Why High-Security Organizations May be at Risk for Insider Threats

Why High-Security Organizations May be at Risk for Insider Threats

 

In an article from The Stanford News a quote recently caught my attention: “For companies, an insider threat from an employee can be an economic disaster. For a government unit, an insider threat can quickly become a dangerous national security issue.”

 

We often forget that insider threats have the ability to negatively effect the world outside of our companies especially if we work in high-security organizations like the U.S. military, intelligence agencies and nuclear laboratories. Scott Sagan, a professor at Stanford and co-editor of a new book, Insider Threats, calls insider threats in these organizations “low probability, high-consequence events” and while national security organizations are focused on external threats, they must not ignore the “very real insider threats we face as well.”

 

According to Sagan, these are the most common mistakes national security agencies make when dealing with insider threats:

 

Assume Background Checks Solve the Problem

Background checks are not always 100 percent reliable and, because people change over time, background checks do not necessarily give you the most accurate picture of a person’s character. “They are like snapshots, not portraits, of members of national security organizations,” says Sagan. Background checks are just one tool to use when hiring and, as I always recommend, it is always a good idea to run a background check every few years of employment.

 

Too Many People with Security Clearances

According to the Office of Management and Budget, 1.5 percent of the U.S. population has a security clearance. While it seems best practice to classify more information in the name of security, this could actually backfire. “When more individuals need more security clearances, less reliable security vetting procedures are often implemented and more bad apples can fall through the cracks.”

 

Ignoring Red Flags

Because the vast majority of folks in high-security organizations are “loyal and responsible individuals”, organizations tend to “reinterpret strong evidence” if it doesn’t fit their assumptions. This includes presuming online searches or discussions are always being conducted in the best interest of the organization, even if the topics being searched or discussed seem unethical or out of character.

 

High-security agencies are not immune to insider threats and need to make sure they have the tools and strategies in place to not only keep their organization safe, but to keep our nation—and even our world—safe as well.

 

Please leave a comment or like this article, we love them!

Security First & Associates

www.securityfirstassociates.com

 

Are YOU an Insider Threat

As a security professional, I spend a lot of time talking to businesses about how they can create more safe and secure environments. Lately, I’ve been talking a lot about insider threats and what companies’ large and small need to do to keep themselves protected. But, this month, I am changing gears a bit. Instead…

Who Should Be on Your Insider Threat Risk Team?

Who Should Be on Your Insider Threat Risk Team? As a security professional, I have written a lot about the growing risk of insider threats—especially for small- to medium-sized companies who may not have the resources to dedicate one team member to this issue. Does your company fall into this category? Even if you don’t…

Why Protecting Against Insider Threats also Protects Against Workplace Violence

Why Protecting Against Insider Threats also Protects Against Workplace Violence   According to the Occupational Safety and Health Administration (OSHA), nearly 2 million employees are victims of workplace violence each year. An even more startling statistic is that between January 2009 and July 2015, there were 133 mass shootings in the workplace. No wonder violence…

Security Clearance Salaries on the Rise

Security Clearance Salaries on the Rise  According to a recent article from ClearanceJobs.com, those currently holding security clearances could see their salaries increase in 2017.  You ask Why?  Several factors are having an impact on security clearance salaries including:  OPM Breach—this caused some to leave the market creating a “backlog of background investigations.”  If you…

New Executive Order Updates Security Clearance Process

New Executive Order Updates Security Clearance Process As President Barack Obama prepared to leave office on January 20th, he signed an executive order that updates the structure and process for issuing security clearances. According to Federal News Radio, the order more clearly outlines the Office of Personnel Management’s (OPM) responsibilities in this process including: Open…

New Change to Psychological Health Question on the SF-86

In November, the Director of National Intelligence James Clapper issued Revised Instructions for Completing Question 21, Standard Form 86, “Questionnaire for National Security Positions,” ES 2013-00242 in hopes of making it clear that “mental health treatment is not a detriment to holding or maintaining a security clearance.” Section 21 of the SF-86 has long been…

Insider Threat Monitoring Rules for Federal Contractors

Insider Threat Monitoring Rules for Federal Contractors Reminder that your must certify to DSS that your company has appointment an Insider Threat Program by Today – November 30, 2016.  All Federal contractors holding facility clearances face new insider threat monitoring rules that will require them to gather, integrate, and report relevant and available information indicative of…

Could Your Company Handle an Insider Threat?

If you’ve been following my writing, you know that I believe one of the biggest security threats a company may face is not from outside sources—it’s from their own employees (or former employees). Many companies think they are prepared to handle an insider threat, but are they? Here are the 5 things your company should…

Who’s In Charge of Keeping Your Company Secure?

Even if your company has strategies in place to handle malicious attacks on your security, you may still be at great risk for insider threats.  Why? According to a Forrester study, “insiders” were involved in 39 percent of data breaches—of that 39 percent, 27 percent came from inadvertent misuse of data by employees, making your…