Insider threat - Managing people security
Published on 22 January 2020
Contents
- Introduction
- What is financial crime?
- What is ‘insider threat’?
- The Fraud Ratio
- Unusual behaviour in the workplace
- Risk areas
- What types of threat do organisations experience?
- What does the insider threat look like?
- Privileged users
- Robust recruitment
- Behavioural 'red flags'
- What can you do to protect your organisation?
- Conclusion
- Glossary of terms
- References and additional reading
Glossary of terms
Bribery i) active - when a person offers, gives or promises to give a “financial or other advantage” to another individual in exchange for “improperly” performing a “relevant function or activity“; ii) passive - requesting, accepting or agreeing toaccept such an advantage, in exchangefor improperly performing such afunction or activity; iii) failure to prevent - failure of commercial organisations to prevent bribery on their behalf.
Embezzlement is the felonious appropriation of property which has been entrusted to someone, who by virtue of their position has certain powers of management or control. That person must have received limited ownership of the property or actual possession of the property under liability to account for it to the owner.
Fraud i) Falsehood (word of mouth, writing or false conduct); ii) Fraud (intent to deceive or defraud); iii) Wilful Imposition (cheat has been successful in that it has benefited/advantaged the perpetrator or prejudiced the interests of another person. e.g. timesheet/expenses fraud.
Privileged User is someone who by virtue of their role/seniority has significantly greater access to IT systems that the majority of users.
Theft is the felonious appropriation of property with the intent to deprive the owner, without the true owner’s consent.