Saturday, February 13, 2021

HVE: Threat Risk from the Inside Out…

“In times of change learners inherit the earth; while the learned find themselves beautifully equipped to deal with a world that no longer exists.” -Eric Hoffer

Always remember...

At 6:30 AM on December 25, 2020 our United States citizens were just starting to celebrate a Christmas Day holiday morning with family and friends.

To everyone’s surprise, there was tragic news on social media and TV upon our awakening on this Christmas morning. It was reminiscent of other tragic days in history, when suicide bombs exploded or even hijacked planes crashed into downtown populated international cities.

What shall we learn from this particular event in Nashville, Tennessee that was so meticulously planned and executed?

“Anthony Quinn Warner detonated a recreational vehicle (RV) bomb in downtown Nashville, Tennessee, United States, killing himself, injuring eight people and damaging dozens of buildings in the surrounding area. It took place at 166 Second Avenue North between Church Street and Commerce Street at 6:30 am, adjacent to an AT&T network hub, resulting in days-long communication service outages.”

Yet this bomber gave warning to the public nearby and Warner also gave them time to evacuate the area. Similar to the Provisional Irish Republican Army’s behavior, as mentioned in the news by Dr. Erroll G. Southers, security expert and author of Homegrown Violent Extremism (HVE).

A significant component of Operational Risk Management (ORM) continues to focus on People, and for good reason. Insider threat risks are in many cases carried out by existing or former employees, or by close friends, partners and even current or former spouses.

So what?

Insider Threat Risk (ITR) programs help organizations Detect, Prevent, and Respond to an insider incident. To be prepared to handle such events in a consistent, timely, and professional manner, an ITR needs to understand:

  • Whom to involve
  • Who has authority

  • Whom to coordinate with
  • 
Whom to report to

  • What actions to take

  • What improvements to make

Does an effective ITR include previous employees who have left the organization for any reason? YES. This Insider Threat Risk plan should include current and former employees, contractors, and business partners.

As Mr. Warner was claimed to be a former employee of AT&T, one might wonder, if he planned the location next to this particular AT&T building, for an "Inside Known" or an "Outside Unknown" reason?

Remember...we shall always implement a formal insider threat incident response plan.

Establish an insider threat oversight body, that includes Senior Executives from the company’s HR, Security, Legal, Privacy, Ethics, Incident Response team, Information Technology, and Public Relations departments.

An effective and comprehensive ITR integrates and analyzes technical and nontechnical indicators, to provide a holistic view of an organization’s insider threat risk, from all individuals identified as potential threats.

Never forget...