Managing the Insider Threat: No Dark Corners, 1st Edition (Hardback) book cover

Managing the Insider Threat

No Dark Corners, 1st Edition

By Nick Catrantzos

CRC Press

363 pages | 6 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781439872925
pub: 2012-05-17
SAVE ~$16.79
$83.95
$67.16
x
eBook (VitalSource) : 9780429251474
pub: 2012-05-17
from $41.98


FREE Standard Shipping!

Description

An adversary who attacks an organization from within can prove fatal to the organization and is generally impervious to conventional defenses. Drawn from the findings of an award-winning thesis, Managing the Insider Threat: No Dark Corners is the first comprehensive resource to use social science research to explain why traditional methods fail against these trust betrayers. In this groundbreaking book, author Nick Catrantzos identifies new management, security, and workplace strategies for categorizing and defeating insider threats.

The book begins with problem definition and research findings that lead to the "No Dark Corners" strategy for addressing insider threats. With these foundational underpinnings, the book then examines agents of change within the workplace—namely, key players in positions to effectively support or undermine the No Dark Corners strategy, including corporate sentinels and leaders affecting application of this approach.

From there, the author goes on to examine key areas where No Dark Corners-style engagement can make a difference in the way an institution counters insider threats—through rethinking background investigations, recognizing deception, and using lawful disruption. Moving progressively from the theoretical to the practical in applying the strategy within an organizational framework, the book looks at implementation challenges and offers a framework for introducing new insider defense insights into an organization.

Each chapter offers questions to stimulate discussion and exercises or problems suitable for team projects. This practical resource enables those charged with protecting an organization from internal threats to circumvent these predators before they jeopardize the workplace and sabotage business operations.

Reviews

"Throughout the work, Nick Catrantzos brings his experience in government and the private sector to bear in innovative and effective ways. Catrantzos focuses on critical issues such as why infiltrators are more dangerous than ordinary disgruntled employees, what deception is all about and how it relates to insider threats, and how senior organizational officials have more tools available to them than they realize to deal with such situations."

—Reviewer: Mayer Nudell, CSC, Security Management, September 2013

Table of Contents

DIAGNOSTICS

The Problem and Limits of Accepted Wisdom

The Problem

Terms of Reference

Historical Approaches

Implications

New Research and Contrarian Findings

Delphi Research on Insider Threat

Alternative Analysis Takes Shape

The Alternative

Balancing Trust and Transparency: The Copilot Model

Comparison with Other Security Strategies

KEY PLAYERS

Agents of Change—Corporate Sentinels

Key Activities

Corporate Sentinels

Agents of Change—Leaders and Copilots

Leadership’s Attitude to Sentinels and Insider Threat Defenses

Where to Begin

Why Leaders Falter

The Issue–Attention Cycle Meets Insider Threats

Alternative Approach

MAKING A DIFFERENCE

Rethinking Background Investigations

Traditional Background Investigation Process

Identity Verification

What Gets Investigated and How

Credentials and Credibility

Where Blurred Accountability Comes with a Price

Other Red Flags Often Unseen

Adjudication of Adverse Findings

Transformational Opportunities with a No Dark Corners Approach

Case Study: A David Takes on Goliath in Pre-Employment Background Investigations

An Overlooked Problem: Investigating the Nonemployee

Access the Real Issue

Deception and the Insider Threat

Deception’s Role

Inadequacy of Defenses

Representative Methods for Detecting Deception

What Do Polygraph Examiners Know about Deception?

The Reid Technique

The WZ Method

Scientific Content Analysis

Other Techniques for Detecting Deception

Cross-Examination

Behavioral Detection

The Deceiver’s Edge

What Makes a Good Liar

No Dark Corners Applications

Where to Expect Deception from Trust Betrayers

The Infiltrator’s Deception

The Disgruntled Insider’s Deception

The Detection Dilemma

Context-Based Anomaly Detection

At Least Ask

Know Your World

Start Somewhere

The What-If Discussion

Sample Scenarios

Deception’s Role in Scenarios

Lawful Disruption of the Insider Threat

What Is Lawful Disruption?

