7-1 Discussion Insider Threats

.docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

-552

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

3

Uploaded by JusticeGoldfishPerson769

Analyze your findings about one identified thief. In the case of Michael Mitchell, a disgruntled former employee who sold trade secrets from the organization and sold them to a rival Korean company. The case mentioned Michael being relieved of his duties due to poor performance, it did not include what made him disgruntled or whether the organization tried to aid Michael in improving his performance at the organization. Michael broke trademark and copyright laws when he stole the files and sold them and was therefore sentenced to 18 months (about 1 and a half years) in prison and ordered to repay the employer in monetary damages. How can you learn from your chosen thief to acknowledge and recognize the motives and behavioral indicators that someone might be spying against the company you work for? Analyzing Michael Mitchell’s case provides insight into recognizing potential motives and behavior indicators that may indicate that a disgruntled or underperforming employee is spying against the company or stealing trade secrets. Disgruntled employees usually exhibit the following behavior or attitude at work; a history of poor performance, lack of motivation and involvement, tardiness, poor workplace relationships, avoiding getting tasks done, and complaints about the job. This may allow the employee to harbor resentment and frustration, potentially leading them to engage in unethical activities. This behavior must be addressed by the organization promptly to prevent the disgruntled employee from carrying out malicious activities against the organization. In the case example, Michael retains trade secrets so he can later sell to a rival company through a consultancy agreement. Trade secrets may be retained after termination by individuals who intend to use the stolen information for in their benefit or the benefit of a competitor. Unauthorized access to confidential documents or long- term retention of confidential information after termination may be a sign of suspicious activity. Agreements to share confidential information with competitors suggest a willful attempt to harm the ex- employee. Unusual collaboration, collusion, or sudden alliance with competitors without proper disclosure can also raise suspicion (HRDQ, 2022). Once the motives or behavioral indicators are noticed, the organization must act promptly. There are several proactive steps that organizations can take to protect themselves from potential threats. These include; monitoring employee satisfaction, conducting regular security audits, establishing effective exit procedures to ensure that confidential information is returned to the organization, and encouraging employees to be more open and honest with each other. Recognizing behavioral indicators and motivations can help organizations identify and respond to potential threats before they develop into more serious issues (Diemar, 2021). References: Diemar, E. (2021, February 5). 5 ways to protect your organisation from a disgruntled former employee - HRM online . HRM Online. Retrieved January 24, 2024, from https://www.hrmonline.com.au/culture/protection-from-a-disgruntled-former-employee/
HRDQ. (2022, September 22). How to Identify & Handle a Disgruntled Employee | HRDQ . Retrieved January 23, 2024, from https://hrdqstore.com/blogs/hrdq-blog/identify-handle- disgruntled-employee Response Hello Tyler, I enjoyed reading your post. I find your details of the insider threat insightful. The events that took place in the case of Shalin Jhaveri are a stark reminder that insider threats can occur at any time. In this case, Shalin's security breach involved sharing sensitive information with someone pretending to be an investor. To prevent similar insider threats in the future, the organization should implement employee training and awareness, regular security training sessions should be conducted to educate employees on the risks associated with insider threats. It is important to ensure that employees are aware of the identity and intent of any outside contacts, particularly when it comes to sensitive information. This should be done based on the concept of least privilege, meaning that employees should only be allowed access to information that is necessary for their role. In addition to that, monitoring tools should be used to monitor employee activities, particularly those that involve sensitive data. Regular audits should be conducted to identify unusual patterns and unauthorized access (Microsoft, n.d.). Reference: Microsoft. (n.d.). What is insider threat? Unraveling insider risks | Microsoft Security . Retrieved January 28, 2024, from https://www.microsoft.com/en-us/security/business/security- 101/what-is-insider-threat Hello Vinicius, I enjoyed reading your post. I also chose the Michael Mitchell case for my discussion. The Michael Mitchell case study highlighted some of the critical aspects of insider threats within an organization. Michael’s retention of computer files after termination is a prime example of why it is important to monitor unusual or unauthorized access to your organization’s data. Early detection of these behavioral patterns is critical, especially when it’s related to work dissatisfaction or workplace conflict. Along with the prevention measures outlined in your post, an organization may also want to consider using user behavior analytics (UBO) tools to detect anomalies and threats based on your employees’ digital behavior. UBO uses machine learning and artificial intelligence (AI) to identify and mitigate insider threats at machine speed. This powerful technology allows organizations to understand how users interact with data, calculate and allocate risk levels, and automatically tailor security controls. By using UBO, organizations can simplify the process of detecting potential risks and allocate their limited resources to address high-risk insider activities (Microsoft, n.d.).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help