Archives

Categories

INSA

14.09.2013 counterintelligence, cyber crime, cyber security, Economic espionage, espionage, information security, INSA, insider threat, Risk assessment, security, security threats Comments Off on Message to Government and Private Sector: YOU are the reason for insider threats

Message to Government and Private Sector: YOU are the reason for insider threats

spy v spyEveryone is missing the boat on the insider threat issue – INSA too…to paraphrase James Carville, “It’s leadership stupid.”

Government and private sector organizations are the primary reason for insider threats – senior leaders and the boardroom grow them internally.

With very minor exception, NO ONE COMES TO WORK FOR YOU ON DAY ONE WITH THE INTENT TO HURT YOU, steal your secrets, or sell your intellectual property.

It’s how you treat them, over time, that turns them into insider threats.

  • You put them in the wrong jobs;
  • You fail to trust them;
  • You make it hard for them to do their jobs;
  • You put asshole/untrained managers over them;
  • You treat them like furniture;
  • You , threaten their existence in your companies and agencies;
  • You kill their spirit; and
  • Then, you wonder why they decide to hurt you.

Want to reduce/eliminate the insider threat? Treat you staff the way you did on day one:

  • Welcome them as a human being;
  • Be aware of how they are cared for in your organization;
  • Show them you care about them and their families;
  • Give them a future;
  • Put r-e-a-l leaders over them;
  • Give them a voice; and
  • Pay them well.

In other words, treat them as you would want to be treated.

Now, why is that so hard?

And, why do NONE of the plans I have seen for combatting the insider threat even mention poor leadership as a factor?

INSAonline.org | 9.12.13 Assessing Insider Threat Programs of U.S. Private Sector http://www.insaonline.org/i/f/pr/9.12.13_InsiderThreat_WP.aspx

 

11.09.2011 Analysis, homeland security intelligence, INSA, intelligence Comments Off on INSA recommends actions for improving homeland security intelligence

INSA recommends actions for improving homeland security intelligence

Today is the ten-year anniversary of 9/11/2001. As we honor the sacrifies of those who perished in the horrible events of that day, we must remember that it is is really what we do EVERY DAY that will help to prevent future attacks on our soil, or the soil of our friends and allies. At the heart of issue is “homeland security intelligence”…the information and data that we will need to deter, detect, and disrupt the activities of those to wish us harm.

On September 7, 2011, the Intelligence and National Security Alliance’s (INSA) Homeland Security Intelligence Council (HSIC) released a white paper proposing significant recommendations for Homeland Security Intelligence. The white paper, entitled “Intelligence to Protect the Homeland: Taking stock ten years later and looking ahead,” examines what has been learned in the last ten years and what will be needed from the intelligence community to protect the homeland from future attacks. My friend and colleague Joe Rozek, who chairs the INSA Homeland Security Intelligence Council, commented:

“The HSIC has worked tirelessly for months and today we are proud to offer our analysis and recommendations to the intelligence and homeland security communities on the 10 year anniversary of September 11th, Homeland Security Intelligence is a discipline that will depend on the successful fusion of foreign and domestic intelligence to produce the kind of actionable intelligence to protect the homeland. Yet, underpinning our analysis is the foundational principle that respect for privacy and civil liberties is an inherent, inseparable part of our national security and core values as a nation.”
 

The major recommendations in the HSIC white paper include:

  1. Adopting a common definition for Homeland Security Intelligence (HSI) to better facilitate its collection, analysis, and use in decision making, as well as development as a discipline;
  2. Departing from the “command and control” or top-down hierarchical model and moving toward an integrated enterprise characterized by coordination of intelligence and analysis efforts among federal, state, local, tribal law enforcement and intelligence agencies;
  3. As appropriate, bringing select private sector partners into the enterprise; and
  4. Ensuring the protection of Americans’ privacy and civil liberties through widely applicable training and accountability standards to ensure lawful and aggressive detection and deterrence of terrorist operations in the U.S.

Take some time to read this white paper and I’d be interested in your comments and thoughts…r/Chuck