CONSIDERATIONS FOR AN EFFECTIVE CORPORATE INSIDER THREAT PROGRAMME

Recent excitement arising out of the hopes and fears surrounding the emergence of generative artificial intelligence (GenAI) platforms seems to have seized the attention of most professionals engaged in private or corporate security circles. While we pontificate and wallow in our worry on that subject, it is important to remember we have enough trouble today without worrying about tomorrow and anyone working in the emerging technologies sectors would do well to focus on system security against cyber attack and on insider threat today. While infinitely dynamic, cyber security is increasingly established, and the sector focus is formal and advanced. In contrast, many private organisations are just becoming aware of the existence of and risk from the insider.

Insider threat is a matter of inconvenient truth. No one wants to believe that within their organisation there are those with sinister behaviours, much less sinister intent. Insiders are motivated by different reasons. The truth is, right now virtually every organisation is exposed to people who are mining corporate systems and sending or exfiltrating confidential business information. Insider threat is a present, persistent and ever-increasing challenge deserving of our full attention and mitigation.

This article seeks to bring some basic understanding of what an insider threat is to those unfamiliar with the risk and to outline, in basic terms, some key considerations for any security professional tasked with the protection of corporate assets, people and intellectual property (IP), especially those who labour under the burden of reporting truth to executives with little interest in recognising the threat in the absence of clear and convincing, specific evidence of an actual example.

Oct-Dec 2023 Issue

Bayer US LLC