Insider Threats: What Are They?
Insider threats pose a danger to every business, regardless of size or industry. Threats can be physical, financial, or reputational in nature, but the end goal is always the same: cause harm to the business. Human Resources (HR) professionals are essential in mitigating and deterring these threats. The Cybersecurity and Infrastructure Security Agency (CISA) recently published a letter outlining the role HR plays in combatting insider threats.
As a central repository for personnel information, HR professionals are likely to identify patterns, behavior, and trends that will help mitigate potential harm to an organization and its employees.
An insider threat may be a current or former employee, business partner, or contractor who intentionally or unintentionally attacks an organization and its’ personnel using either physical or cyber-based methods.
An insider threat could be physical violence aimed at personnel or property of the business. The divulging of proprietary knowledge is also an insider threat, especially when the business has trade secrets or other confidential information that gives them a competitive advantage. Insider threats can be the deliberate sabotage of any part of the business: physical assets, personnel, or anything “that impacts an organization’s ability to function through subversion, obstruction, disruption, or destruction.” An extremely prevalent (but not often considered) insider threat comes from cyber security weaknesses; data leaks are a prime example of an insider threat that exposes personal information, while other breaches of cyber security could disclose how an organization’s information technology infrastructure is set up.
Instances of Insider Threats
Taken from CISA’s Human Resources’ Role in Preventing Insider Threats (sourced at the end of this article):
In February 2019, an employee at an Illinois-based factory opened fire on his co-workers after his notice of termination, killing five co-workers, and wounding another employee and five law enforcement officers. The incident, deemed workplace violence by investigators, also found that the perpetrator had a history of domestic assault, which was not revealed by the initial employment screening.
In June 2018, a lawsuit brought by a major automaker accused a former employee of sabotaging manufacturing operations by stealing trade-secret information that was sent to an unnamed third party and making false statements intended to harm the company. Prior to the alleged actions, the company moved the employee to a different position due to performance issues and combative behavior toward colleagues. This event caused a major disruption to the company’s operations, finances, and reputation.
In April 2017, a major healthcare insurance coordination service learned that a third-party employee was stealing and misusing thousands of members’ personal sensitive health data, including Social Security information, for more than a year. This incident followed a previous breach that cost the company millions of dollars.