White on Black.png

Reducing Insider Risk

Human behaviours

 

Human behaviour, the way humans act and interact, is based on and influenced by several factors, such as genetic make-up, culture and individual values and attitudes. Human action denotes everything that can be observed, either with bare eyes or measured by physiological sensors, while cognitions describe the thoughts and mental images that people have. Cognitions comprise skills and knowledge – knowing how to use tools and perform procedures in a meaningful manner. Attached to both are emotions. Commonly, an emotion is any relatively brief conscious experience characterised by intense mental activity, and a feeling that is not characterised as resulting from either reasoning or knowledge.

Everything is connected

Actions, cognitions and emotions do not run independently of each other – their proper interaction enables you to perceive the world around you, listen to your inner wishes and respond appropriately to people in your surroundings. In addition to having basic and psychological needs met, having confidence in activities, feeling valued and respected by those around us will result in feelings of joy and emotional realisation. In such environments individuals are motivated and they display increased dedication and commitment to activities and causes. However, this can in some cases be reversed, with negative feelings resulting in sadness and potentially negative actions on the part of individuals. This can be detrimental in the workplace, resulting in the existence of a threat from insiders who have access to people, assets, premises and information which provide organisation with their competitive advantage.

Screenshot 2021-03-23 at 17.06.11.png
pexels-fauxels-3183150.jpg

Types of Insider

Infiltrators

 

Exploited Individuals

 

Malicious Actors

 

Inadvertent Offenders 

TRUSTiN Insider Risk Management

A TRUSTiN Insider Risk Management programme is based on seven core elements of effective personnel security processes

  • A. Governance and Leadership

  • B. Insider Risk Assessment

  • C. Pre-Employment Screening

  • D. Ongoing Personnel Security

  • E. Monitoring and Assessment of Employees

  • F. Investigation and Disciplinary Practices (Response)

  • G. Security Culture and Behaviour Change.

Asset 4.png

TRUSTiN

TRUSTiN is a role-risk based approach to managing insider risk. A mixture of pre-employment screening, background checks, leaving processes, proactive controls, user behaviour analysis and the ongoing monitoring of privileged accounts will minimise the risk of insider threats.

 

As these risks from within an organisation account for over 38% of breaches and are the most costly type of breaches, the return on investment for an insider risk management programme is clear. Such a system will:

  • Ensure that only authorised users are able to access powerful privileged accounts and sensitive assets

  • Prevent users from being able to gain unapproved elevated privileges

  • Establish strict accountability over the use of privileged accounts by tracking who accessed what accounts and assets, and what actions were taken

  • Improve forensic analysis and by generating a detailed, tamper-proof audit trail of all privileged account activity

  • Rapidly detect and be alerted on anomalous activity that could signal an inside attack in-progress

pexels-cottonbro-5483149.jpg
Insider Risk