Insider threat is the risk posed by individuals who have legitimate access to systems and who, through action or inaction, may cause harm to information security.

The board needs metrics that connect human behavior to risk reduction, operational resilience, and value protection.

Although email phishing remains a significant vector, limiting defenses to this channel alone creates critical gaps in protection.