Page 25 - the SyI Quarterly 13 - (V4)
P. 25
Our Membership
What were the concerns, and what did the
research say?
Organisational Resilience - An anonymous online questionnaire was
developed to assess the perception of insider
Insider Risk. risk amongst security industry specialists who
were all members of an acclaimed security
institute with a stringent membership criterion
and a professional code of conduct.
- By Keith Johnson MSyl The participants who volunteered to complete
the questionnaire had no prior knowledge of
the assessment questions, nor were they aware
Description of insider risk of any analysis of their responses. The author
Insider risk is posed by individual(s) with access
or knowledge used to damage, deprive, diminish, also developed and conducted semi-structured
primary research interviews with recognised
injure or interrupt organisations, including their and professionally respected security industry
employees, stakeholders, assets, materials, critical experts who shall also remain anonymous.
processes, information systems, intellectual
property, brand and reputation.
An interesting opinion highlighted in response to
the questionnaire was that it was perceived that
A common element of insider risks (or insider an accidental or unintentional incident caused by
attacks) is that the perpetrator(s) has or has an onboarded employee was more of a concern
formerly had a trusted position and obtained than an external player seeking to commit a
privileged access to potentially sensitive
information or essential equipment that is then hostile insider attack.
exploited with the intent to harm the facility, the The author believes three main themes, activities,
organisation, its operations or the environment.
and challenges are associated with addressing
insider risk.
Insider incidents have been trending upwards
during recent years, influenced by the growing The three themes are.
contractor and outsourced economies, remote
and hybrid workforces, and employees with • The first theme consists of identifying
access to cloud-based applications lacking patterns and trends of insider crimes.
sufficient security precautions. Each element
provides an opportunity for both accidental and • The second theme is the methods and
motives used for insider activities.
malicious insider security breaches.
• The third theme is the organisational
response and resilience against insider risks.
What was intended to be achieved?
The perpetual occurrence of insider incidents
in both the public and private sectors led the The three primary types of insider activity are
author to develop a research questionnaire • The theft of information or assets for
and undertake semi-structured interviews personal advantage or personal financial
to investigate how conventional insider risk gain.
mitigations are applied and how effective they are
perceived to be. The author also explored how • The second activity is the theft of assets and
modification of information for commercial or
the detection of insider threats can be actively state advantage.
recognised or predicted, with the research aim to • Thirdly, the sabotage of assets or destruction
suggest enhancements to existing insider threat of information, including damage and
mitigation strategies.
destruction of either physical or virtual
systems.
24 25
