Insider Threat

An insider threat is a security or cyber risk originating from people with authorized access: crew, shore staff, contractors, or vendors who act maliciously or carelessly. In shipping the exposure runs from a disgruntled engineer altering control-system settings, to a crew member plugging an infected personal USB drive into ECDIS, to a port employee leaking credentials. Because insiders bypass perimeter defenses, mitigation relies on least-privilege access, segregation of duties, removable-media controls, logging, and awareness training, all of which sit inside the safety management system under IMO Resolution MSC.428(98) and ISO/IEC 27001 controls.