciak. The idea of combining physical and virtual security isn’t new, says Sony Chief Information Security Officer Phil Reitinger. “The private sector speaks the language of all hazards, they worry about risk,” he says.”]
Source: https://www.govinfosecurity.com/redefining-insider-threat-a-6121