The Road to Derailment for Insider Risks
As technological security defences are strengthened for external threats, organisations are taking little to no further measures internally, with the consequence of insider risks increasing. Data theft and other malicious insider acts do not just happen spontaneously. It is a process that takes place over time and entails a common set of factors and similar patterns of behaviour. Signpost Six calls this “The Road to Derailment” and it is based on the Critical Pathway to Insider Risk methodology developed by Shaw and Sellers. This path implies opportunities for interventions early on and that focusing on internal measures can prevent insider acts from happening. The Critical Pathway framework addresses pertinent questions: What characteristics and experiences do insiders bring to organisations that make them vulnerable to risk? What triggers these vulnerabilities? What are the signs that foretell risk behaviors? How does action or inaction increase risk?