Studies of insider threats have shown that most were known to have committed some form of concerning or problematic behavior before acting directly against their organization. These actions included violations of policy and standard procedure, professional conduct, rules, regulations, or law through actions that had been observed by managers, supervisors and coworkers.
Although the national security community has moved to an approach called continuous evaluation, such data-intensive monitoring isn’t always the most effective way to detect a person who is heading down the path of criminal conduct. An engaged workforce, on the other hand, can observe, assess and report concerning behaviors that could prevent an insider from doing significant damage to an enterprise’s intellectual property, reputation and market competitiveness.
Prevention Podcast Host Dan Verton, a former intelligence officer, has written extensively about the insider threat. In this episode of the Prevention Podcast, he analyzes how the topic was treated at this year’s RIMS Conference in Boston, hosted by the Risk Management Society.