INSIDER THREATS

INSIDER THREATS

 

 

Whenever I meet with end users it amazes me that they never bring up the risk of the “insider threat” and they are very much focused on the outside threats.

It is my belief that in today’s environment the focus should be equal on both the internal and external threats but given the fact mentioned before, I am addressing the “internal threat” in this brief.
Insider threats amount for a very large portion of the cost of an organization and some experts argue that the threat from within is the biggest threat to the global economy. Insider threats take on many forms and sometimes it is these organizations that invite them in without knowing by not doing their homework at the time of hiring.

We hear of cases where employees steal confidential information and sell it to the competition; we hear of employees creating a threat and then foiling it to become heroes; we hear of disgruntled employees generating dangerous situations to get back with their employers and the most astounding thing of this is that when these are analyzed they are found to have been “very easy” to do and should have been easy to spot.

When I look at an organization in need of physical security upgrades, I always ask about the threat from within and try to understand what safeguards are in place to contend with these threats and in the majority of cases what I find is that organization is “disjointed” with little to no communication related to this aspect of security between HR, IT and Security.
What makes matters worse is the unwillingness of these groups to share information or take into consideration the needs of the organization as a whole when each is implementing anything related to security.

In a perfect world, when discussing anything related to security all areas should be present (add loss prevention in retail) so that the process of “securing” the facility will be a layered approach where all parties have a say and a responsibility so that the “threats from within” are easier to be identified before the crime is committed.
The use of Identity management for access to servers and secured locations should be in line with HR policies as well as access control protocols; meaning that a person should not be in the facility when they are not supposed to be and more important that they can not access terminals or locations if they have not registered their entrance to the facility. Said in more plain English, by establishing these kinds of correlated protocols you minimize the risk of someone using someone else’s credentials to access critical or confidential information.
What I am seeing more and more is the C-Suite is becoming a more cohesive environment where in some instances the “Chief Security Officer” will have both physical and cyber under his/her umbrella leaving only HR and in some instances I am seeing the Chief Operating Officers managing everything security related as well as HR which if approached correctly would minimize the risk of the ‘threat from within”.

In summing up, as our world gets smaller due to technology advancements so does the role of securing a facility and it is imperative that anything related to people and property be discussed and addressed by all areas of the organization.

Want to be notified of our promotions and new products?
Enter your email address and name below to be the first to know.