The enemy within – insider ­security threats

May 2019 Editor's Choice, Cyber Security, Financial (Industry)

Forty-two years ago, almost to the day, brazen thieves tunnelled into the Standard Bank branch in Krugersdorp over the Easter long weekend. The robbers had done their homework and made off with a then whopping R413 000. To this day they have never been caught or even identified. Many still believe it was an inside job as the men knew exactly where to tunnel to and knew that the bank’s trembler alarms were disabled due to generators running nearby.

Although many silently applauded their audacity at the time, insider threats in today’s financial world are far more insidious and destructive. However, many financial institutions mainly have themselves to blame for lack of attention to or failing to follow best practices and procedures. So where should it all begin?

Definitely not when the person assumes his/her position, it should start much earlier.

The CV/résumé

Normally, after placing a job vacancy ad, organisations are flooded with applications and HR has the onerous task of wading through them all. Most are from genuine work seekers, however, in amongst them are those from chancers, ineligibles and far worse, those seeking to harm the company financially, reputationally or simply out of a perceived grievance.

Once a short-list of applicants has been decided on the serious task of vetting the candidates must begin with no short-cuts taken. This is a time consuming and costly exercise but will pay dividends in the future. Remember, someone looking to harm the company or inflate their credentials will go to a lot of effort to present a professional CV/résumé.

The interview

This is probably the most important step in the hiring of a candidate. The interviewing panel should consist of members of senior management, HR and a Subject Matter Expert (SME) with in-depth knowledge of the job requirements that the applicant is applying for. Things the panel should look out for include:

• Is the interviewee on time for the interview?

• Are they decently attired, presentable and clean?

• Do they appear at ease in the meeting?

• Can they answer questions relating to their qualifications and work experience promptly without having to think about it or assuming a shifty look?

• Do they have valid reasons for leaving their current employer or do they bad-mouth them?

• Have they done basic research on your company, including its vision, ethics, reputation, management, etc.? Do they ask relevant questions in return?

Once a decision has been made over the correct candidate/s, the next step in the process can begin.

Validation

This step is to check that the person is who they claim to be and includes ID checks, qualification checks, police reports, references from previous employers and community leaders. Remember, any referees who sound hesitant to disclose information, cage their words or are too gushing in their praise raise red flags. We also recommend using a company to conduct social media checks to ensure the potential candidate does not have a background of unwanted behaviour traits.

Onboarding

Now that the successful candidate has received and accepted a formal invitation for employment, onboarding can begin in earnest. The recruit must be made to feel welcome when they start their work. HR will arrange all the necessary paperwork to be done, including ID access cards, security passes, parking, banking details as well as appointing a ‘buddy’ to show the newcomer around, explain the rules of the company, introductions to members of management and teams, discuss prospects for advancement and further learning and development.

The IT department will arrange the minimal permissions the person will need to perform their job functions and ensure that strong passwords and password managers are in place. Permissions for promotions, demotions or relocations must be altered accordingly. BYOD (Bring Your Own Device) and remote working rules and policies will be explained and made available to the

new employee.

Regular follow-ups must be made by unit managers, IT, HR, etc. to ensure the person is happy and comfortable in their new position and performing as expected of them. An angry, disgruntled or bored employee is a very real danger to the company.

Offboarding

As important as onboarding is, offboarding correctly is critical. Whether the employee resigns or is dismissed, the process must take place swiftly and clinically. All access/security/ID cards must be returned and cancelled. Biometric access (fingerprint or retinal/facial scanning recognition) must be immediately revoked. All company devices (laptops, desktops, iPad, phones, USBs, external hard drives, etc.) must be collected and their serial numbers, makes and models checked against the issuing list. IT must ensure that all these devices are thoroughly checked for malware or preferably wiped clean. Logic bombs or Random Access Trojans (RATs) could have been placed on them to be used at a later date. All program passwords must be cancelled and where the employee had joint password access, this must be changed at once.

While it is almost impossible to eliminate insider threats, much can be done to reduce the chances of it occurring and limiting the risks it entails.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Kaspersky uncovers zero-day in Chrome
October 2019, Kaspersky Lab , News, Cyber Security
Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser.

Read more...
A platform approach to innovation and value
CCTV Handbook 2019, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, IT infrastructure
Moving to the platform model of doing business holds tremendous advantages for end users and smaller developers, but also for the whole technology supply chain.

Read more...
Open does not always mean easy integration
CCTV Handbook 2019, VERACITECH, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Customers who opt for best-of-breed solutions will have to rely on their integrators to develop customised integrated solutions for them.

Read more...
The impact of AI on the surveillance industry
CCTV Handbook 2019, G4S South Africa, Hikvision South Africa, Myertal Tactical Security, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring
What the impact of AI will be on companies, the services and solutions they supply, as well as on the jobs people do.

Read more...
Video analytics and AI
CCTV Handbook 2019, Axis Communications SA, Dallmeier Electronic Southern Africa , Hikvision South Africa, Technews Publishing, Dahua Technology South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Artificial intelligence has the potential to deliver real benefits in the world of video analytics and many companies are already delivering customer benefits.

Read more...
Cloudy with a chance of AI
CCTV Handbook 2019 , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
One local company has developed an AI solution that can be added to existing surveillance installations, offering 24-hour intelligence.

Read more...
Security surveillance architecture
CCTV Handbook 2019, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring
IP video surveillance solutions typically have two distinctive surveillance architectures: centralised and distributed. Dean Coleman explains the difference.

Read more...
Selecting the right surveillance storage
CCTV Handbook 2019, Capsule Technologies, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, IT infrastructure
Storage is an integral part of a surveillance installation and the solution chosen can make or break the success of your project.

Read more...
Cyber-securing your surveillance infrastructure
CCTV Handbook 2019, Genetec, Hikvision South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
When it comes to cybersecurity, understanding the risks and the solutions as well as engaging in open communication helps everyone.

Read more...
Speak up with audio
CCTV Handbook 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring
Video surveillance systems are traditionally used as forensic tools, but what if you can use your surveillance system to proactively deter incidents before they happen?

Read more...