Insider Threat Investigations

Are you concerned that someone inside your company could be threatening your employees, your corporate security, corporate secrets, products, or competitive advantage?

What is an “insider threat?”

An insider threat (InT) can be defined as a person, either currently or formerly employed by a company, such as a partner, contractor, supplier, or some else who had access to your company’s corporate secrets or networks and attempts to or successfully compromises the integrity or security of a company. A person classified as an “insider threat” can be attempting to commit:

  • Intellectual Property (IP) or Trade Secrets theft
  • Espionage
  • Fraud
  • Sabotage
  • Unauthorized Trading 

Let our trained intelligence and law enforcement staff discreetly assist in identifying human and cyber threats to your organization. Contact us for more information.

******************************************************************************************************************************************

The Intelligence and National Security Alliance (INSA) released a new white paper, Strategies for Addressing Bias in Insider Threat Programs, that can help insider threat and security managers identify and mitigate biases that undermine the effectiveness of insider threat (InT) programs in both government and industry. This paper identifies sources of potential bias that can be attributed to both people and technology. Through personal cognitive biases, whether implicit and unrecognized or overt, InT program staff can affect the objectivity of InT analyses. Organizations can introduce bias at a systemic level through enterprise-wide hiring practices and personnel decisions. Technology can create bias through the selection, weighting, and categorization of data and the design or risk analysis models. The consequences of both human and technological bias in InT programs are high. Bias undermines the effectiveness of insider threat programs by diverting attention to low risks and causing higher risks to go unexamined.  In addition, bias wastes resources, creates potential legal liability, and impairs an organization’s ability to hire and retain staff.
The paper offers several recommendations for how organizations can identify and mitigate bias in InT programs:

  • Raise awareness about types of bias, susceptibility to bias, and actions that can be taken to mitigate negative impacts of bias;
  • Provide tools and techniques to make decisions in complex environments involving uncertain data;
  • Remove associations between data and the individuals generating the data to help decrease the chances that demographic information will influence decision-making;
  • Reduce the subjective nature of data labeling through diversity in threat analysis teams and standardized methods for labeling and adjudicating incident data.