• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Business Intangible Asset Blog, Michael D. Moberly

Business Intangible Asset Blog where attention span, business realities, and solutions converge.

  • About Mr. Moberly
  • Intangible Assets
  • Business Services
    • Business Training Curriculum
    • Professional Service Firm Marketing
    • Media Appearances
  • Shop
    • Cart
  • Blog
  • Contact Mr. Moberly

Insider Risks-Threats: Their Proclivity, Propensity, Receptivity Can Change From Date Of Hire…

November 13, 2008 Leave a Comment

Michael D. Moberly  – November 13, 2008

The findings of several quality studies, most notably those produced by PERSEREC and Carnegie-Mellon’s CERT, convey significant challenges stemming from ‘insiders’ relative to the threats-risks they pose to proprietary information, trade secrets, IP, and know how.  Those studies provide us with important insights and perspectives regarding the who, what, how, and even possibly how (information) losses/compromises were detected. 

By all accounts, the challenges of safeguarding valuable/sensitive information assets in globally operating companies and the losses attributed to insiders, is on the rise.  The precise number of (insider theft-compromise of information asset) incidents companies’ experience, the dollar amount of those losses, and/or the end-use beneficiaries of the stolen-compromised assets is often blurred or incomplete because, among other things, (a.) evidence is largely anecdotal and/or company specific, (b.) victim companies are frequently predisposed to assume the culprit is foreign national or economic-defense adversary, (c.)instructive evidentiary-investigatory elements of the incident(s) become classified, and/or (d.) facts about an incident are considered reputationally proprietary by the victim company.

Carnegie-Mellon University’s CERT research unit identified the following attributes of an insider, albeit with respect to a study regarding ‘IT sabotage’:

1. Access – an insider can target a company from behind it’s perimeter defenses and not cause suspicion…

2. Knowledge, trust, familiarity – of both the IT system and the target and permits insiders’ to perform discovery without arousing suspicion…

3. Privileges – an insider can readily obtain the necessary privileges necessary to conduct an attack…

4. Skills – insiders can mount an attack and can work within the target’s domain expertise…

5. Risk – insiders tend to be very risk averse in preparing for and conducting the attack…

6. Method – insiders are likely to work alone, but may recruit and/or co-op a trusted colleague for facilitation and/or enabling purposes…

7. Tactics – may include either (a.) plant, hit, and run, (b.) attack and eventually run, (c.) attack until caught, and/or (d.) espionage…

8.  Motivation – an insider may engage in an act for (a.) profit, (b.) getting paid to disrupt the target, (c.) provoke change in the company/target, (d.) blackmail, (e.) subvert the mission of the target, (f.) personal motive, or (g.) revenge…\

9. Predictable Processes – the motivation for an attack by an insider can evolve from (a.) a particular event, (b.) sense of discontent, (c.) being ‘planted’ to conduct the attack, (d.) adversary identifies a target and mission that meets their (or, another parties’) needs…

From these nine attributes of insiders who engage in ‘IT sabotage’ three important questions arise:

First – with respect to the attributes, can they be extrapolated – are they applicable to the risks/threats presented by insiders to a company’s information assets, in addition to IT system sabotage?

Second – if so, can these attributes (relevant to ‘insiders’) be consistently identified and assessed (legally) using existing pre-employment screening tools?

Third – if the above attributes are not found to be present (in an applicant) at the time of hire, should companies, given the enormous stakes, invest in post-hire (periodic honesty, integrity, attitudinal) screening of employees to detect the acquisition/presence of certain proclivities, propensities, and/or an overall receptivity to engage in adverse acts or policy violations affecting the security (control, use, ownership, and value) of their employer’s information assets, e.g., theft, infringment, compromise, etc.?

 

Related Posts

  • Pre-Employment Screening: An Insider’s Propensity - Receptivity Can Change After Date Of Hire

    Pre-employment screening, an insiders propensity to steal trade secrets can change after date of hire.

  • Insider Theft Of IP And Intangible Assets

    Insider theft of company IP and proprietary know how and other intangible assets will rise…

  • Insider Threats - Risks To Information Assets: The 20-60-20 Rule

    20% of the people we work with, when their seemingly thin social-psychological veneer is grazed…

Categories: Safeguarding Intangible Assets & IP Tags: Add new tag, By all accounts, Carnegie-Mellon University CERT research unit identifie, insider theft of information assets in on the rise., Predisposition to assume theft of proprietary informati, propensity, receptivity to insider theft extends beyond point of hi, The proclificty

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Blog Posts Archive

Blog Categories

  • Business Reputation Risk & Mitigation
  • Global Intangibles
  • Intangible Assets & Business
  • Intangible Valuation & Monetization
  • Safeguarding Intangible Assets & IP
  • Uncategorized
  • LinkedIn

Copyright ©2022 · KPSTRAT

Copyright © 2022 · Genesis Sample on Genesis Framework · WordPress · Log in