Skip to main content

What Triggers Insider Threat?

July 28, 2014

When asked, “Do you have an insider threat problem?” many organizations might conclude that they have no issues and nothing to worry about, others admit they have a problem with no strategy. Both responses are inadequate. Insider threat can happen at any organization within any industry. Knowing this, is your organization taking the proper precautions to help prevent catastrophic damage, both financially and to your reputation? What might someone pay for your organization’s most sensitive information?

Risk is everywhere. Outside threats can be hard to predict; you have no idea where they could be coming from. Insider threat, however, comes from within your network of employees and partners. This type of threat ranges from a reckless, non-hostile employee who accidentally leaks data, to a competitor or even a spy.

For the hostile types of insider threat, why might someone turn against the company they work for? The biggest reason comes from a life changing event either in an employee’s personal life or work life. People you would least expect can turn at the drop of a hat when they find themselves desperate for something, be that money or information. Employees can also find themselves shaken up by a recent merger or acquisition. If people have formed allegiances with specific coworkers, and that coworker leaves the company, the employee left standing might feel their loyalty shifting.

It’s also important to understand which employees to consider “high risk.” Typically, the top professions that could become insider threats are employees that have the most access to the most information, making them potentially dangerous. Examples of these types of groups include executives, scientists and people in IT.

The most important key to recognizing a problem is situational awareness. You must continually look at your strategy, understand what’s going on within every aspect of the organization, and be on the lookout for situations that are negatively impacting employees.

Consider these ideas to help counter threats before they become expensive problems:

Educate and communicate: Use a recent situation that may have had a negative impact, such as a merger (with subsequent layoffs), to educate and communicate with your workforce. If everyone remains open minded and understands that they’re all on the same team, you may be able to bring outliers back to the light.

Reconfigure current technologies: To help head off potential insider attacks, consider leveraging existing technologies. You can configure systems, such as the rules within data loss prevention software, to recognize a potential issue. Simple rule changes and configurations can make a world of difference, which means you don’t need to go out and buy a whole new solution.

Build and communicate a plan: Building a plan does not mean you have to execute on it. Start to research the subject, talk with peers on their programs, and understand how to identify the threat. All of these items are areas you can build into your plan. Great information has been published by Carnegie Mellon and the FBI on insider threats.

Logging and trending: If your organization did not track sales data they would never know how sales were trending; the same holds true for any threats. Start to learn your control points and begin logging and collecting data on insider threats.

As soon as you recognize possible triggers for insider threat, and understand the most likely employees to turn to the dark side, the faster you can put a plan in place to prevent an inside attack.


    James Robinson

By: James Robinson

Vice President, Third-Party Risk Management

See More

Related Blogs

June 28, 2017

Petya / Petna / NotPetya Ransomware Recommendations from the Trenches

Here we go again. Not long ago I updated a blog post containing actionable recommendations to protect your environment from ransomware threats, includ...

See Details

May 18, 2017

WannaCry Ransomware Recommendations from the Trenches

Approximately one year ago, I wrote a blog post containing actionable recommendations to protect your environment from ransomware threats. In the wake...

See Details

March 16, 2017

OCC Updated Guidance on Third-Party Risk

Recently, the Office of the Comptroller of the Currency (OCC), released updated guidance for bank examiners as they scrutinize third-party risk progra...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Related Insights

September 09, 2016

Just Enough Insider Threat Defense

At a recent conference for IT leaders, I addressed the theme of, “How much cyber security is enough?” We all probably have had to answer the broad que...

See Details

January 13, 2016

Insider Threat Solution Primer

Read how mitigating insider threats presents a unique problem for information security leaders.

See Details

Optiv Leadership Perspective – Insider Threat

Considering the role of insider threat can be a vital first step when looking to mitigate the risks of cyber breaches in an organization. Hear from Br...

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.