Components of Effective Insider Threat Training

Harmful acts by trusted employees, including both malicious acts involving theft of information, sabotage, or workplace violence and unintentional breaches, can dramatically affect an organization’s finances, reputation, and workplace culture. Many large organizations have extensive technical surveillance programs in place to identify malicious insiders by scrutinizing their workplace computer network usage, data downloads, and email habits. But savvy actors can get around such technical hurdles, and many technical monitoring programs are useful principally as forensic tools to investigate a breach that has already occurred. The most effective sentinel to guard against insider threats is an informed and motivated co-worker who is: aware of the damage insiders can cause, trained to recognize the indicators of aberrant behavior, taught to identify characteristics of external social engineering techniques that lead to unintentional breaches, cognizant of how to share concerns with an established reporting chain, and motivated to protect the organization. An established and reinforced education and awareness program that addresses insider threats and encourages the positive benefits of a reporting culture is the most effective defense against insider threats.