Defining the Threat
Insider threats are not a new phenomenon in the history of the world or the United States. Sun Tzu, the famous Chinese General and author of the famous treatise The Art of War, believed that obtaining information through the use of spies made certain “great achievements.” The use of spies continued in from the Roman Empire to the strategic victories in World War II (Zurcher, 2013). In the United States, the mainstream media popularized spying with figures like James Bond, Jack Ryan, and Simon Templar. During the Cold War, 1985 was dubbed the “Year of the Spy” when twelve individuals were arrested by the Federal Bureau of Investigation (FBI) for spying. John Anthony Walker Jr., a Navy Warrant Officer and communications specialist worked for the Soviet Union; Jonathan Pollard, a civilian intelligence analyst for the Navy’s Anti-Terrorist Alert Center worked for Israel; Sharon Scranage, Central Intelligence Agency (CIA) desk clerk in Ghana and worked for Ghana; Larry Chin, a Chinese language translator/intelligence officer for the CIA worked for China; and Ronald Pelton, a communications specialist for the National Security Agency (NSA) worked for the Soviet Union; are a few examples of the individuals arrested (Federal Bureau of Investigation, n.d.). Each of these individuals worked within the US Defense and Intelligence communities and exposed national security secrets.
Globalization, the process of international integration, aided by technological creations, such as the computer and internet, has changed the dynamics of information gathering. Computers are now networked together in order to increase collaboration, information sharing, and speed up access to information for law enforcement agents, intelligence analysts, members of the Department of Defense, and major corporations. As Duvenage and Solms (2013) indicate, “traditional espionage supports and enables cyber espionage and vice versa” because of the “ever-growing dependency on information technology.” The more dependent businesses and governments become on technology, the more likely individuals and state entities will attempt to access it. The ability to consolidate large swaths of information to small portable devices not only provides access points but also allows for it to be surreptitiously removed.
The insider threat, while not new, is increasingly harder to define due to the definition’s increased coupling with technology. Hunker and Probst (2011) believe that the definition, focus, and threat varies depending on geography, the US is more focused on threats to national security while Europe is more focused on the business sector. The diversity of the possible insider also makes it hard to define. In some cases, the insider may not be a direct employee but a third party who has access to a system, network, or information due to the connection of their work entity to another. To understand the term “insider threat,” the term insider must be...