Warning Signs of an Insider Threat
Whether they are acting maliciously or negligently, employees inside an organization constitute a significant risk to its security. Joseph Blankenship, Senior Security Analyst at Forrester, provides some insight into frequent early symptoms that an insider threat may be present.
Throughout the years, there have been other incidents of high-profile data breaches that were caused by insiders. Some of these examples included employees blowing the whistle on their employers, while others involved corporate or international espionage. Through staff education, you may help reduce insider risks produced by carelessness; but, it is far more difficult to identify malevolent insider threats. Joseph Blankenship, a senior security analyst, spoke on the many warning signals of an insider threat at a webinar that was co-hosted by our company and Forrester. The webinar was titled "Identifying and Stopping the Insider Threat."
which scenario might indicate a reportable insider threat?
Insiders with bad intentions often have leading signs at their disposal. Pay close attention to supervising the workers who exhibit these potentially dangerous habits. Here is what you need to keep an eye out for:
1. Unsatisfactory Evaluations of Past Performance
A negative performance assessment might leave an employee with a very sour attitude. Ricky Joe Mitchell, a former network engineer at an energy company, found out in 2012 that he was going to be fired, and he intentionally sabotaged his company's computer system. As a result, for approximately one month, the company was unable to fully communicate with one another or carry out business operations.
2. Expressing Opposition to Prescribed Procedures
A person who makes it very clear how strongly they disagree with the policies of the firm is a candidate for the role of an internal threat. It's possible that they wish to exact retribution or alter policy by resorting to extreme methods. It is not unheard of for employees to take business data or network access hostage in order to ensure that they receive what they want. In 2008, Terry Childs was accused of taking control of the network belonging to his company. Because he refused to give up the credentials to the network system that he had unlawfully seized control of, he was brought into custody and jailed.
3. Conflicts with Other Employees in the Workplace
Be on the lookout for employees who get into heated or even physical arguments with their fellow colleagues, particularly if the arguments are with their supervisors or other members of the executive staff.
4. Financial Distress
An employee who is experiencing great financial hardship may come to the decision to sell sensitive data belonging to your firm to other parties in order to repay debts, or they may steal the personal information of customers in order to commit identity theft or tax fraud.
5. An Unexpected Increase in One's Wealth
Be on the lookout for workers who have unexplained financial gains or who suddenly begin purchasing items that are out of their price range based on their home income. If someone who typically drives an old, beat-up vehicle to work every day suddenly shows up in a brand new Ferrari, you may want to explore where the money is coming from, particularly if they have access to valuable and sensitive data.
6. Unusual Timing of Working Hours
Pay close attention to employees who normally put in their hours from 9 to 5, but have recently begun logging in or accessing the network later or outside the typical hours of their peer group, even though they do not have permission to do so or a genuine need to work outside of normal hours.
7. Unusual Occasions Spent Abroad
It is possible that an individual is engaging in corporate or foreign espionage if they engage in unusual travel to foreign countries, particularly if they are not required to travel for work, are traveling to a country in which they do not have any relatives or friends, or are going to a location that is not typically considered a tourist destination. However, there are situations when travel may be done in complete secrecy. For instance, Greg Chung worked as a spy for China for over 30 years while claiming he was going to China to deliver talks on various topics. Instead, he was meeting with Chinese spies and stealing hundreds of thousands of papers from his company. He also lied about it. Keep an eye out for unexpected or frequent travel that occurs in conjunction with the other early warning signs.
8. Leaving the Business Behind
Anyone quitting their job at the company has the potential to become a hostile insider. When someone hands in their notice, you should investigate their behavior over the past few months to determine whether or not they have engaged in any odd or questionable behavior or accessed data that they were not authorized to see.