In-Depth Research Report Examines the Barriers for Insider Threat Reporting, Offers Methods to Increase Employee Reporting

Researchers from Carleton University recently published a study titled “‘The pull to do nothing would be strong’: limitations & opportunities in reporting insider threats,” that analyzes the effectiveness of insider threat reporting programs. Augmenting employees’ ability to report suspicious activity can significantly reduce the risk of insider threats.

According to the researchers, programs that depend upon employees to report suspicious or malicious co-worker behavior can be of limited effectiveness, as “employees do want to report concerning coworker behavior that suggests an insider threat, but not at their own expense.” While members are encouraged to read the article to further explore its research methodology, the authors do provide takeaways that could be useful to business leaders in overcoming the pull to do nothing. They suggest the reporting of insider threats can be improved through the:

• consistent application of clear reporting and insider risk management policies,
• sophisticated implementation of ongoing training,
• development of and communication about robust reporting programs, and
• institutional leadership that incorporates incentives for employees to report suspicious behavior and otherwise leads to a security-conscious organizational culture.

To help organizations with insider threat reporting CISA recently published Insider Threat Reporting Templates, which are two fillable-PDF forms that stakeholders can incorporate into their organizations’ insider threat mitigation program, with the intent of helping streamline reports of suspicious activity in the workplace. CISA also offers additional resources on insider threats, which can be accessed here. Read the full study at the Information Security Journal.