This is What the FBI Looks for in Identifying an ‘Insider Threat’ – One Click Smile

This is What the FBI Looks for in Identifying an ‘Insider Threat’

We have all cast ourselves as the sleuth, the spy or the detective in our lives, romanticising the hitherto unparalleled genius that we would presumably display in such a role. In our heads, we somehow jump from one potentially disastrous situation to another, emerging totally unscathed apart from a scratch or two on the cheek that only adds to our rakish charm.


Clearly, though, the realities of such jobs are rarely as glamorous as the innumerable television dramas and Hollywood blockbusters that centre their action around the murky world of espionage. The potential risks of such pursuits are as obvious as they are life-threatening, and it must be a real struggle not to boast about the probable life-saving actions that one presumably undertakes on a daily basis.While serving to protect your country is considered the ultimate laudable sacrifice by most of us, it would also be fair to say that betrayal of that same country, its people or its secrets, amounts to unforgivable treachery. In case you lie awake at night, anxious about such matters, here is some fascinating insight from the FBI as to how they go about spotting an “Insider threat” at the Bureau itself.The information is laid out on training slides, originally obtained by BuzzFeed News, entitled “The Insider Threat: Don’t Be a Victim”. The slides define an insider threat as “anyone with legitimate access to information, technology, facilities or personnel. Access is used to provided sensitive/classified information to an unauthorised person”. The slide also identifies the use of said access to “degrade operations or capabilities” in its definition of an insider threat.

It seems that potential insider threats tend to display a set of key characteristics that can render them identifiable to those on the look out, including those who are boastful about information they are privy to, work unusual hours, travel to foreign countries without good reason, and ask fellow employees about classified or sensitive information sans a “need to know”. The presentation further advises that those who drink alcohol, use drugs, have a psychological condition or are facing potentially termination of employment are also high risks for being insider threats.Further slides provide information on why leaks happen; citing “disgruntled” employees, who could be motivated by a plethora of factors like “ego”, “financial gain” and “divided loyalty”. The presentation goes on to advise staff as to the circumstances under which they should raise concerns over their colleagues’ behaviour. The policy seems to be, if in doubt, report your suspicions, with one slide telling staff: “If you wonder whether you should report something, report it.”Perhaps most interesting is a slide that contains “Categories of Threats” which range from minor “Spills” such as carelessness, mishandling of information, or sharing too much on social media. Next come “Leaks”, through Wiki, Twitter and media contacts, followed by “Espionage”, defined as a “traditional spy”. The most severe level detailed on the slide is “Sabotage” which is seen as cyber, physical damage or damage to reputation.What makes the slides so compelling and chilling is the notion that an insider threat, unlike the monstrous manifestations of “bad guys” and criminals we are confronted with in fiction, could be any one of us, displaying what could be seen, ostensibly, as entirely normal behaviour patterns. It is only when we dig a little deeper that the truth is revealed.

Source: ViralThread

About the author

Katie Simpson