Not too long ago, external espionage was viewed as the biggest threat to national intelligence agencies. But McClatchy national security correspondent Tim Johnson reports on a trend of rogue insiders causing agencies most of the headaches these days.
Johnson explores this shift in a recent article that highlights several trusted insiders — including Chelsea Manning, Edward Snowden and Harold Martin — who’ve generated major headlines with their breaches. He interviewed Haystax Technology CEO Bryan Ware about the phenomenon of rogue insiders, a problem addressed by Haystax’s Haystax for Insider Threat solution, which Ware told Johnson can continuously analyze approximately 700 categories of employee behavior. According to Ware, “It’s not the goal of our system to say, ‘This is your guy.’’’ What the system can do, says Ware, is to allow organizations to rank employees into risk tiers, depending on changes in their behavior. “We’ve been able to identify risks, often years in advance,” Ware told Johnson.
While agencies have struggled to identify stressors or triggers, Johnson cites a report from the Intelligence and National Security Alliance noting that “software algorithms reach 90 percent accuracy in detecting changes in personality, life events and emotions of employees through their computer interactions.”
Haystax recently released an industry survey, titled Insider Attacks, that provides new data and insights into the current state of the insider threat problem and how organizations are dealing with it. Despite spending increases and investments in deterrence tactics and detection tools, the survey shows that insider threats continue to cause harm to all types of organizations. It suggests that although funding is increasing, inadequate resources are being allocated to some key components of insider threat mitigation, such as predictive risk analytics. This lack of analytics investment comes at a price, as insider attacks continue to be costly.
For more information about the Insider Attacks survey, view the full report here and supporting materials here.