Definition[]
An internal threat comes from sources that are within an organization's networks, such as a disgruntled employee with access privileges who attempts to perform unauthorized activities. This encompasses company executives, employees, independent contractors, interns, etc., as well as internal infrastructure.
Also, an intruder who has successfully penetrated a network's perimeter defenses becomes an internal threat when the intruder attempts to compromise other parts of an organization's network security as a result of gaining access to one system within the network.