Insider Threats - Part II

Chris Cassell, Technical Team

Category:

  • Security Blog

Who would do such dastardly things?

The unfortunate truth is, anyone.

We don‘t like to believe it, but no-one is perfect and we‘re all creatures made up of a whole lot of very complicated interrelated drives. While today you likely cannot possibly envision yourself doing any of the above, what would happen if your child had suddenly been diagnosed with cancer? The NHS doesn‘t have that latest treatment for it but the US does. It costs though, and your desperate.

It's a very extreme example and I hope no-one reading this ever has to face a situation like that; its purpose is to show you that no matter where someone is today, tomorrow could pull the rug out from beneath anyone's feet and pressure can be sudden, sharp and push people to make bad choices in the heat of the moment. We all hope to do the right thing, but not everyone does.

People like that, in a sudden snap, are very hard to spot but there are a whole host of other factors that can be an indicator of a higher risk. Please note that the presence of these factors cannot be taken as proof of wrong doing and some people can be a total **** and still be very loyal, productive members of staff (back to me again there). Statistically though these factors can play a part.

Possible risk factors;

Unable to make their own choices easily – Someone that requires excessive handholding, lacks their own internal sense of judgment and struggles to cope with the unexpected. They may be prone to external forces influencing them.

Unethical/Amoral – The person that's willing to lie to customers to get a deal? The person that lies about the state of a project to avoid blame? The one who topped the 'Most likely to be an axe murderer' survey that went around the office? They may just be a harmless psychopath and in some positions that's fine. They may also be more open to the offer of a better opportunity and do whatever is needed to achieve it.

Doesn‘t live in the real world – Know someone in the company that acts like James Bond because they were asked to shred some documents? Got asked to take part in a panel on security so they start talking about water-boarding people? People with an unhealthy fantasy life crave recognition and need to feel special.

Manipulative individuals – People that tend to get their own way by force of personality or persuasion. Social chameleons that change (in any situation) to a personality that bests serves their chance of getting what they want.

Emotionally unstable – Exaggerated mood swings, overreacts to small problems, complains about trivial items and minor complications. The sort of person who might really snap if a really big issue suddenly arose.

Again, don‘t look around your office and witch-hunt people that you think match these traits. But if an individual exhibits more than one, strongly enough that it's effecting their work or colleagues, perhaps, at that point, it is worth HR talking to them to see if they need a little help. Don‘t persecute, help those that need it. The loyalty you‘ll gain is priceless.

Leave a comment




Comments (0)

Latest News

  • ​Is there room for new MSSPs to enter the cyber security market?

    Summary of a recent debate at VSEC 18 discussing the MSSP market ...Read more

    23/10/2017

  • Device Identity Management

    Device identity management critical for secure digital transformation ...Read more

    23/10/2017

  • Securing the Security Operations Centre

    Blog exploring why the Security Operations Centre (SOC) itself must be protected adequately ...Read more

    23/10/2017