Mission First, People Always: Three Ways to Elevate Your Insider Threat Program Using Protective Intelligence
Loading...
Authors
Matulka, Ryan.
Issue Date
2024
Type
Article
Language
en_US
Keywords
Alternative Title
Professional Commentary
Abstract
Mission first, people always. This statement, often used in the military,
encapsulates the tension between mission accomplishment and its
potential human costs. Likewise, reducing insider risk and mitigating
threats from organizational insiders can be a daunting task complicated
by tradeoffs. Some organizations attempt and struggle to establish effective
insider threat programs, challenged to not only obtain the buy-in of their people,
but also to achieve a modicum of effectiveness.
There are common reasons these programs may fail to launch or under-deliver:
misunderstanding, reactivity, and diffusion of effort. Threat and risk deterrence, detection,
and mitigation programs are frequently perceived as adversarial in nature or
overly invasive. “Big Brother” is watching me and wants to fire me. This is exacerbated
by euphemistic program names which may seed cynicism and erode trust. Often sold
as a “proactive” security, an audit of actual insider threat hub practices may reveal an
exclusive focus on reactive incident response. We are categorizing what has already happened. When the specialized capabilities of the insider threat team are directed towards more common security matters lacking a clear insider nexus, it will likely reduce effectiveness in their primary domain. Organizations reduce bias in results, tunnel vision, and undesirable outcomes by effectively employing all assets in their intended manner.
Description
Citation
Matulka, Ryan. (2024). Mission First, People Always: Three Ways to Elevate Your Insider Threat Program Using Protective Intelligence. Managing Insider Risk & Organizational Resilience (MIROR) Journal, 2(1), 16-28. West Point Press.
Publisher
West Point Press
License
Journal
Volume
Issue
PubMed ID
DOI
ISSN
2832-5427
2832-5419
2832-5419