Do You Have an Insider Threat? 

By Laura Garrett

The two men walked casually down the darkened hallway of mahogany row. They’d let themselves in a door that was supposed to be locked and no one knew they were there. Pausing at the door to Human Resources, they tested the knob and found that it was unlocked. Strolling inside they took at look at the confidential files that were strewn across desks and the filing cabinets full of protected information. They snapped a few pics before exploring the remainder of the hall, finding a similar lack of security at both the VP for Strategy’s office and, shudder, Legal. 

What happened with the data they observed? Information leaks? Corporate espionage? Lawsuits? 

No, none of those things. Because the men in question were members of SafeHaven Security Group, conducting a “white hat” penetration test at the behest of a client. 

What they learned help the client avoid all the bad things that might have occurred.  

INSIDER THREATS – WHAT HR MANAGERS SHOULD KNOW

Theft of intellectual property and proprietary information is ever increasing and incidents of employees taking proprietary information continues to rise as well. A lack of employee loyalty and longevity should give every HR manager cause for concern. It is becoming commonplace for employees to take proprietary information from their employer in order to be competitive in their job field or to obtain a new job with a competing company.  

The intent of business competitors, foreign business adversaries and foreign governments to obtain proprietary information by gaining access to internal information and methods will remain constant.  More focus is spent on cyber intrusions and hacking, but one must not overlook the threat of losing valuable information from the recruitment of current employees or employees leaving the company. Mitigation of both external and internal threats is essential to the future of your business success.

WHY IT IS A RISK

Stolen intellectual property and trade secrets leads to lost revenues, lost employment, damaged reputation, health and safety concerns from counterfeit products, lost investments in research and development, interruptions in production and supply chains, and can lead to profit losses and a decrease in economic advantage. 

Small businesses, large corporations and even individuals are victims of illegal acquisitions of information. Every day new reports of corporate espionage and theft of information are in the news.

INSIDER THREAT INFORMATION

What is an Insider Threat? Simply a person with authorized access to information, facilities, technology, or personnel who uses their position and access with the intention of providing information, technology, or access to unauthorized personnel OR maliciously manipulates or causes damage or harm to an organization, its information, facilities, technology, or persons.

TEN SIGNS YOUR COMPANY MAY HAVE AN INSIDER THREAT

  1. Employees working irregular hours that decrease scrutiny.
  2. Employees downloading large amounts of data.
  3. Employees requesting additional access.
  4. Employees asking questions outside scope of position, especially prior to leaving employment. 
  5. Disgruntled employees.
  6. Recent hires from a competing company.
  7. Unsolicited requests for tours and information.
  8. Theft or unauthorized photography of products at trade shows.
  9. Social Media targeting of employees.
  10. Irregular activity on servers, increased spam.

RECENT CASE EXAMPLES

2023 – New York man sentenced to 24 months in prison for conspiring to steal General Electric (GE) trade secrets, knowing or intending to benefit the People’s Republic of China. 

2022 – Former Twitter Employee sentenced to 42 months in prison for participating in a fraudulent scheme to access, monitor and convey user information to Saudi Royal Family and the Kingdom of Saudi Arabia.

2009 – Ten executives and managers from Starwood left for employment with a competitor, Hilton. The former employees downloaded confidential information about Starwood’s luxury brand ideas before leaving. In 2010, they reached a settlement that required Hilton to make payments to Starwood and refrain from developing a competing luxury hotel brand until 2013. 

WHAT HR CAN DO

In many companies, absolutely no one is paying attention to this problem. Even though IT may be skilled at preventing cyber-threats, it’s unlikely they’ve taken steps to prevent insider threats.

Since this dilemma involves actual humans stealing your actual resources, it may well be up to you to get this threat on someone’s radar!

Now is the best time to reevaluate your security and examine your information security posture. 

Resources spent proactively protecting your assets are the wisest investment. 

Elements to an effective Insider Threat program and effective detection are: 

  1. Personnel Security – Hiring, reinvestigations and vetting.
  2. Information Security – Communications, regular audits, and firewalls.
  3. Awareness – Reporting suspicious activity and behaviors, recognizing potential issues, increased accountability, and training.

Every company is unique and identifying what needs to be protected, and how, can be addressed with a program as distinctive as you are. 

SafeHaven Security Group wants to partner with you in analyzing your individual situation, assessing proactive protocols, and keeping your company’s information safe for a secure, productive future.   

After you become a victim, it too late. Start an Insider Threat Program today!

Laura Garrett, Special Agent, FBI, (ret)
Safehaven Security Group
[email protected]
www.safehavensecuritygroup.com