Unmasking insider risks

Issue 8 2023 Information Security

The serpent tempting Eve in the Garden of Eden serves as an allegory for the lurking danger of insider risks in the business world. Just as the serpent’s cunning led to transgression, individuals within organisations can exploit their privileged access to sensitive information, systems, and assets, potentially causing harm to their employers.


Andre Du Venage.

In this article, we explore the multifaceted realm of insider risks, their manifestations in the modern business landscape, strategies to both expose and mitigate this critical threat and examine a historical case, the Enron scandal, as one of the most severe insider events in corporate business.

Identifying insider risk: In today’s business landscape, insider risks can manifest in various forms, including data theft, fraud, sabotage, insider trading, espionage, whistleblowing, negligence, truck hijacking, goods robbery from warehouses, and more. These threats can undermine a company’s security, financial stability, and reputation, much like the serpent’s deceptive actions shook the foundations of human innocence.

The Enron scandal: a pinnacle of insider misconduct. The Enron scandal was one of the most severe insider events in corporate business history. Enron, a once-respected energy company, filed for bankruptcy in 2001 after it was revealed that top executives had engaged in extensive financial fraud and accounting manipulation to hide the company’s true financial state. This devastating insider event resulted in massive financial losses for shareholders, employees, and stakeholders, and it led to significant regulatory changes in corporate governance and financial reporting. The Enron scandal remains a memorable lesson in the catastrophic consequences of insider misconduct.

An example of industrial espionage in a corporate environment involving an insider is the case of Apple Inc. vs Nuvia Inc. In 2021, Apple filed a lawsuit against Nuvia, a chip startup founded by former Apple employees, alleging that three former Apple engineers, including Nuvia’s CEO, had stolen trade secrets related to Apple’s chip designs and used them to develop their products. This case highlights individuals with insider knowledge can attempt to take proprietary information from their former employers for personal or competitive gain, leading to legal disputes.

Strategies for exposition

1. Employee background checks: Thoroughly vet job candidates through background checks to uncover any prior security breaches or criminal activities. Psychometric tests to identify team players, especially appointments for middle and senior management positions.

2. Access control: Implement strict access controls to limit employee access to sensitive data and systems based on their roles. Regularly review and adjust these permissions.

3. Monitoring and auditing: Continuously monitor and audit employee activities to detect unusual or suspicious behaviour that may indicate an insider threat.

4. Behaviour analytics: Utilise behaviour analytics software to identify deviations from an employee’s typical behaviour patterns, enabling early threat detection.

5. Whistleblower programmes: Establish anonymous whistleblower programmes to encourage employees to report suspicious activities without fear of retaliation.

Strategies for safeguarding organisations

1. Education and training: Conduct regular training and awareness programmes to educate employees about insider risks, security policies, and the consequences of unethical behaviour.

2. Clear security policies: Develop and communicate clear and comprehensive security policies and procedures to all employees, emphasising rules and consequences for policy violations.

3. Zero Trust architecture: Adopt a Zero-Trust security model, which assumes that no one, including insiders, should be trusted implicitly. Require continuous verification of access and behaviour.

4. Segregation of duties: Avoid overconcentration of control by ensuring no single employee has too much influence over critical processes or systems.

5. Incident response plan: Develop a robust incident response plan that outlines the steps to be taken in case of an insider threat incident, incorporating legal, HR, and IT components.

6. Psychometric testing: Consider implementing psychometric testing for employees, especially middle and senior management positions, to assess their suitability as team players and identify potential issues early.

7. Data loss prevention (DLP) tools: Implement DLP tools that can monitor and block the unauthorised transfer of sensitive data outside the organisation.

Just as the serpent’s treachery led to expulsion from paradise and the Enron scandal remains a glaring example of the severe consequences of insider misconduct, businesses can build a resilient defence against the serpent that lurks within by employing a combination of strategies to expose and mitigate these threats. With diligence, proactive measures, and an organisational culture of trust and transparency, companies can protect their integrity, safeguard their assets, and thrive in the modern business landscape.

Andre Du Venage is the MD of Secure Logistics and a Business Risk Consultant.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Managed security solutions for organisations of all sizes
Information Security News & Events
Cyber attackers have become significantly more sophisticated and determined, targeting businesses of all sizes. PwC’s Global Digital Trust Insights Survey 2025 Africa and South Africa highlights the urgent need for organisations to implement robust cyber risk mitigation strategies.

Read more...
Data resilience at VeeamON
Technews Publishing SMART Security Solutions Infrastructure Information Security
SMART Security Solutions attended the VeeamON Tour in Johannesburg in August to learn more about data resilience and Veeam’s initiatives to enhance data protection, both on-site and in the cloud.

Read more...
Troye exposes the Entra ID backup blind spot
Information Security Infrastructure
If you trust Microsoft to protect your identity, think again. Many organisations naively believe that Microsoft’s shared responsibility model covers Microsoft Entra?ID – formerly Azure AD – but it does not.

Read more...
Secure data protection without hardware lock-in
Infrastructure Information Security News & Events
New Veeam Software Appliance empowers IT teams to achieve instant protection with Veeam’s fully preconfigured, software-only appliance, delivering enterprise-ready simplified deployment and operational efficiency, robust cyber resilience.

Read more...
Check Point launches open, vendor-neutral MDR services
Information Security News & Events Products & Solutions
New Check Point MDR 360° and MXDR 360° offerings deliver 24/7 managed continuous threat monitoring protection across endpoints, cloud and network environments with built-in identity threat detection and 160+ integrations across hybrid, multi-vendor environments.

Read more...
Credential theft surges in South Africa
NEC XON Information Security
NEC XON issues a critical cybersecurity warning about the dual threat of massive credential theft and AI-powered cyberattacks sweeping across the region, with an increasing number of incidents and evolving threat tactics.

Read more...
Want effective Attack Surface Management? Think like an attacker.
Information Security
Effective ASM requires companies to think like attackers, anticipate risks, and act decisively to reduce exposure by knowing their environment, deploying a structured approach, leveraging capable tools, and addressing both internal and external risks.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
POPIA non-compliance puts municipalities at risk
Information Security Government and Parastatal (Industry)
Digital responsibility must go beyond POPIA compliance to recognising that privacy and service delivery are fundamentally linked. Despite this, only 51 out of 257 municipalities submitted their mandatory data protection and access to information reports in 2024.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.