Building a Robust Insider Threat Mitigation Program
Organizations continue to face a variety of insider threats, as demonstrated by a string of high profile cases where employees in pursuit of validation or affirmation have used their knowledge and access to physical and/or information systems to cause significant damage. These cases highlight vulnerabilities and underscore a historical perception that insider threat mitigation is predominately a cyber-security challenge, and categorized as a strictly information technology responsibility.
This approach will leave the organization vulnerable to existing and emerging insider threats. Deloitte takes a fundamentally different view that insider threats are more effectively addressed as part of a holistic and risk-based program with broad participation required (e.g., legal, information assurance, human resources, physical security, information technology, etc.) and sponsorship by executive leadership.
Deloitte has developed a top ten list for leaders to consider as they design, build and implement a formal insider threat mitigation program. At a time when accountability is a primary leadership responsibility, an insider threat mitigation program can bolster deterrence and provide an early detection, prevention and response mechanism assuring the business, protecting employees, and safeguarding critical data, systems and facilities. This guidance was informed by the development of insider threat programs across a diverse range of organizations in the commercial and public sector.
As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.