Red Flags Reimagined: A Former CIA Operations Officer on Today’s Insider Risk Challenge

Thumbnail Image

Files

LeTellier, Val- Red Flags Reimagined- A Former CIA Operations Officer on Today's insider Risk Challenge-PC.pdf (420.44 KB)

Authors

LeTellier, Val

Issue Date

2023

Type

Article

Language

en_US

Keywords

Research Projects

Organizational Units

Journal Issue

Alternative Title

Professional Commentary

Abstract

The last few years have been particularly challenging for insider risk professionals. Remote work creates new attack vectors and makes employee assessment harder. The ‘Great Resignation’ overburdened offboarding processes and fueled the ‘Great Exfiltration’ of intellectual property. COVID and political divisions are increasing employee stress, distraction, and disenfranchisement. Nation states and criminal groups are getting bolder at recruiting vulnerable employees to steal and ransom data. To borrow from the cybersecurity ‘CIA Triad’, the Confidentiality, Integrity, and Availability of our people, processes, and property are at risk. As reflected in the increasing number and costs of insider events, traditional countermeasures simply aren’t up to the task. Observable indicators are diminished by remote employees being ‘out of sight, out of mind’. Unfortunately, network monitoring solutions only go so far, are complicated by remote work, are cyber and log centric, are singularly focused on network anomalies and are generally reactive. To illustrate our challenge, mentally put yourself in the chair of the insider risk analyst at a large organization; each day begins fresh with the need to somehow identify a few potential bad actors from thousands of employees. But it gets better: you also need to identify potential negligent or accidental insider risk. Further, you also need to balance employee privacy, welfare, morale, organizational culture, and possibly even a trusted workforce and zero trust strategies. The stakes are high: the consequences of a single malicious insider act can ruin your day, your year, and your organization. It’s a high-wire act. And none of these challenges are going away.

Description

Citation

LeTellier, V. (2023).Red Flags Reimagined: A Former CIA Operations Officer on Today’s Insider Risk Challenge. Managing Insider Risk & Organizational Resilience (MIROR) Journal, 1(1), 31–39. West Point Press.

Publisher

West Point Press

License

Journal

Volume

Issue

URI

https://hdl.handle.net/20.500.14216/1752

PubMed ID

DOI

ISSN

2832-5427
2832-5419

EISSN

Collections

The MIROR Journal: Managing Insider Risk and Organizational Resilience-Summer 2023