A big IT consulting company suffers from low staff morale and high turnover. This results in low quality of delivered software services, cases of IP theft and sabotage from within. A culture of viewing the company as an evil empire has developed among employees.
Management estimates that the level of planted backdoors could amount to up to 5 times more than the disclosed cases. They want to reduce sabotage and IP thefts and improve the image of the company: both internally and externally.
A big IT consulting company prides itself on its flexible software development service and has been contracted to undertake a number of big projects for leading global brands. The bulk of development work in the company is being done by individual employees in its main open-plan back-office.
The company has moved its office internationally between tax-havens in Europe. In 2016 two thousand people were offered relocation to another country. More than half of them signed up, but after some 18 months there were barely three hundred remaining. The relocated staff were not the only ones to leave, the overall average period of employment also fell to 10 months, from 31 in 2014. There was a general feeling in the office of being underpaid compared to what is being delivered.
Although HR has managed to supply a steady flow of skilled recruits,
the turnover meant that more people had access to work with customer's
sensitive data. The turnover also resulted in reduced quality of
delivered software services, with a number of cases (see text to the
right) of intentional installation of malware. These involved both
software developers and system administrators, the latter responsible
for monitoring security systems. Because of frequently changing staff,
a strong corporate culture cannot form. The problem reached the extent
that office jokes spread about making the big hit before leaving to
work with another company in the industry. Such stories might have
attracted new recruits driven by criminal intents.The company
maintains a policy of keeping silent about attacks and insider stories
talk only about successful attacks. A case of end-user data being
leaked in public turned into a media scandal with journalists
attempting to investigate previous cases.
Management wants to reduce sabotage and IP thefts and improve the image of the company: both internally and externally. As a wider trend long-term customers have raised concerns, new customers have become wary and slow to place new orders.
A culture of viewing the company as an evil empire has developed among employees. Management estimates that the level of planted backdoors could amount to up to 5 times more than the disclosed cases.
Consider the problem and proposed interventions as a security designer as described in the text to the right. From this perspective please rate each of the intervention methods listed in the table below.
How will the implementation of the following intervention methods affect the probability of further attacks?
After the first two incidents, management saw the need to find external help to tackle the insider attacks. Experts from a security firm were hired to analyse the situation and subsequently propose and implement intervention methods to reduce the risks. The company already has deployed security procedures to the highest standard, but these don't seem to prevent attacks from the inside happening. Despite the high number of early interceptions of attempts to install malware, the number of successful intrusions is alarming.
Now read the descriptiton of the offender perspective in the text to the right and try to think from their perspective try to answer the question below, rate the methods in the table accordingly and motivate your answers.
How will the following intervention methods affect the probability of success of future attacks?
Throughout the back-office people are disgruntled. Some are openly hostile to the company and its management.
A plan for insider attack with good chances of success could easily attract collaborators in key positions. The new security consultants seem to have tightened policies, but they just can't keep up with the pace - some careful planning still allows for successful attacks.
In your final assessment try to get into the shoes of the company management - a potential promoter or preventer. Please rate the impact of each of the methods in the table.
How will the proposed intervention methods affect the harm caused by potential future attacks?
Insider attacks threaten to turn into a major problem for the company. With an impressive reputation that has taken decades to build, for the first time in its history the company starts getting challenges both from within and from partners.
And all this started with the back-office relocation and the series of insider attacks that caught everyone off guard. Even worse, three years after the relocation, attacks are continuing and despite anticipation of further offences, management is struggling to find ways to prevent or mitigate them.
Please rate the ideas for each of the intervention methods listed in the table below according to the scale, relating the following question in bold to the intervention method, assuming it is implemented in the context of the provided scenario provided.
How great an impact do you think the intervention method might have on the crime problem?
In case you have any type of comments or clarifications, use the space provided to the right.