A Person-Centric Approach to Insider Threat
The Journey Overview – Part A
Unearth was not ABC Corp’s (fictitious name) first choice to take on this task. In fact, we weren’t even on their radar when they initiated the first attempt of a similar project. Instead, we were introduced to ABC Corp as they were midway through their original project. They had become aware of our unique approach to insider threat and were intrigued by our offerings and philosophy. As they were learning about our approach, they were suffering from the disappointment of an overpromised and underdelivered service from another organisation. This is when they decided to come to Unearth for our help.
Because of the unsatisfactory performance of the prior organisation, ABC Corp found themselves scrambling to unite key stakeholders behind a way forward while fighting complex internal challenges. There was much debate over how they should move forward after the frustration of their previous relationship. Additional challenges came from their technology partners who seemed to think they had all the answers for insider threat. Some of the vendors believed that their product suites, even those not specific to insider threat, could solve all of ABC Corp’s problems. This just added to the amount of noise and misinformation.
While many of these products were marketed around insider threat, none of them took the person-centric approach that Unearth emphasises. That is, the continuous evaluation of risk that might be associated to any given individual. Instead, many technologies focused on events, merely notifying the company after an incident or breach occurred. In essence, this was a reactive approach that ran contradictory to the preventative measures that ABC Corp was seeking.
Unearth introduced ABC Corp to a patented risk rating tool that enables entities to identify, evaluate, and prioritise an organisation’s risk of malicious employee behaviour. This tool provides predictive and actionable insights that can help to greatly reduce risk before malicious behaviours take place.
Unearth strives to create a safe environment that allows organisations to get deeper insights technology capabilities. We also want to provide access to subject matter expertise in order to support specific requirements put forth by each of our customers.
Unearth has standard ground rules for engagement with any customer. We felt it was especially important in this case due to ABC Corp’s prior experience. Some of these ground rules included:
- ABC Corp must conduct its due diligence all the way through the process. It was critical to ensure that Unearths approach and technology capability options were right for ABC Corp. We encouraged ABC Corp to explore any and all opportunities in the market, lest they find that there is a better option for their business model. Even with the strength of our approach and specialised capabilities Unearth offer, we appreciate and respect that Unearth may not always be the right fit. We always advise potential customers to choose what is best for them. Based on our engagement we felt we had the best option for ABC Corp and they agreed, it was a good alignment for this project.
- Open dialogue and transparency were key throughout the entire project, and that went both ways. There were no ‘silly questions,’ – any inquiries were encouraged to allow us to provide clarity and insight. If there were any problems or potential issues, they were to be brought up, even if they weren’t comfortable. Skepticism was encouraged and often embraced. As the same time BS tactics or argument for the simple sake of argument were discouraged, as that leads the risk of ill-informed decisions and strained relationships.
- Collaboration is essential, and not for the sake of creating a warm, friendly feeling among stakeholders. The goal was to provide the best outcome for ABC Corp – to “win with” them, and that required collaboration between Unearth team members and ABC stakeholders. It was our responsibility to support ABC Corp by providing access to skills, knowledge, expertise, and tools that they did not have.
- Responsibility and Accountability were fundamental on both sides. This goes back to the “win with” philosophy. All business units must participate as a team and deliver on their contributions in order to win together. Any setbacks or disagreements were to be made visible early on to avoid further problems down the line.
ABC Corp held up their end of the deal and conducted their due diligence, noting that their currently capabilities did not continuously and actively monitor the activities of their employees and third party contractors. This led to numerous occasions where malicious or negligent behaviors were not detected until after they occurred. This would often lead to an investigation, which is the reactive approach that Unearth strives to avoid.
Unearth’s main goal was to support ABC Corp’s efforts to build a proactive Insider Threat program and to shed the reactive methodology that harmed them in the past. To do this, we needed to take a staged approach. We needed to have clear deliverables along the way so that we could demonstrate our value to ABC Corp in a short period of time.
If you would like to understand the stages that were taken, see Part B of their journey.