Unmasking insider risks

Issue 8 2023 Information Security

The serpent tempting Eve in the Garden of Eden serves as an allegory for the lurking danger of insider risks in the business world. Just as the serpent’s cunning led to transgression, individuals within organisations can exploit their privileged access to sensitive information, systems, and assets, potentially causing harm to their employers.

Andre Du Venage.

In this article, we explore the multifaceted realm of insider risks, their manifestations in the modern business landscape, strategies to both expose and mitigate this critical threat and examine a historical case, the Enron scandal, as one of the most severe insider events in corporate business.

Identifying insider risk: In today’s business landscape, insider risks can manifest in various forms, including data theft, fraud, sabotage, insider trading, espionage, whistleblowing, negligence, truck hijacking, goods robbery from warehouses, and more. These threats can undermine a company’s security, financial stability, and reputation, much like the serpent’s deceptive actions shook the foundations of human innocence.

The Enron scandal: a pinnacle of insider misconduct. The Enron scandal was one of the most severe insider events in corporate business history. Enron, a once-respected energy company, filed for bankruptcy in 2001 after it was revealed that top executives had engaged in extensive financial fraud and accounting manipulation to hide the company’s true financial state. This devastating insider event resulted in massive financial losses for shareholders, employees, and stakeholders, and it led to significant regulatory changes in corporate governance and financial reporting. The Enron scandal remains a memorable lesson in the catastrophic consequences of insider misconduct.

An example of industrial espionage in a corporate environment involving an insider is the case of Apple Inc. vs Nuvia Inc. In 2021, Apple filed a lawsuit against Nuvia, a chip startup founded by former Apple employees, alleging that three former Apple engineers, including Nuvia’s CEO, had stolen trade secrets related to Apple’s chip designs and used them to develop their products. This case highlights individuals with insider knowledge can attempt to take proprietary information from their former employers for personal or competitive gain, leading to legal disputes.

Strategies for exposition

1. Employee background checks: Thoroughly vet job candidates through background checks to uncover any prior security breaches or criminal activities. Psychometric tests to identify team players, especially appointments for middle and senior management positions.

2. Access control: Implement strict access controls to limit employee access to sensitive data and systems based on their roles. Regularly review and adjust these permissions.

3. Monitoring and auditing: Continuously monitor and audit employee activities to detect unusual or suspicious behaviour that may indicate an insider threat.

4. Behaviour analytics: Utilise behaviour analytics software to identify deviations from an employee’s typical behaviour patterns, enabling early threat detection.

5. Whistleblower programmes: Establish anonymous whistleblower programmes to encourage employees to report suspicious activities without fear of retaliation.

Strategies for safeguarding organisations

1. Education and training: Conduct regular training and awareness programmes to educate employees about insider risks, security policies, and the consequences of unethical behaviour.

2. Clear security policies: Develop and communicate clear and comprehensive security policies and procedures to all employees, emphasising rules and consequences for policy violations.

3. Zero Trust architecture: Adopt a Zero-Trust security model, which assumes that no one, including insiders, should be trusted implicitly. Require continuous verification of access and behaviour.

4. Segregation of duties: Avoid overconcentration of control by ensuring no single employee has too much influence over critical processes or systems.

5. Incident response plan: Develop a robust incident response plan that outlines the steps to be taken in case of an insider threat incident, incorporating legal, HR, and IT components.

6. Psychometric testing: Consider implementing psychometric testing for employees, especially middle and senior management positions, to assess their suitability as team players and identify potential issues early.

7. Data loss prevention (DLP) tools: Implement DLP tools that can monitor and block the unauthorised transfer of sensitive data outside the organisation.

Just as the serpent’s treachery led to expulsion from paradise and the Enron scandal remains a glaring example of the severe consequences of insider misconduct, businesses can build a resilient defence against the serpent that lurks within by employing a combination of strategies to expose and mitigate these threats. With diligence, proactive measures, and an organisational culture of trust and transparency, companies can protect their integrity, safeguard their assets, and thrive in the modern business landscape.

Andre Du Venage is the MD of Secure Logistics and a Business Risk Consultant.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Access & identity expectations for 2024
Technews Publishing IDEMIA ZKTeco Gallagher Salto Systems Africa Regal Distributors SA Reditron Editor's Choice Access Control & Identity Management Information Security AI & Data Analytics
What does 2024 have in store for the access and identity industry? SMART Security Solutions asked several industry players for their brief thoughts on what they expect this year.

Prepare for cyber-physical attacks
Gallagher Information Security Access Control & Identity Management
As the security landscape continues to evolve, organisations must fortify their security solutions to embrace the changing needs of the security and technology industries. Nowhere is this more present than with regard to cybersecurity.

Zero Trust and user fatigue
Access Control & Identity Management Information Security
Paul Meyer, Security Solutions Executive, iOCO OpenText, says implementing Zero Trust and enforcing it can create user fatigue, which only leads to carelessness and a couldn’t care attitude.

Passwordless, unphishable web browsers
Access Control & Identity Management Information Security
Passkey technology is proving to be an easily deployed way to bring unphishable, biometric-based security to browsers; making identification and authentication much more secure and reliable for all parties.

Time is of the essence
Information Security
Ransomware attacks are becoming increasingly common. Yet, many individuals and organisations still lack a clear understanding of how these attacks occur and what can be done to secure their data.

All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

The song remains the same
Sophos Information Security
Sophos report found that telemetry logs were missing in nearly 42% of the attack cases studied. In 82% of these cases, cybercriminals disabled or wiped out the telemetry to hide their tracks.

How hackers exploit our vulnerabilities
Information Security Risk Management & Resilience
Distractions, multi-tasking, and emotional responses increase individuals’ vulnerability to social engineering, manipulation, and various forms of digital attacks; 74% of all data breaches included a human element.

Projections for 2024’s Advanced Threats Landscape
News & Events Information Security
Kaspersky Global Research and Analysis Team (GReAT) experts offer insights and projections for 2024 in the Kaspersky Security Bulletin, with a focus on the evolution of Advanced Persistent Threats (APT).

Veeam and Sophos in strategic partnership
Information Security
Veeam and Sophos unite with a strategic partnership to advance the security of business-critical backups with managed detection and response for cyber resiliency, and to quickly recover impacted data by exchanging critical information.