Today, organisations are increasingly vulnerable to insider threats, which can cause significant operational, organisational, and reputational damage. It’s essential to have a comprehensive understanding of insider risks, threats, and gaps in your defences.
Our Approach
We believe in a collaborative approach that emphasises understanding our clients’ business, organisation, and culture. This method helps us deliver well-founded assessments and recommendations, secure top-management buy-in, and promote good practices in Insider Risk Management (IRM).
We can provide:
- An informed and calibrated assessment of IRM maturity.
- A robust evaluation of the insider threat environment impacting the organisation, its customers, and Critical Third Party (CTP) suppliers.
Insider Threat Assessment.
Our ITA utilises a broad range of open-source intelligence to develop a comprehensive picture of potential insider threats. We build on insights gathered during our Insider Risk Maturity Assessment and focus on:
- Collecting relevant intelligence about the organisation, its peer competitors, CTPs, and key customers.
- Developing realistic insider attack scenarios based on our experience with leading information and analytics businesses and major technology firms.
- Reviewing current vetting and monitoring arrangements and conducting re-vetting exercises for highly privileged employees and contractors.
The ITA process involves:
- Introduction/Kick-off meeting
- Targeted Intelligence Collection
- Synthesis of Assessment and Preliminary Feedback
- Development of Attack Scenarios
By conducting a thorough and informed ITA, we help top management understand the seriousness of insider risks and support the implementation of improved security arrangements.
Insider Risk Maturity Assessment.
Our Insider Risk Maturity Assessment (IRMA) covers all strategic, organisational, operational, and technical components of a comprehensive IRM regime.
We assess:
- Governance arrangements and understanding of insider risks and threat intelligence.
- The current insider risk strategy.
- Organisational structures for managing insider risks.
- Security coordination and integration, including management of risks in CTPs.
- Insider risk management testing and incident response planning.
- External engagement with law enforcement and other agencies.
The assessment involves interviews with key personnel, a review of relevant documents and material), and consideration of physical security. The process involves:
- Introduction/Kick-off meeting
- Review of Relevant Documents
- Interviews and Working Sessions
- Synthesis and Reporting
To start your IRM journey using our free IRM Diagnostic Tool, please contact [email protected]
Case Studies.
Supplier to the oil industry
Investors in the company were concerned that expected profits were not materialising despite exceeding revenue targets. GSA were called to investigate. It was discovered that an insider responsible for procuring high value equipment used agents as intermediaries, adding significant costs and reducing profits by tens of millions. Litigation followed and GSA provided expert evidence.
Global software company
A major software company was acquired for $1b and concerns were raised regarding sales
contracts. GSA was asked to investigate. The investigation discovered a major fraud by a senior employee where sales and service contracts worth tens of millions of dollars were entered into with paper companies. GSA developed a comprehensive remediation plan and supported litigation to mitigate losses.
Major global bank
Senior executives and regulators became concerned about trading staff conduct in certain global banks. GSA staff were engaged to investigate, assess the scale of the problem and provide advice on strengthening defences against employee and counterparty misconduct.