Social Media Screening: The Next Frontier of Insider Threat Detection

As more and more of our lives move onto the public web, businesses are becoming aware of the degree to which publicly available online information can help them stay ahead of potential risks. Previously, we discussed how social media screening can help organizations manage their mergers and acquisitions. However, as the landscape of risk continues to grow, we’re also seeing companies leverage online screening to prevent insider threats—malicious threats to an organization’s security, data, and computer systems that comes from the people within.

Traditionally, businesses have mitigated insider threats by identifying and troubleshooting technical vulnerabilities in the enterprise or responding after the fact. But as a growing number of employees collaborate with criminal and activist groups, and the cost of the average insider threats reaches $8.7 million per incident, the success of your business can also hinge upon your ability to catch more emotional and qualitative vulnerabilities. How do these “emotional warning signs” indicate a potential attack, and how do you find them before it’s too late?

Today, we’ll discuss how employees’ interactions with social media and the public web can lead to costly data breaches. From there, we’ll break down the difference between negligent and malicious insiders, and why companies need sophisticated online screening solutions to safeguard themselves from the full set of potential vulnerabilities.

Insider Threats: Where Social Media Screening Comes In

Social media and online screening are designed to be a “digital safety net” around the many security and information technologies that keep companies safe from unnecessary risks. By offering a 360° look at what someone is saying on the public web, online screening specifically helps prevent insider threats in three ways: by finding negligent insiders, by identifying malicious insiders, and by fostering a strong organizational culture that results in fewer rogue insiders.

Finding Negligent Insiders

Not realizing that public social media or online content can be a source of intelligence for bad actors, nearly 75 percent of all insider threats are caused by ‘negligent insiders’ who simply don’t understand what qualifies as sensitive information. Because they lack the understanding and foresight, negligent insiders can allow external attackers to do anything from conducting a spear phishing campaign to mapping an organizational hierarchy. In some cases, they can even be recruited to participate in a malicious insider attack. Companies can mitigate negligent behavior in part through an effective training program. However, it’s no substitute for tools that identify such behaviors—and it certainly won’t prevent the types of behavior that are an even bigger threat today.

Identifying Malicious Insiders

Malicious insiders are even harder to identify than negligent insiders. They won’t respond to training, have a greater incentive to hide, and exhibit a wide range of behaviors from excess spending to narcissistic behavior. As a result, finding evidence of a potential cyber attack or data breach is a deeply complex endeavor. It relies on far more than the keyword search that can help you identify careless sharing of information or affiliations with an activist group. Rather, it uses methods such as natural language processing and sentiment analysis to identify behaviors that signal a potential threat to the organization. When an organization can change at the hands of a single vulnerability, full coverage depends on a complex and intricate set of online screening tools.

Strengthening Organizational Culture

Social media screening is an important tool for finding negligent and malicious insiders alike—but keep in mind that it can also create cultures that keep even more threats at bay. Rather than rely on the negative incentives that are common to security paradigms (e.g. restriction, identification, and intervention), online screening can help prevent threats by creating a sense of engagement and connectedness in the organization. By helping you identify healthy and unhealthy behaviors in the workforce, a well-designed screening policy can systematically reduce the likelihood of an insider going rogue. If your corporation is toxic, then insider threats may be common. But if your organization is healthy, then insider threats will be fewer and far between.

Enterprise resilience depends on much more than finding and fixing vulnerabilities. Leveraging the qualitative and emotional insights made possible by social media and online screening enables your company to spend time connecting the dots about potential threats to the organization instead of trying to discover and react to them.

What Does a 21st-Century Background Check Look Like? Download Our One-Pager to Find Out