Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

The insider threat

February 2019 Asset Management, Integrated Solutions, Logistics (Industry)

By Andre Du Venage, Secure Logistics.

Sitting in your office doing what you are doing as a C-suite gate-keeper or other senior management role, you proceed with your to-do things daily, as you should. You are doing exactly what you are supposed to be doing and what you are paid for. Or are you?

Talking about risk we understand that threats to our work environment come in different guises such as physical attacks to the business that include robbery or business break-ins or theft. Other threats present themselves in the form of cyber-attacks and IP theft (industrial espionage).

Andre Du Venage.
Andre Du Venage.

Considering logistics and warehousing operations, normally these threats are viewed from an outside-in perspective and most security is concentrated on keeping outsiders outside and away from goods manufactured or goods stored/ kept in warehouses. The security focus typically involves physical measures that include a good perimeter, security protection, armed response, access controls, visitors’ policy, vehicle tracking and monitoring, staff controls and standard operating procedures. This should be standard practise and the bare minimum for operations.

But when we talk insider threat, the question arises as to what do we do to keep the insider threat at bay. Insider refers to the staff member (permanent or contract) colluding in some way with outsiders to steal from the operation, normally in bulk, to effect a substantial loss. Insiders can also collude with other insiders to engage in criminal acts to hurt the company in different ways.

More questions that arise include:

• How do we keep the insider from colluding with other parties inside or outside?

• If the insider engages in illegal activity, how do I expose the person?

• Are there red flags to look out for?

• How do I handle the concern if red flags pop up?

Make a plan

The starting point to answer these operational questions lies with policies and procedures. An SOP on each business activity is essential not just for ensuring operations are taking place according to the sales plan, but also to the security risk plan. Does your company have a security risk plan? If not you need to start there and get staff aware that your business will defend against insider attack.

Having witnessed truck hijackings and bulk cargo theft first hand over many years, it came to mind that the attack will happen due to the fact that the system will be tested by criminals in their eagerness and greed to get their hands on other peoples’ property because it is an easy way to earn a living. The fact that it is not an honest living is of no consideration to most thieves.

What makes the difference in being repeatedly attacked is the response to the attack. If the response is weak, the attacks will continue. If the response is good and the attackers are apprehended or forced to leave the hijacked truck next to the road due to security counter-measures, then the attacks will dissipate.

The same principle applies to other operations in that if the attackers understand that once they attack, they themselves will become the target (of the security response) then they will think twice before trying that again. We need to act on insiders in a concise and effective way in order to create uncertainty and fear in the mind of the next person planning an attack.

Red flag alert

Insiders expose themselves by way of red flags popping up in operations that may start with absenteeism, right through to negligence or more open incidents of theft.

Insider threat manifests when company operations flow such that it opens doors to opportunity for crimes or outsiders are hired to infiltrate the organisation and go unnoticed. This article does not go into the motivations insiders have to commit theft, but often opportunity arrives by accident due to grey areas in the business operations.

It takes a concerted security risk management effort to identify and expose criminal insiders. The easier option would be to deter or deflect such opportunists and criminals from the operation by closing operational gaps and opportunities for crime. Each business must consider its own unique environment that includes product, staff make-up, policies and procedures.

The insider threat will always remain so the best approach is to identify the operational gaps that create opportunity, hire knowledgeable security staff and a strong security leader (with influence). The CEO/COO/MD should be the person the security leader reports to in most operations. The security manager needs to champion the security process and show progress and results, and this includes an active programme to also focus inside to the internal risks.

For more information, contact Andre Du Venage, Secure Logistics, +27 11 391 6268, andre@securelogistics.co.za





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Gallagher releases Command Centre v9.40
Gallagher Products & Solutions Integrated Solutions
Gallagher Security has released Command Centre v9.40, introducing new capabilities for the Controller 7000 product range and supporting optional licencing expansion to up to 24 doors per controller, more than doubling the previous limit of 10.

Read more...
Factories, grids, and finance: Critical infrastructure cyber lessons of 2025
Asset Management Information Security Industrial (Industry)
Africa has seen an accelerated, large-scale digitisation of our overall industrial base, and this rapid convergence of IT and OT is happening on a foundation that, in essence, was not designed to be cybersecure.

Read more...
Securing the smart fleet
Information Security Transport (Industry) Logistics (Industry) IoT & Automation
Contributing around 10 to 12% of South Africa’s GDP, the transport and logistics sector supports almost every part of the country’s economic activity. The stakes for keeping these systems secure are higher than ever before.

Read more...
Visual Intelligence for driver and vehicle safety
News & Events Asset Management Transport (Industry)
Webfleet, Bridgestone’s fleet management solution, and Peregrine.ai, a Berlin-based startup transforming mobility through AI-powered vision systems, announced the launch of a next-generation driver assistance solution.

Read more...
Global hub for predictive road safety intelligence
News & Events Asset Management Transport (Industry)
One year since its formation, Netstar’s advanced Global Fleet Bureau is more than an operational facility for international fleet management, it has become a big-data nerve centre delivering unprecedented value to clients.

Read more...
Cyber attack surface expanding
Asset Management Information Security Logistics (Industry)
Despite the increasing number of attacks, analysis of Allianz Commercial cyber claims shows that severity is down by 50% and large-claim frequency by 30% in H1 2025, driven by larger companies’ enhanced detection and response capabilities.

Read more...
Continuum launches centralised access and identity management
Editor's Choice Access Control & Identity Management Integrated Solutions Facilities & Building Management
Continuum Identity is a newly launched company in the identity management and access control sector, targeting the complexity of managing various Access and Identity Management (AIM) systems.

Read more...
ArxTech: Over 30 years of evolving security solutions for South Africa’s toughest challenges
Security Services & Risk Management Integrated Solutions
[Sponsored] For over 30 years, a Centurion-based company has helped shape how security technology is designed, deployed, and supported in South Africa. Originally known as CellSecure, it now operates as ArxTech.

Read more...
Putting security in gear
Asset Management Products & Solutions
The inaugural Securex Cape Town 2025 will showcase a number of companies focused on vehicle and fleet security on South Africa’s dangerous and often crime-infested roads.

Read more...
Managing assets and clear communication
Asset Management Products & Solutions
Communication is essential for security management as well as efficient asset control. A few companies at Securex Cape Town 2025 might have the solution you are looking for.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.