The purpose of this article is to identify the increased risk of Insider Threat based on the current U.S. government review of efficiency and “return-to-work policies.” This is not a political opinion but a security and risk evaluation of the growing Insider Threat within the federal employee workforce and the private sector for companies with U.S. government contracts.
Under the direction of the Trump Administration, the federal government is currently undergoing a top-to-bottom review of financial expenditures, policies, operations, and, most importantly, how to drive greater government efficiencies, reduce the national debt, and enhance cost savings. This review has already resulted in stability issues and anxiety among federal employees, federal agencies, and U.S. government contractors. Government employee unions, lobbyists, federal judicial courts, politicians, and their aligned media outlets are generating massive counter-pressure to the review, calling for resistance and civil disobedience. At the same time, the current administration, its political entities, and its aligned news media are calling for the opposite—such as cuts, dismissals, and possible legal action. Unfortunately, both sides are villainizing each other, and the federal workforce has become the target in the middle. Regardless of one’s political views, it is important to understand that this situation can, and likely has, escalated the risk of Insider Threat within the federal workforce.
The review and the counter-response from the administration’s critics have a significant impact on both federal employees and contractors who support the federal government. The most significant risk factor currently faced by the federal workforce and U.S. government contractors is uncertainty. Their job security, financial stability, personal way of life, ability to adapt quickly to changing environments, and other factors related to uncertainty significantly affect the federal workforce. The second escalating risk factor is the extreme rhetoric on both sides of the political aisle and the accompanying response from 24/7 news media. Both sides are using extreme views and statements urging resistance, negative action, legal action, and increasing division between the right and left to make their points. Unfortunately, this extreme rhetoric, along with calls for civil disobedience, “resistance,” and misbehavior on one side—paired with threats of arrest, workplace firings, and harm to long-standing employees on the other—escalates stress and instability within the federal workforce.
It is important to note that politicians and media outlets are rarely held accountable for their actions, yet individuals who engage in such actions often suffer the consequences. While there are other risk factors associated with the current government review, these two pose the greatest threat to the workforce.
The result of this heightened risk is that a small percentage of the federal workforce may become more likely to commit acts associated with Insider Threat. Historically, one of the most compelling reasons for employees to commit acts from within and against an organization is emotional distress, financial uncertainty, or ideological alignment with outside influences or political ideologies. These three risk factors are currently present within the federal workforce.
Insider Threat can take many forms, ranging from the intentional compromise of information, introduction of malicious software, and deliberate acts of sabotage, to criminal acts such as theft, or even more extreme actions like active shooter situations. It is now more important than ever to ensure that federal security officers, law enforcement agencies, and cyber information security officials are aware of the increased risks posed by the current situation and are sharing data to identify trends and patterns of Insider Threats.
Federal security officials, along with corporate security officials managing U.S. government contracts, must be more vigilant than ever and implement escalating Insider Threat security measures to ensure that their security posture remains intact, and threats are minimized. What actions should they take?
- Increased Insider Threat awareness and training should be implemented over the next year. Employees must be encouraged to report suspicious activities. Both security officials and employees need to know the signs of Insider Threat, how to respond, and how to report it.
- Increased surveillance of Insider Threat indicators by security personnel. These indicators include financial hardship, workplace anger and violence, unusual work habits, improper access to secure areas, personnel seeking access they do not need, expressions of extreme political ideologies in the workplace, threats made to employees or management, and more. These indicators can help identify potential Insider Threats.
- Increased physical security measures that employ unpredictable methods and safeguards, which constantly change and don’t follow set patterns. Internal inspections, after-hours checks, shifting security positions, and roving security patrols all contribute to mitigating Insider Threats. Unpredictability is key.
- Increased monitoring of government computers, phones, and communications using software to identify key threat words, random cyber inspections of systems, and heightened monitoring—especially in sensitive areas—will help mitigate cyber threats from insiders.
The key to mitigating Insider Threats is proactive security measures, increased vigilance, awareness, unpredictability, and a risk-based security posture that emphasizes protecting your system at its most vulnerable points. Federal security officers should evaluate the current risk and adapt their security posture to address the increasing Insider Threat.
As stated in the opening paragraph, this is not a political opinion but one based on a security risk assessment. It is crucial to understand that times of high stress, uncertainty, and instability significantly increase the risk of Insider Threat. Federal security officers must comprehend the current threat situation and act accordingly.
