For the third time in six years, an employee with access to highly classified information has been arrested and accused of stealing that information and endangering national security.
Just as the Intelligence Community (IC) reeled in 2010 after PFC Manning’s transmission of hundreds of thousands of classified reports to WikiLeaks, and again in 2013 when Edward Snowden stole and leaked thousands of classified documents, an insider has yet again exploited their access to highly sensitive and classified information causing the Intelligence Community and the government contracting organizations to look inward. A few months ago, Harold Thomas Martin was arrested and charged with stealing classified information.
Martin, a former Booz Allen government contractor to the National Security Agency, was found with approximately 50,000 gigabytes of classified material some of which he should not have had access to, according to a criminal filing made by federal prosecutors.
As a security and intelligence professional, I consider insider threats just as dangerous as those posed by the external hacker.
National Secrets, Trade Secrets or Corporate Transactions
A growing body of data and recent studies indicate that this dangerous threat is not isolated to matters of national security. Whether your company or agency mission requires access to national secrets, protection of trade secrets or ensuring the privacy and integrity of corporate transactions, it depends on the security of that information.
But, while many organizations have implemented technology safeguards to mitigate the risks of cybercrime, few have adequately countered the risks associated with personnel – especially those “on the inside.” The consequences of such a threat can be significant as demonstrated by the four percent drop in share value that Booz Allen suffered the day the government announced that Martin had been arrested. More broadly, U.S. companies and organizations suffered $40 billion in losses from unauthorized use of computers by employees in 2014.
3 Types of Insider Threats
Does your company’s employee roster consist of Snowdens, Mannings or Martins in the making? Maybe not, but insider threats can take a variety of forms which should be considered in assessing your company’s vulnerability to an insider threat and determining the best course of action for countering this threat. These include:
- Malicious Actors
- Exploited Actors
- Negligent Actors
5 Steps to Managing Your Risks Related to Insider Threats
To mitigate and prevent the risk posed by an insider threat:
- Know your strengths and weaknesses
- Assess the risk and threat
- Determine your vulnerability
- Develop a plan of action to prevent, mitigate, respond and recover
- Conduct appropriate due diligence investigations
It’s vital that you understand the risks insiders pose and the consequences they can have on your company and your assets. Here at Hillard Heintze, our experienced intelligence, investigative and security professionals may not assess the threats posed to the Intelligence Community – though many of us have in earlier phases of our careers – but we work every day to assess the threats to our clients and companies like them.
In February, my colleague Matthew Doherty has been asked to speak on a related topic – the threat posed by radicalized individuals – at the RSA 2017 Conference. Stay tuned for more on this topic.