Insider Threat Awareness

Insider Threat Awareness

What Is Insider Threat Awareness?

We have all become somewhat familiar with basic practices recommended in order to enhance business security at the small or medium size business.  A general, all hazards approach will reduce overall risk, make for a more secure environment and hopefully prove useful over time.  Addressing general threats to business longevity and profitability does not have to be particularly burdensome.  Minimizing physical threats to your infrastructure and equipment that stem from broken or damaged structures, debris in hallways or access routes, faulty electrical lines, etc. is crucial to employee and customer/client safety.

You have likely heard of the “insider threat”, but maybe have not spent much time on it since in fact it is so expansive and pervasive that companies must implement strict protocols in order to even begin to address this issue. The insider threat can be described as those hazards and risks-including physical, cyber, monetary and reputational, that are derived or stem from employees-even former employees-as well as contractors who have access to your products, patents, technology, strategic plans-including marketing plans and employee information.

Probably the most famous insider threat case is that of Edward Snowden, the former NSA contractor with broad access to some of the nation’s most sensitive secrets. Snowden, who has been indicted by the US Department of Justice on espionage and other charges, has sought asylum in Russia and has been living there for the past three years. His alleged insider activity includes theft of government secrets by downloading hundreds of thousands of classified NSA and CIA documents and subsequently disseminating them to the public through a journalist, Glenn Greewald, formerly of The Guardian. In committing the alleged activity, Snowden hurt national security by compromising sources, techniques and intelligence collection priorities and goals, which are the exclusive property of the US government.  He had no right to abscond with the material and he did so with the specific intention of hurting US government interests.  This is a glaring example of the insider threat.

But what are some other types of insider threat activity? Consider the following possibilities:

  • A software designer with a “non compete” rider in his contract takes off with nothing more than his skills and knowledge of your latest app design and provides it to a competitor in exchange for a new job. Threat? Crime?  It may be both.
  • A truck driver working for a shipper that transports your merchandise suddenly absconds with the day’s deliveries, composed mainly of televisions, computer hardware and other electronics. He’s not your employee, but he has access to your warehouse and merchandise. How do you foresee something like this and what measures can you take to prevent it from recurring?
  • Your new system for converting steam into clean energy for powering automobiles has been patented and is proprietary. Why is a similar version showing up in a competitor’s new models? Has your intellectual property been stolen or compromised somehow? How was the compromise carried out? Was it deliberate or inadvertent? Who gave up the protected information?
  • A law enforcement officer has developed a drug habit and he is eventually arrested for stealing evidence, including money and drugs. Many of your department’s cases are now compromised and defense attorneys are asking the courts to overturn convictions of their clients where it can be shown that evidence was collected or accessed by the suspect officer. Is this an insider threat? The reputational damage to the department is potentially huge.

The above scenarios are hypothetical but similar situations involving insiders have occurred in the past. The insider threat is one of the most dangerous, but still it remains shadowy and hard to detect. What are some indicators that might suggest a person is or risks becoming a threat to your operations? What preventive measures can you take to protect your business? How much intrusion into or monitoring of an employee’s behavior on the job is legal?

We’ll address some of these questions articles. In the meantime, check out our Facebook page and follow us for insightful security perspectives and recommendations.