LOOKING THROUGH THE EYES OF A CRIMINAL

Understanding the risk that criminal insiders bring to the organization, is vital to protecting the business from organized crime.

You may say “No * Sherlock” to what I am about to say next, but I am going to say it anyway!

CRIMINALS NEED INFORMATION TO COMMIT THEIR CRIMES!

And the quickest and most accurate way to obtain the information they need, is directly from someone, working for the organization they have identified as their next or future target.

But what we often fail to consider, is the possibility that one of our own might be colluding with the criminals and providing them with critical security information needed for them to successfully commit their crime.

About now you are thinking – thanks for that Captain obvious - but how do we protect ourselves from the insider threat!

The answer to your question is, it is both simple and difficult. Yes, you read it right – it is a contradiction - it is nothing more than continuous positioning and adjustment.

You need to look at your security posture through the eyes of a criminal (threat-based scenario) and implement your security plan in anticipation of the criminal’s potential sequence of maneuvers and tactics - who in turn - are adjusting their method of operation based on the information received from the insider regarding your security program protocols and/or improvements.

The only reason criminals approach your employee(s) in the first place, is to better understand your security processes to identify where you are vulnerable and understand how to overcome your security controls - which they will exploit. * Where there is one there is sometimes more.

When we use the term Modus Operandi – we are referring to the method of operation the criminals have deployed based on their perceived or your actual protection system vulnerabilities and their (the criminals) skills and capabilities to overcome the controls you have in place.

The old adage comes to mind - forewarned is forearmed. What I am saying is that if you factor in the possibility of insider co-operation with criminals, and you evaluate your security plan through the eyes of a criminal - you can foresee when and how they might strike.

This means you can adjust your security controls to counter their MO and if not outright prevent an “unknown planned criminal attack” at a minimum, force the criminals back to the drawing board to fight another day - when the odds are stacked in your favor.

A preventative measure, such as a criminal background check, might prevent employing a criminal, but not all criminals have a criminal record and not all potential criminals are yet criminals.?

So, what now? How do you neutralize such a threat, my experience is that if you are lacking in the following areas of your security management program, you will not stop the insider threat, in fact what will happen is that more individuals within your organization with a criminal tendency will follow suit.

Here is my list,

1.???Poor threat-based risk assessments, and not understanding criminal Modus Operandi.

2.???Poorly documented procedures or no procedures in place at all.

3.???Inadequate incident investigation – with the intention of criminal prosecution.

4.???Post incident risk assessment and not understanding security process failures.

Other strategy’s

1.???Whistleblowers hotline

2.???Undercover operations

3.???Project Investigations & Incident Analysis

Remember the process is iterative and every small action/win is a victory!

Do not let the bad guys win!?