To counteract any insider threats, it’s best to ensure they never exist in the first place

Prevent Insider Threats From Getting a Foothold With Security Vetting

Share

In the previous article, we discussed what an insider threat looks like, why it might occur, how the aggressor acts to use the vulnerabilities that individuals often already possess, and what might cause someone to turn from being a good colleague to being an insider who takes orders from the outside. We described the two main reasons why an ordinary person might want to betray an organization or be coerced into betrayal. In this article, we’ll discuss the best method to prevent the threat from ever occurring in the first place.

When an insider is already in place, it’s relatively easy to use the different access methods that already exist and are supposed to be used. It may be legitimate administrative accounts in information systems or USB-memory devices used to plant malicious code to destroy, manipulate, and steal information – none of which would raise suspicion since the breaches would be made by those with legitimate access who are expected to be there. To counteract any insider threats, it’s best to ensure they never exist in the first place. This can be accomplished through systematic security vetting by qualified professionals with decades of experience working with the human mind.

What Is Security Vetting?

Security vetting is about getting to know the individual before you in a different way than the recruiting interview or the ordinary conversation that takes place between people in a social setting. Security vetting ordinarily involves performing a background check and conducting a security vetting interview (SVI). In the SVI, a respectful and systematic dialogue occurs between the interviewer and the person applying for a job, a contract, or changing their role within an organization. The SVI investigates the individual’s loyalty towards the employer and its interests, the reliability as a potential colleague with access to security-sensitive information or operations, and the individual’s possible vulnerabilities – the kind that life normally brings.

When To Conduct Security Vetting

Security vetting is an essential piece in the security puzzle that is often overlooked. Perhaps you recognize the phrase, “In this company, we trust our people.” Since security vetting is both about protecting the organization and the individual, vetting should occur throughout the individual’s employee lifecycle. Who goes through life without any occurrences, without any friction, and without any perspective-changing experiences? I believe no one.

Yet it’s sometimes a regular habit to conduct security vetting only upon employment or contracting and then more or less assume that the individual’s life situation will stay frozen during their time with the organization no matter how long it is. Since this is obviously not the case, it’s important that security vetting takes place:

  • When starting an engagement (employment, contracting, etc.).
  • Recurring during the time with the organization.
  • When something occurs, for example, an incident or data breach.
  • When changing roles in the organization.
  • When leaving the organization.

How To Conduct a Security Vetting Interview

The security vetting interview is not a usual conversation. You apply a security filter to the dialogue where listening is more important than asking a preset number of questions. Don’t get this wrong - there are a certain number of determining areas that need to be discussed for sure. Still, if the SVI can take the form of a learning and exploratory dialogue based on mutual respect and honesty, more than being a “question and answer session,” then you’ll find results that may not otherwise occur. How things are being said is equally important to what is being said, and what is not said might well be the most important piece of intelligence of all.

Obviously, this kind of conversation is complex and uses many languages. This is why Truesec uses a professional team of dedicated security vetting interviewers who have conducted thousands of interviews in the pursuit of signs of lack of loyalty, lack of reliability, and the presence of vulnerabilities.

Key Takeaways

  • Security vetting includes performing a background check and conducting a security vetting interview, which is a complex and “unusual” conversation that requires specialized competence and experience.
  • The security vetting interview investigates the individual’s personal qualities in order to determine the level of risk that the individual has – or might develop – a way of thinking and acting that might affect their loyalty and reliability. This is often the case when the individual possesses vulnerabilities that might be exploited by someone who wishes to harm your organization.
  • Security vetting means caring for the individual and following them throughout the employment or contract in order to capture signs that might threaten their loyalty and reliability in connection with the job at hand. This means that security vetting interviews need to take place at the start of the job, recurring during the job, if something unusual occurs, and when the person leaves the organization.

Read more about our service Security Vetting Interview

Stay ahead in cyber

Join 1000+ other cyber professionals that get monthly updates from us with the key things to know.