We spoke with former Counter-Spy and Author John W. David about his experiences with cold war espionage and applying it to counter the insider threat. John has written two books, Rainy Street Stories and Around the Corner. Both are essays of his experiences with the cold war, terrorism, and espionage.
John offers several anecdotes and shares past experience of how he has recognized spies and those who would recruit insiders. He weaves relevant stories in the podcasts that are still applicable to a successful insider threat program. Listen to the podcast to hear two of many major points on running Insider Threat Programs.
Here are two points to get started:
1. Develop a culture of security by walking around.
Security managers should get away from their desks and meet the employees that can work as risk management and security force multipliers. The employees should be comfortable with the office staff and understand what expectations are. One of the primary results of a good insider threat program is ability to report credible information. Employees will feel most comfortable report information to someone they trust and who has their best interest in mind.
2. Provide insider threat training.
A trained employee base is a force multiplier. When employees are trained to recognize suspicious behavior and what to do about the observation, the entire team wins. John provides glaring examples of insider threat indicators that were ignored, leading to years of successful espionage. Training on the insider threat and teaching employees how to apply that training are key to success.
In summary, John points out that the security manager should be approachable to allow for reporting of any kind. Where an employee feels comfortable with reporting suspicious activities, the odds of actually reporting increase. The other factor is understanding what to report. A well informed and cooperative workforce can lead to an effective insider threat program.
For more information, visit www.redbikepublishing.com
Jeffrey W. Bennett, ISP is the owner of Red Bike Publishing Red Bike Publishing . He regularly consults, presents security training, and recommends export compliance and intellectual property protection countermeasures. He is an accomplished writer of non-fiction books, novels and periodicals. Jeff is an expert in security and has written many security books including: "Insider's Guide to Security Clearances" and "DoD Security Clearances and Contracts Guidebook", "ISP Certification-The Industrial Security Professional Exam Manual", and NISPOM/FSO Training".
Post a Comment