Government agencies and the defense industrial base are constantly up against insider threats. But with a comprehensive insider threat program, there are ways you can protect your organization, employees and contractors — as discussed in our recent Insider Threat Insight Guide.
Malicious insider threat poses the largest risk
In 2019, employee negligence accounted for the majority of insider threat events. And yet, malicious insider threat events — whose average cost per incident is 40% higher — accounted for 60% of the total average cost for the year. It’s clear that protecting your organization from these threats is vital to keeping your reputation and financial health intact.
Financial security is a crucial risk factor for insider threat
While predicting malicious insider threat is indeed very difficult, recent research applying a critical path method to such incidents identified four key risk factors that precipitate a hostile insider risk act. One of these factors, ‘stressors,’ include personal, professional and financial.
When we looked at financial stressors for a population of US Armed Services employees using our CreditVision® Financial Security Score, we found about 23% of employees were at high risk of financial distress.
External information holds the key to identifying malicious insider threat
A comprehensive insider threat program focuses on internal and external processes and behaviors. And while internal controls and procedures can help deter negligent insider threats, only external data can highlight financial stressors, risky behaviors and suspect associations which predispose malicious insider threats.
Insider threat evaluation is an ongoing process
Agencies have gotten much better at using external data when vetting potential employees and security clearance applications, but more should be employing continuous evaluation (CE) to monitor for insider threat risk.
Utilizing CE allows organizations to leverage new trended credit data sources that uncover the reason behind a credit report adverse action trigger. It also provides risk triggers based on suspect associations online.
Get the full insider threat picture
Now’s the time to evaluate your insider threat program and determine how to shore up your processes to protect against insider threats. Download the insight guide or find more resources to help you detect insider threats.