Home>Articles>Cyber Security>Recognising a Potential Insider Security Threat

Recognising a Potential Insider Security Threat

While all companies want to take a sense of pride in the quality of people that are part of their hired team, the fact is that not all individuals have the type of loyalty and honesty that management wants. This is of special importance when it comes to the topic of a security threat and the professionals in this arena have identified a few key signs that can alert you to a threat prior to having it happen.

An insider security breach enters on both the level of identity, information and data loss as well as on an emotional side of betrayal. Today’s staff don’t always have the same state of loyalty that was once held as an employee and companies need to face that fact as they review each of their members. One of the key characteristics in an insider security threat is the common thread of “unmet expectations.” Depending upon the employee, this can cover an array of topics including expectations for: promotions, bonus or salary, demands from a supervisor (especially in the case of a new supervisor), disciplinary actions for poor performance, being passed over for a promotion and job dissatisfaction.

Unmet expectations sets the groundwork for potential retaliatory actions and supervisors and managers need to take notice of staff that may exhibit this type of behaviour. Depending upon the employee, there may/may not be noticeable signals that could include: A working pattern change of arriving late/leaving early or even missing work, conflicts with supervisors or fellow coworkers, a decline in the performance of his/her job, use of alcohol or drugs at work, violent or aggressive behaviour, passive aggressive behaviour (such as signs, artwork, screensavers, etc.) at their working area, or reduced personal hygiene.

An Event Can Trigger a Threat

In some situations, an unhappy staff member may have allowed their situation to brew for a long time, with very few signals to alert a manager. However, it is often a single event that eventually triggers the employee to take action that transitions into a security threat; and these typically revolve around financial, recognition and/or position/title. The event may seem logical to a supervisor or even expected based on performance, conversation or warnings, but to the employee it is the final condition and they experience a feeling of personal assault. The event can be a demotion, promotion bypass, bad situation with a new supervisor or a disagreement with an existing one, transfer between departments that isn’t wanted, lack of bonus or salary expected or even a lack of being included in an important company travel or celebratory event.

What You Can Do

Beyond just the standard pre-hiring background checks, human resources needs to establish a complete guideline of understanding with employees on both expectations and company behavior. Involving the staff in these discussions is critical as their participation will help to both comprehend how the company operates as well as to diffuse the potential for expectations. Allowing an open-door policy for conversations and the ability to share honest opinions can assist in maintaining a decorum. All employees need to know the high level IT standards for security and be requested to report any dangerous or unusual behavior or situations that they observe. The goal is to protect both the company and the employees and while “reporting” may contain a negative sound, they can reduce the chances of a disgruntled staffer striking out in retaliation against a company.

“Da Vinci Forensics coordinates with organisations to educate, update employees on security protocol. As a working partner we observe potential behaviour threats, offer in-depth IT examinations and advise various departments on often overlooked conditions that could extrapolate into larger and more serious cyber and corporate identity and breach problems.”

 

Source: 
https://searchsecurity.techtarget.com/tip/Insider-threat-behavior-How-to-identify-warning-signs?

https://www.bitpipe.com/data/document.do?