Insider Security, part 1/8

Insider security breaches occur far less often than either accidental disclosures or malicious outside activity (hacking), but they can pack a much bigger punch. Insiders are already within the first layer of trust, and may bypass many controls designed to mitigate loss. In some cases, they have access to critical business data and intellectual property, and in a few cases, they have the keys to the kingdom.

If we have all our security tools correctly and thoroughly deployed, insider threats are, to a degree, handled. But without understanding the problem, and taking a solid risk-based approach to dealing with the issues, we leave our systems open to these problems. Given the size of the risks, it is essential that we understand the problem and take appropriate action to mitigate the risks.

In this series, insider risks and mitigation strategies will be discussed in depth. We will look at:

1. Defining the insider risk problem.

2. Using risk management practices to establish scope and priority.

3. Hiring and contracting concerns.

4. The human element, and counterproductive responses.

5. Technical internal controls, external control overlap, and complications.

6. Opportunity for mentoring from monitoring.

7. Incentives and sanctions.

8. The landscape today, and why building a high-trust culture is essential.

Many of these items involve HR, and one ties in with Purchasing. References are also provided, so you can draw your own conclusions based on your experience.