Insider threats: Some telltale signs that could tip off CSOs and their teams

IT leaders have known for years that their own coworkers may turn out to be their worst enemies, but identifying the potential rogue actors isn’t easy. Unless, of course, you learn to watch out for certain personality traits the way a network monitoring solution might look for malware.

At an event focusing on insider threats hosted by the Conference Board of Canada earlier this year, Dr. Eric Shaw of the consulting firm Stroz Friedberg presented elements of a cumulative risk model to stay one step ahead of such problems. After years of working on several cybersecurity investigations, Shaw noted that those who might become an insider threat tend to share a number of attributes. These include sensitivity to criticism, an unusual need for attention, revenge fantasies and chronic frustration at feeling unappreciated.

“They can’t let go of a grievance. They ruminate,” he said, noting that in some cases, a certain amount of narcissism and drive can help employees thrive in certain roles, but not if they take them to an extreme. “You need them to be able to handle massive amounts of data and need that obsession to detail, but not so much they might go over the edge.”

Of course there are other indicators that might suggest an employee could pose such risks — illnesses such as alcoholism, for example — but organizations can’t legally screen for them, Shaw noted. Social network ties may also indicate danger, if employees are in touch with people who are potential adversaries or have interest in competitors. When privacy settings are managed for social networks, however, they would be invisible to HR departments.

Shaw suggested companies increase their potential risk from insider threats depending on the culture that allows security policy violations to slip through the cracks. “There may be more of a sense you can get away with something if you come from an organization where rules aren’t taken seriously,” he pointed out. “It could be as simple as a refusal to comply with information requests.”

It may not take a behavioral psychologist of Shaw’s calibre to know the biggest trigger for insider threats, of course: when companies carry out an abrupt termination without consideration of blowback.

“If you mistreat them, no matter what they’ve done, you’re setting yourself up for a bad situation,” he said. “There’s a way to ease people out, to avoid potential problems.”

Obviously the biggest insider threats in many firms would be those working close to IT systems. But in areas like the help desk, Shaw said, contact with other employees or executives may be limited and therefore their disgruntlement is not known. “The employee simply withdraws, and you see a maladaptive organizational response,” Shaw said.

All this means CSOs, CISOs and CIOs may need to spend as much time thinking about the human factors that threaten corporate data as well as the technology. In fact, the Information Security Group’s “Insider Threat Spotlight Report,” surveyed 500 cybersecurity professionals, 62 percent of whom said the problem has gotten worse in the past year.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Shane Schick
Shane Schick
Your guide to the ongoing story of how technology is changing the world

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now