Site loading

Whistleblowers, opportunists and disgruntled workers – the reality of the Insider Threat

This is a true story. A disgruntled employee who was angry about being passed over for a promotion, frustrated with his workload, in debt, and going through a marriage breakdown, snapped and decided to ‘take it out’ on the bank where he worked.

Out of revenge, he stole client information from a customer database. He intended to use it at a new employer. Thankfully, his crime was detected. But the bank learned the lesson, and recognised it needed improved measures in place to reduce the risks from an insider.

How do we know this? SKT Consulting supported this bank to respond to the insider threat. Using our Regulation Accelerator™ we set up measures to ensure there are controls in place to identify and stop harmful employees. In so doing, we helped ensure their on-going compliance with Sarbanes-Oxley and the EU’s 8th Company Law Directive.

Most people know about Edward Snowden – an insider – who stole thousands, possibly millions, of documents. The fact that Snowden was already in the company with access to documentation made him harder to detect. And, like others who have stolen documents, access to some of the documentation was perfectly legitimate and ‘part of his job’.

Snowden’s motive was to highlight the surveillance state. For others, stealing information from their employer is often less ambitious. They want to sabotage their employer, create a second income stream, or launch their careers at their new place of work.

Tackling the insider threat is challenging. And in our experience, companies don’t discuss insider threats sufficiently, as they consider it to be a problem that ‘other companies face’.

A control we have found to be effective is the creation of a ‘taxonomy of insider behaviours’. Via a taxonomy (a classification scheme) firms can identify individual behaviours that when viewed together could be an indicator of an employee up to ‘no good’. For example, is an employee frequently staying late after work? Are they working unsupervised? Are they trying to access privileged information?

A taxonomy helps you to make an assessment, and start those all-important conversations. It’s something you might like to consider… Get in touch for an initial discussion.