Insider threats or threats coming from inside the organization are common and often involve employees accidentally, unknowingly, or maliciously mishandling, exposing, or losing sensitive data. Anyone with physical or remote access to the organization's assets/network can cause cyber risk to the organization. This is the most critical area for small organizations.

The informed management will need controls in place to control insider threat risk, including non-disclosure and robust employee agreement, acceptable use policies, onboarding and off-boarding procedures, etc. The suggested e-Learning courses are designed to provide every employee with the basic knowledge about disasters, risks covered by DR, use cases, challenges, DR plans, etc.