Edward Snowden, who has leaked classified information about intelligence collection activities of the National Security Agency (NSA), reportedly told the South China Morning Post that he sought a job as a contractor at government consulting firm Booz Allen Hamilton with a goal: to collect proof about the NSA’s domestic surveillance programs and alert the public to the programs. However, Snowden is not the typical insider threat. Most insiders who later betray their employer’s trust don’t start out with that intent. The change from benign employee to malicious insider can be spurred by anything from home-life stress to frustration at being passed over for a promotion to the thought that the company does not appreciate one’s contributions.
Though the risk is great, it is not possible to deny insiders the access to data that they will need to do their jobs. So what can a company do?
The company must have clear policies regarding how corporate data is to be handled and safeguarded, and confidential data should be clearly labeled, with access as restricted as feasible. Additionally, the company should secure the data itself and use software to track access and seek signs of suspicious activity, especially with regard to what information leaves the system or is copied. This article focuses, however, on the human factor—what companies can do in the hiring process and throughout employment to detect signs that a person is likely to become, or has become, an insider threat.