Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ManagementPhysicalSecurity Leadership and Management

Preserving employee trust with increasing insider threats

By Findlay Whitelaw
People working together in office

Image via Unsplash

November 22, 2023

Research has shown that insider threats can have a seismic impact on organizations of all sizes. When employees feel that their boss is watching their every move, it can reduce trust, create resentment and raise concerns about privacy rights. 

As the threat landscape continues to evolve, insider threats have increased in frequency and complexity. They’ve progressed from petty theft and sabotage to full-scale ransomware attacks against their own employer. Business and security leaders are feeling the pressure to shore up security programs and quell insider security threats without risking established relationships with employees. It is more important than ever for organizations to bolster security by developing and implementing a proactive insider threat program that preserves the trust of their teams. 

Understand the nature of insider threats 

An insider threat is defined as a perceived threat that comes from a person or cohort of people within an organization, who have intimate knowledge of the security practices, data or computer systems. An insider will use their authorized access, intentionally or unintentionally, to harm the department’s mission, resources, personnel, facilities, information, equipment, networks or systems. 

Insider threats can manifest in several ways. For example, an employee may accidentally send an email to the wrong person or improperly share sensitive company information due to negligence. However, in other instances, an employee may deliberately act against their current or former employer with malicious intent. There are many distinct types of insider threats, including theft of intellectual property or sensitive data, fraud and sabotage of systems, among others.

It’s important to differentiate the types of insider threats and manage each accordingly. Accidental threats can be mitigated with a combined effort of security protocols and education because employees are likely unaware of the potential harm they are bringing to the organization. Malicious threats need to be met with firm resistance and a strong, comprehensive insider threat program. 

Demystify preconceived fears

As organizations work to implement an insider threat program, one often overlooked area is employee trust. While companies must adhere to legal, regulatory and ethical considerations when setting up their insider threat programs, they also need to ensure that their security monitoring and countermeasures are legitimate, purposeful and compliant. Most importantly, business leaders must also respect the personal privacy of one of their most valuable assets — their people.

Employees are often wary that their supervisor may be using tools to monitor their productivity or micromanage, so it is important to reiterate that this is not the purpose of an insider threat program. The goal is to identify any misuse or conduct issues, intentional or accidental, and swiftly take the appropriate remediation strategies. These measures should be established within all conduct policies and procedures to ensure the well-being of all employees, customers and stakeholders. In addition to detective controls, insider threat programs should also provide preventive and supportive measures that proactively answer questions and enable positive employee sentiment.

Establish a long-term strategy

Human elements significantly contribute to the complexity of insider threats and each individual employee has a role to play in safeguarding an organization. While traditional, compliance-based security training and awareness programs provide a good framework for managing risk, they do not fully engage employees. These can quickly become remedial tasks that employees undertake on an annual basis, which has minimal positive impact on an organization’s security goals.

It is critical to approach insider threat program implementation and training with long-term security hygiene in mind. This requires sustained behavioral and cultural changes. Leaders should aim to continually educate and provide advice on emerging threats, with real-life, industry trends and examples. For instance, if a competitor just faced an insider threat attack, it is the perfect opportunity to talk with employees about what went wrong, how it could have been prevented, and reiterate the controls your organization has in place. 

Like anything new, enhanced security protocols can come with challenges and resistance. Communicating the intention of an insider threat program is the best way to introduce employees to the idea, establish a baseline of trust and foster cooperation. The overall goal is to reduce insider risk by ensuring the entire organization is safer, empowered and educated. The most effective way to accomplish this is by being clear and transparent in the program’s aims, objectives and requirements of employees. An open line of communication plays a pivotal role in the success of an insider threat program because it makes employees feel informed, engaged and aligned with organizational security goals. 

KEYWORDS: employee training insider threats risk management security strategy threat mitigation

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Findlay Whitelaw is Field CTO, Insider Threat Program & UEBA Solutions at Securonix.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Cybersecurity
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Security Education & Training
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • SaaS-software-freepik

    40% of all SaaS data is unmanaged, increasing insider and external threats

    See More
  • Percentage of Agencies with a Formal Prevention Program

    Federal Agencies Increasing Their Focus on Insider Threats

    See More
  • insider threats

    Half of U.S. companies hit with privileged credential theft, insider threats in last year

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing