Frontline Employee Identification of Organization Insider Threat Vulnerabilities
The Insider Threat/Risk Programs in government agencies and industry organizations lack comprehensive insight into the motivations of employees and organization-specific vulnerabilities and risks at the frontlines. Frontline employees offer a valuable, untapped source of unique information on insider threat and risk vulnerabilities. To demonstrate and access that unique information, MITRE developed, deployed, and tested a methodology to identify unique information on insider threat motivations, vulnerabilities, and risks above and beyond what is generally visible to security (i.e., workarounds that can be used by malicious insiders). The methodology involves trained behavioral scientists conducting structured interviews with a cross-section of frontline (non-managerial) employees at your organization, then analyzing the data with rigorous qualitative scientific methods. The qualitative analysis produces quantitative information on potential triggers, awareness of existing technical and physical controls, vulnerabilities, known insider activities, and employee ideas for security improvements. That information is used to develop tailored recommendations for an organization’s Insider Threat/Risk Program, policies and procedures.
MITRE is ready to transition the approach to industry organizations, having successfully used the methodology in government programs. For example, in 2017, MITRE conducted 53 structured interviews with a cross-section of frontline (non-managerial) employees at a large federal civilian agency. Based on this analysis, the research team identified an incremental value of the employee interview findings above and beyond what was already known by the agency’s security program. The unique and additional insights from frontline employees were used to develop specific recommendations for that agency’s Inside Threat Program, policies, and procedures. The findings demonstrate the additive value of frontline employee insights, and this behavioral scientific methodology to identify novel insider threat risks.