Defence Business November 2023
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>November</strong> <strong>2023</strong> <strong>Defence</strong> <strong>Business</strong> INSIDER THREAT 23<br />
2. Establish multi-disciplinary governance<br />
• break down data silos, build collective understanding of security objectives and<br />
enable information sharing.<br />
3. Introduce an in-house workforce security risk-based screening<br />
• determine the level of screening to be proportional to the level of risk posed by<br />
that role to organisational objectives, processes, and business impact.<br />
4. Develop an ITP foundation<br />
• establish and clearly communicate personnel security policies, procedures,<br />
education, and training.<br />
5. Enable access and technical controls<br />
• link existing physical and IT security access and technical controls.<br />
6. Empower robust virtual and non-virtual behavioural monitoring<br />
• roll out reporting mechanism for employees to express their concerns to<br />
prompt an investigation capability.<br />
7. Data analysis and reporting using advanced open-source intelligence<br />
capabilities<br />
• advanced analytics tools provide automated analysis and reporting based on a<br />
risk algorithm that aligns with a risk tolerance of an organisation.<br />
Our approach to an ITP will also equip your organisation to:<br />
• bolster wellbeing, employee performance, staff retention and workforce diversity<br />
• establish an adequate organisational response to incidents thus mitigating the<br />
insider threat<br />
• enhance loyalty and organisation’s security culture.<br />
• People. Your greatest assets, sometimes your greatest risk. Adopting a costeffective<br />
method of mitigating insider threat will open new sources of talent and<br />
enable you to attract and retain the precious human capital needed to deliver<br />
critical national security outcomes.<br />
Authors: Tim Slattery is a Senior Director, Enterprise Protective Security, at Providence<br />
Consulting Group with 35 years’ experience of the national security and intelligence<br />
communities.<br />
Marina Maydanov is the Critical Infrastructure Security Practice Lead at Providences<br />
Consulting Group with extensive experience in the national security, infrastructure, and<br />
transport sectors.<br />
Leaders in<br />
systems thinking<br />
Your partner on<br />
complex projects and<br />
critical systems<br />
Digital Engineering<br />
Model Based Systems Engineering<br />
Modelling Simulation & Analysis<br />
Artificial Intelligence<br />
shoalgroup.com