Mitigating the insider threat in supply chain security

website images SCS_ep5

The insider threat poses a significant risk to organisations, as individuals with access to sensitive information or assets can exploit vulnerabilities for personal gain or malicious intent. As companies implement sophisticated security measures, the recruitment of insiders becomes an attractive option for those attempting unauthorised access.

The scope of the insider threat

The scope of the insider threat is wide-ranging, encompassing full-time or part-time employees, contractors, and even business partners. Insiders may deliberately seek employment to conduct malicious acts or be triggered to act during their tenure due to changing personal circumstances.

Types of insider activities

  1. Unauthorised Disclosure of Sensitive Information
  2. Process Corruption
  3. Facilitation of Third-Party Access
  4. Physical Sabotage
  5. Electronic/IT Sabotage

Mitigating insider risks through pre-employment screening

Pre-employment screening is a key defence in the recruitment process. Employers should establish whether applicants have concealed important information or misrepresented themselves. Screening should include proof of identity, address, education, employment history, criminal record checks, financial checks, and character references.

Ongoing monitoring and management

While pre-employment screening helps recruit trustworthy individuals, people's circumstances and attitudes can change over time. Regular performance reviews and monitoring of lifestyle vulnerabilities, such as financial problems, work attitudes, or negative life events, are crucial.

Operational onboarding and information control

Operational onboarding, particularly for temporary personnel, requires a balance between providing sufficient information to complete tasks and maintaining a need-to-know basis for sensitive information. Access to critical areas, processes, and protocols should be restricted, and information about security technology, locations, and access codes should be closely guarded.

Key control and access management

Key control procedures for vehicles and access to restricted areas should be strictly enforced. Keys should be signed in and out, with appropriate identification and escalation processes in place. Duplicate keys should be securely stored under management control.

Holistic approach to insider risk mitigation

To mitigate insider risks, stakeholders should implement a layered defence approach, including:

  1. Physical security measures
  2. Clear management processes, procedures, and policies
  3. Least privilege principle for information and access
  4. Sound communication policies for internal and external communications
  5. Frequent security awareness training and briefings
  6. Comprehensive threat and risk assessments
  7. Regular reviews and risk mitigation implementations
  8. Vetting and control measures for third-party providers

Conclusion

The insider threat presents a multifaceted challenge for stakeholders in the supply chain. By implementing a holistic approach to security management, including robust screening, monitoring, access control, and awareness programs, organisations can better protect themselves from the risks posed by insiders.

Mike Yarwood

TT Club

David Fairnie

BSI Supply Chain Services and Solutions

Date05/05/2021