What is it?
a party who uses unsophisticated methods who partake in attempting to compromise the cybersecurity of an organisation. They usually act alone and normally utilise scripts or software that are publicly available or even purchased and are opportunistic, rather than targeting. This means though they pose less of a threat to large organisations who have protections against more sophisticated threat actors, they pose a more commonplace threat among all organisations, with their indiscriminate attacks. AKA script kiddie, skiddie.
Why is it mentioned?
Though skiddies may be considered less of a threat than some other threat actor types, they are commonplace, and can cause major damage if even the smallest of things are missed (EG missing a security update on one of many public web services). Therefore, it is still important to take skiddies into consideration when assessing an organisation’s cybersecurity.