The enemy within – insider ­security threats

May 2019 Editor's Choice, Cyber Security, Financial (Industry)

Forty-two years ago, almost to the day, brazen thieves tunnelled into the Standard Bank branch in Krugersdorp over the Easter long weekend. The robbers had done their homework and made off with a then whopping R413 000. To this day they have never been caught or even identified. Many still believe it was an inside job as the men knew exactly where to tunnel to and knew that the bank’s trembler alarms were disabled due to generators running nearby.

Although many silently applauded their audacity at the time, insider threats in today’s financial world are far more insidious and destructive. However, many financial institutions mainly have themselves to blame for lack of attention to or failing to follow best practices and procedures. So where should it all begin?

Definitely not when the person assumes his/her position, it should start much earlier.

The CV/résumé

Normally, after placing a job vacancy ad, organisations are flooded with applications and HR has the onerous task of wading through them all. Most are from genuine work seekers, however, in amongst them are those from chancers, ineligibles and far worse, those seeking to harm the company financially, reputationally or simply out of a perceived grievance.

Once a short-list of applicants has been decided on the serious task of vetting the candidates must begin with no short-cuts taken. This is a time consuming and costly exercise but will pay dividends in the future. Remember, someone looking to harm the company or inflate their credentials will go to a lot of effort to present a professional CV/résumé.

The interview

This is probably the most important step in the hiring of a candidate. The interviewing panel should consist of members of senior management, HR and a Subject Matter Expert (SME) with in-depth knowledge of the job requirements that the applicant is applying for. Things the panel should look out for include:

• Is the interviewee on time for the interview?

• Are they decently attired, presentable and clean?

• Do they appear at ease in the meeting?

• Can they answer questions relating to their qualifications and work experience promptly without having to think about it or assuming a shifty look?

• Do they have valid reasons for leaving their current employer or do they bad-mouth them?

• Have they done basic research on your company, including its vision, ethics, reputation, management, etc.? Do they ask relevant questions in return?

Once a decision has been made over the correct candidate/s, the next step in the process can begin.

Validation

This step is to check that the person is who they claim to be and includes ID checks, qualification checks, police reports, references from previous employers and community leaders. Remember, any referees who sound hesitant to disclose information, cage their words or are too gushing in their praise raise red flags. We also recommend using a company to conduct social media checks to ensure the potential candidate does not have a background of unwanted behaviour traits.

Onboarding

Now that the successful candidate has received and accepted a formal invitation for employment, onboarding can begin in earnest. The recruit must be made to feel welcome when they start their work. HR will arrange all the necessary paperwork to be done, including ID access cards, security passes, parking, banking details as well as appointing a ‘buddy’ to show the newcomer around, explain the rules of the company, introductions to members of management and teams, discuss prospects for advancement and further learning and development.

The IT department will arrange the minimal permissions the person will need to perform their job functions and ensure that strong passwords and password managers are in place. Permissions for promotions, demotions or relocations must be altered accordingly. BYOD (Bring Your Own Device) and remote working rules and policies will be explained and made available to the

new employee.

Regular follow-ups must be made by unit managers, IT, HR, etc. to ensure the person is happy and comfortable in their new position and performing as expected of them. An angry, disgruntled or bored employee is a very real danger to the company.

Offboarding

As important as onboarding is, offboarding correctly is critical. Whether the employee resigns or is dismissed, the process must take place swiftly and clinically. All access/security/ID cards must be returned and cancelled. Biometric access (fingerprint or retinal/facial scanning recognition) must be immediately revoked. All company devices (laptops, desktops, iPad, phones, USBs, external hard drives, etc.) must be collected and their serial numbers, makes and models checked against the issuing list. IT must ensure that all these devices are thoroughly checked for malware or preferably wiped clean. Logic bombs or Random Access Trojans (RATs) could have been placed on them to be used at a later date. All program passwords must be cancelled and where the employee had joint password access, this must be changed at once.

While it is almost impossible to eliminate insider threats, much can be done to reduce the chances of it occurring and limiting the risks it entails.


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Constructive CCTV contributions to research
September 2019, Leaderware , Editor's Choice, CCTV, Surveillance & Remote Monitoring
Study leads to understanding that we need more recognition and reward for constructive participation in society.

Read more...
Ensuring a seamless ultra-wideband ecosystem
September 2019 , Editor's Choice, IT infrastructure
FiRa consortium ensures an interoperable ultra-wideband technology ecosystem across chipset, device and service infrastructure through standards and certifications.

Read more...
Check Point appoints new regional director for Africa
September 2019 , News, Cyber Security
Check Point Software Technologies has appointed Pankaj Bhula as regional director for Africa.

Read more...
ISO standard for protecting personal data
September 2019 , News, Cyber Security
Tackling privacy information management head on: first ISO standard for protecting personal data has been published.

Read more...
The hunt for the Carbanak group
September 2019 , Editor's Choice, Cyber Security, News
Tomorrow Unlocked has released a free four-part documentary that tells the story of the notorious Carbanak APT group and its $1 billion bank heist.

Read more...
Genetec to integrate CylancePROTECT
September 2019, Genetec , Editor's Choice, CCTV, Surveillance & Remote Monitoring, News
Genetec has announced it is partnering with Cylance, a business unit of Blackberry, to bring AI-based antivirus protection to its appliance customers.

Read more...
Building automation vulnerable to hacks
September 2019 , News, Cyber Security
New vulnerability revealed in Internet-connected building automation devices at the DEF CON IoT Village that could impact critical building systems.

Read more...
X-rays in 3D
September 2019, XPro Security Solutions , Editor's Choice, Security Services & Risk Management
Hi-Tech Security Solutions asked Greg Dixon, director of XPro, for some insights into X-ray scanning and its pros and cons in today?s volatile world.

Read more...
Smart Inspection Unit developed by Roteck
September 2019 , Editor's Choice, Security Services & Risk Management
Roteck has announced a portable personnel and bag scanning unit that can easily be transported, set up and used in almost any location.

Read more...
Securing ATMs 24/7
September 2019, Hikvision South Africa , CCTV, Surveillance & Remote Monitoring, Financial (Industry)
To be effective, most ATMs need to be in public areas and open all hours, and they hold cash, making them an attractive target.

Read more...