Apr 10, 2024

Countering Foreign Interference: 2024 Insider Risk Report Takeaways

3

There has been no shortage of incidents related to foreign interference and IP theft. From theft of AI research to nuclear trade secrets, the appetite to steal and exploit sensitive data for competitive advantage has never been greater.

Espionage attempts are growing in stealth and frequency – and governments, tech, and critical infrastructure are especially vulnerable. The rise of GenAI and legitimate talent programs against a backdrop of geopolitical tensions has added even more complexity, making for a precious threat landscape where no entity, regardless of sector, is impenetrable.

It is against this backdrop that the DTEX iteam has released its 2024 Insider Risk Investigations Report, aptly themed foreign interference.

For the first time, the report serves a dual purpose. It is as much a ‘state of play’ report as it is an invitation to uplift collaboration and best practice information sharing. “It is an invitation to get involved in the pursuit of national security resilience,” the report states.

The call to action comes amid a massive uptick in the number of customers seeking DTEX support in protecting against foreign interference (a 70% increase since 2022).

To that end, the report unlocks several behavioral insights of malicious and super malicious insiders in the lead up to data exfiltration, with reference to the Insider Threat Kill Chain.

For organizations concerned by foreign interference, IP theft, system sabotage, and accidental data loss, this report provides high value insights to benefit any insider risk program or broader security mission.

Key Takeaways

  • Foreign interference is a long game of social engineering for which both public and private sectors must be prepared.

Foreign state actors are clearly playing a very ‘long game’ in pursuit of knowledge and power. Espionage, IP theft, and prepositioning in on critical infrastructure are now part and parcel of larger-scale operations that seek to undermine confidence and, ultimately, take control. What’s most concerning is the rise of the socially engineered insider and legitimized talent plants, where nation states recruit and plant insiders to steal IP in exchange for handsome payments. Unsurprisingly, the rise of AI has made social engineering a popular tactic over malware (which is now more expensive and difficult to successfully execute). Today, threat actors are increasingly targeting and outsmarting insiders at enormous scale with minimal cost and effort.

As the report states, “Having a robust insider risk program is critical, but it’s not enough.” Now more than ever, the public and private sectors must put their heads together to share experiences, drive skills development, knowledge transfer, and partnerships. “This will set the scene for security, prosperity, and success – now and for decades to come.”

The report lists the critical entities championing this collaborative mission:

US Insider Risk Management Center of Excellence

Australian Insider Risk Centre of Excellence

Canadian Insider Risk Management Centre of Excellence

Five Eyes Insider Risk Practitioners Alliance

  • The lines between internal and external threats are rapidly blurring. Quality data is key to proactive protection.

What do all forms of security threats have in common? The exploitation of human vulnerability. In 2024 and beyond, the solution must align with the challenge. This is why understanding human behavior is so paramount. It is also where the opportunity to synergize technology with psychology shines most, providing the backbone to understand intent, predict actions, and intervene early before a security incident occurs. As the report states, “The behaviors leading up to a data exfiltration event are more important in differentiating the types of insider risks than the event itself.”

Early detection and mitigation of insider risks hinges on data quality that cuts across cyber, physical, organizational, and psycho-social sensors. This should be an internal cross-cutting collaborative effort that eventually extends to broader collaboration beyond business lines, as highlighted in the first bullet. The report includes Behavioral Risk Model as a practical asset (download the infographic here).

  • Bidirectional loyalty is critical to safeguarding a trusted, respected, protected, valued, and engaged workforce.

MITRE Corporation’s Dr. Deanna Caputo is right when she says, “People aren’t the weakest link, they’re the missing link.” By supporting employees with an environment and culture conducive to transparency and respect, organizations can uplift bidirectional loyalty which, in turn, breeds security and trust. “When employees feel loyal to their employer, they will be motivated to act in the organization’s best interests.”

The takeaways above are just the tip of the iceberg. The 2024 Insider Risk Investigations Report has something for anyone and everyone within an insider risk function to action within their security or workforce strategies. Download your copy for the complete insights.