Defender Dilemmas

Three Biases of Authorities That Risk Undermining the Institution

Deciding How Far to Go

Risks in Failure Analysis and Problem Solving

Representative Options: What Defenders Can Do Themselves

Techniques of Lawful Disruption by Employee Level

Techniques Based on Exploiting Disruptive Behaviors Already in the Workplace

The Layered Offense

Comparative Observations

Practice

A Distress Call and Unpredicted Turn of Events

Potential Outcomes

Sequence of Actual Outcomes

Lessons Learned

Existential Insider Threats

First Things First

Protecting People and Property

Defender’s Advantage in Dealing with Infiltrators

Spillover Effects from Defending against Existential Insiders

The Big Three Existential Insider Threats

Sabotage with Cascading Impacts

Decapitation Attacks through Assassination

Espionage Yielding Decisive Victory

Problems of Threshold and Accumulation

Aligning Existential Threat Defense with the DHS

What Makes It an Existential Threat?

Assistance with Evaluating Existential Magnitude

DHS Protective Security Advisors

Local Task Force Entities with a Protective Mandate

Red Teaming Defined

Where to Recruit Red Team Members

Red Teaming Value to Countering Existential Insider Threats

Red Team Members from Within

Drawing from the Risk or Vulnerability Assessment Team

Red Teaming More for Existential than Nonexistential Threats

Worse Case and Worst Case Scenarios

When Red Team or Special Resources Are Not an Option

Avoiding Warning Fatigue

Other Insider Threats

Cyber Attacks—Insider or Other Threats?

Threats of Violence

Exploiting Employer Assets for Gain

Unifying Themes and Need for a Systematic Approach to Lesser Insider Threats

The Threat Scale

Application of Threat Scale to Insider Threats by Category

Special Cases

Misguided Redeemers

Fleeting or Occasional Insider Threats—A Nebulous Category of Others

Extortion as Another Indirect Threat

Lessons of One-Off Cases

Implication of Changing Workplace Dynamics for Insider Threats

The Shamrock Organization as Incubator for No Dark Corners

A Final Caution: Instant Intimacy and Insider Threats

Consulting for No Dark Corners Implementation

The Inside–Outside Dilemma

Recommended: Outside Diagnosis, Hybrid Prescriptions, Internal

Implementation

Institutional Insertion Points for a No Dark Corners Program

Where to Begin

Fees, Compensation, and Effectiveness

Making Change Happen

Engaging 101: Some Features of Starting a No Dark Corners Assignment

Delivering 101: Some Ways of Navigating a No Dark Corners Assignment

Findings 101: Common Findings to Expect in a No Dark Corners

Consulting Engagement

Disengaging 101: Drawing the Assignment to a Close

The Laser and the Flashlight

Checking the Flashlight’s Bulb and Battery

ANSWER GUIDE

APPENDICES

INDEX

About the Author

Nick Catrantzos teaches homeland security and emergency management for the School of Management, University of Alaska, Fairbanks. Formerly a security director for a large public utility and critical infrastructure, he previously directed operations for two international security consultancies, Control Risks and Kroll Associates, and led public sector vulnerability assessments under ManTech Security Technologies. In 2009, he graduated from the Naval Postgraduate School’s Homeland Security Master’s Program, where he won top writing honors for his thesis on insider threats. As an intelligence collector, he was awarded the Meritorious Service Medal for outstanding service to two government agencies.

Subject Categories

BISAC Subject Codes/Headings:
BUS041000
BUSINESS & ECONOMICS / Management
COM053000
COMPUTERS / Security / General
LAW041000
LAW / Forensic Science
POL012000
POLITICAL SCIENCE / Political Freedom & Security / International Security