Insider Threat Mitigation
n Insider Threat is a person who exploits or has the intention to use their authorized access to an organization’s assets for unauthorized purposes. An insider is someone who (knowingly or unknowingly) misuses allowed access to commit a malicious act or damage within the environment they have access to. Most often it is a person who knows the environment best that is the greatest liability when it comes to insider threat. Having educated eyes and ears of the many is one of the least costly ways to assist in the prevention of malice occurrences.
Consider the diverse types of insider incidents
✓ Information Theft – Use of insider access to steal, exploit or facilitate the unlawful disclosure of information
✓ Security Compromise – Use of access to aid and override security countermeasures
✓ Terrorism – Use of access to commit or facilitate any act of violence as a means of disruption or coercion for political purposes
✓ Sabotage – Intentional destruction of equipment or IT to direct specific harm (e.g., inserting malicious code)
✓ Espionage – Use of access to obtain sensitive info for exploitation that impacts national or corporate security and public safety
✓ Physical Property Theft – Use of insider access to steal material items (e.g., goods, equipment, badges)
✓ Workplace Violence – Use of violence or threats of violence to influence others
✓ Other- Captures the evolving threat landscape and needs continuous review
Policing is expensive and in today’s world of budgetary limitations, it is crucial to remember the value of the community and community support. Community policing heritage dates back hundreds of years, yet an effective time tested way to effectively gather intelligence that supports risk mitigation and addresses a range of threat vectors such as insider threat, criminal activities, and terrorist identification.
The adoption of the top-down practice provides a solid path to a safer environment.
“SEE IT – REPORT IT”