What does the term "internal threat" refer to?

• A. External hackers trying to breach security
• B. Risks posed by third-party vendors
• C. Risks posed by employees or contractors
• D. Natural disasters impacting data availability

Answer: (C)

The term "internal threat" specifically refers to risks posed by employees or contractors within an organization. These individuals have varying degrees of access to sensitive information and systems, which can lead to potential security breaches, whether intentional or accidental. Internal threats can manifest in many ways, such as disgruntled employees misusing their access to steal data, or employees unintentionally compromising security through negligence. The critical aspect of internal threats is that they originate from within the organization, contrasting with external threats that come from outside parties. Understanding this distinction is vital for organizations to develop effective security measures and training to mitigate risks associated with their own personnel.