Quiz Entry - updated: 2026.07.14
Which actor profiles should be considered when thinking about insider threats and human-factor risks?
Eight classic profiles: frustrated employees, intelligence services, industrial spies, hackers, whistleblowers, software developers, service providers, and administrators.
| Actor | Typical motivation / risk |
|---|---|
| Frustrierte Mitarbeitende | Revenge, perceived injustice — data theft or sabotage on the way out |
| Geheimdienst (intelligence service) | State interests — long-game espionage, recruiting insiders |
| Industriespion | Competitor advantage — targeted theft of trade secrets |
| Hacker | Money, fame, challenge — uses people as the entry point (social engineering) |
| Whistleblower | Moral conviction — leaks internal data, legality and legitimacy may diverge |
| Softwareentwickler | Privileged code access — backdoors, but mostly unintentional vulnerabilities |
| Dienstleister (service provider) | Third party with inside access — supply-chain risk, weakest-link problem |
| Administrator | Maximal privileges — both the most dangerous insider and the most valuable defender |
The common thread: access × motivation = risk. Profiles differ in intent (from malicious to well-meaning) but all show why security can't stop at the perimeter — most of these actors are already inside it.