Dr. Shaw’s critical pathway to becoming an insider risk illuminates the behavioral and event-based journey the individuals take prior to acting out in a way defined as an insider threat action. When following the pathway, the first milestone is professional and personal stressors. These all too often go overlooked or undetected but should be the first opportunity an organization can take to mitigate potential insider threat acts. Prior to an attack, Dr. Shaw highlights “maladaptive organizational response” as the final opportunity for action. It begs the question: what is a maladaptive organizational response and how do insider risk programs get it right or wrong? Failure to act, acting too quickly, implementing strict guidelines, and not implementing enough guidelines are all examples of maladaptive organizational responses that could hinder proper mitigation of insider threats. Terminating an employee facing financial stressors could be a catalyst for an attack in the worst case.

It can also be a signal to the rest of the workforce on the organization culture. Isolating an employee with declining mental health or depression could lead to harm to self-incidents. While the safety of the workforce is paramount, insider risk programs must balance creativity with meaningful enforcement to ensure success. As we explore 2024’s theme for National Insider Threat Awareness Month (NITAM), Detect, Deter, Mitigate, we will face the toughest element of the theme: after detecting an insider risk or deterring one, how do we mitigate the threat to the agency?

For Insider Threat, mitigations are actions an organization can take to reduce risk to the organization.  These actions to be effective need to be informed by the risk you are seeking to mitigate. Simply, your mitigation should be focused on the risk surface.  For insider threats we focus on the people, the employees, contractors and supply chain that all can introduce physical, cyber or other destructive behaviors into the work environment.

Significant research has been done to identify leading people risk signals. Dr Shaw codifies how these risk signals if left undetected, uncorrelated or actioned can build to a point where an individual does act out and tragically can cause harm to self, others and or the organization.  

Insider risk professionals understand that early discovery of risk signals enables sooner mitigation opportunities. To support this organization must link mitigation to deter and detection strategies.  Simply mitigation should not be seen as the end, but part of a continuous process.

But- there is a risk to the organization if mitigation is not nested within their policy, HR, legal and privacy guidelines. Mitigation, if not linked to the risk being solved for, can become an accelerant to negative actions.

View On Demand:

Zoom for Government enables ATARC remote collaboration opportunities through its cloud platform for video and audio conferencing, chats and webinars across all devices. Allowing for individuals from all areas of government, industry and academia to communicate directly. 

*** ATARC is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org. Program Level: Overview, no prerequisites required. Advance preparation: none. Delivery Method: Group Internet Based. Field of Study: Information Technology. Registration #140762. In accordance with the standards of the National Registry of CPE Sponsors, CPE credits have been granted based on a 50-minute hour. Refund, cancellation and complaint resolution policy.