It is an irony in organizational security: Although so much capital is invested in the protection of the organizational assets against external threats, some of the largest compromises have occurred as a result of insider threats, sometimes resulting in irrecoverable damage, reputation risk, and liability. This type of threat is more important for organizations that are part of the critical infrastructure and industries where intellectual property and the protection of sensitive information are critical elements for their operations.
Employees in security-focused environments learn to treat outsiders with suspicion and to maintain trust boundaries. However, it is often the case that once an “outsider” enters the payroll of an organization they are given a "carte blanche" in terms of trust and disclosure of information. They are now treated as the "insiders" that they are- members of the same tribe, fighting and working towards the same goals and using their skills to benefit their organization. Employees do not always realize that some “colleagues” consider the exploitation of organizational weaknesses a high-reward activity that serves their personal interests better than loyalty to the employer.

This presentation aims to shed light on the challenging topic of insider threats. It will discuss the motives that lead employees to unauthorized disclosure of sensitive information, process corruption, electronic sabotage, and/or the facilitation of third-party access to organizational assets. Research has repeatedly found a clear link between insider activity taking place and exploitable weaknesses in an organization’s security and management processes. Therefore, this talk will go on discussing the organizational factors enabling insider threat operations as well as countermeasures against them, by combining the lessons learned on insider activity prevention from the fields of counterintelligence, psychology, and cyber-security.