Insider Threats - Part II

Chris Cassell, Technical Team

Category:

  • Security Blog

Who would do such dastardly things?

The unfortunate truth is, anyone.

We don‘t like to believe it, but no-one is perfect and we‘re all creatures made up of a whole lot of very complicated interrelated drives. While today you likely cannot possibly envision yourself doing any of the above, what would happen if your child had suddenly been diagnosed with cancer? The NHS doesn‘t have that latest treatment for it but the US does. It costs though, and your desperate.

It's a very extreme example and I hope no-one reading this ever has to face a situation like that; its purpose is to show you that no matter where someone is today, tomorrow could pull the rug out from beneath anyone's feet and pressure can be sudden, sharp and push people to make bad choices in the heat of the moment. We all hope to do the right thing, but not everyone does.

People like that, in a sudden snap, are very hard to spot but there are a whole host of other factors that can be an indicator of a higher risk. Please note that the presence of these factors cannot be taken as proof of wrong doing and some people can be a total **** and still be very loyal, productive members of staff (back to me again there). Statistically though these factors can play a part.

Possible risk factors;

Unable to make their own choices easily – Someone that requires excessive handholding, lacks their own internal sense of judgment and struggles to cope with the unexpected. They may be prone to external forces influencing them.

Unethical/Amoral – The person that's willing to lie to customers to get a deal? The person that lies about the state of a project to avoid blame? The one who topped the 'Most likely to be an axe murderer' survey that went around the office? They may just be a harmless psychopath and in some positions that's fine. They may also be more open to the offer of a better opportunity and do whatever is needed to achieve it.

Doesn‘t live in the real world – Know someone in the company that acts like James Bond because they were asked to shred some documents? Got asked to take part in a panel on security so they start talking about water-boarding people? People with an unhealthy fantasy life crave recognition and need to feel special.

Manipulative individuals – People that tend to get their own way by force of personality or persuasion. Social chameleons that change (in any situation) to a personality that bests serves their chance of getting what they want.

Emotionally unstable – Exaggerated mood swings, overreacts to small problems, complains about trivial items and minor complications. The sort of person who might really snap if a really big issue suddenly arose.

Again, don‘t look around your office and witch-hunt people that you think match these traits. But if an individual exhibits more than one, strongly enough that it's effecting their work or colleagues, perhaps, at that point, it is worth HR talking to them to see if they need a little help. Don‘t persecute, help those that need it. The loyalty you‘ll gain is priceless.

Leave a comment




Comments (0)

Latest News

  • Cyber Best Practice and the CNI

    The importance of information sharing to support the development of cyber security best practice across the critical national infrastructure. ...Read more

    23/10/2017

  • Measured Boot & Measured Execution for Device Health

    Using Measured Boot & Measured Execution with Remote Attestation to measure Device Health with Paradox OS ...Read more

    23/10/2017

  • Debate Security

    The first Debate Security briefing took place on 26th February 2019 in Canary Wharf in London, bringing together senior executives across multiple industries to spark a cyber-risk discussion that compared and contrasted approaches between government and the private sector. ...Read more

    23/10/2017