Insider Threat

Insider Threat

Prevention, Detection, Mitigation, and Deterrence

1st Edition - May 26, 2016

Write a review

  • Author: Michael Gelles
  • eBook ISBN: 9780128026229
  • Paperback ISBN: 9780128024102

Purchase options

Purchase options
DRM-free (PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


Insider Threat: Detection, Mitigation, Deterrence and Prevention presents a set of solutions to address the increase in cases of insider threat. This includes espionage, embezzlement, sabotage, fraud, intellectual property theft, and research and development theft from current or former employees. This book outlines a step-by-step path for developing an insider threat program within any organization, focusing on management and employee engagement, as well as ethical, legal, and privacy concerns. In addition, it includes tactics on how to collect, correlate, and visualize potential risk indicators into a seamless system for protecting an organization’s critical assets from malicious, complacent, and ignorant insiders. Insider Threat presents robust mitigation strategies that will interrupt the forward motion of a potential insider who intends to do harm to a company or its employees, as well as an understanding of supply chain risk and cyber security, as they relate to insider threat.

Key Features

  • Offers an ideal resource for executives and managers who want the latest information available on protecting their organization’s assets from this growing threat
  • Shows how departments across an entire organization can bring disparate, but related, information together to promote the early identification of insider threats
  • Provides an in-depth explanation of mitigating supply chain risk
  • Outlines progressive approaches to cyber security


Corporate Security Managers and Executives; Executives and Managers in IT, HR, Legal, R&D, Marketing, and Finance; Students and faculty in Security, Criminal Justice, Management, Information Security, Forensics, and Psychology.

Table of Contents

    • About Deloitte
    • About the Author
    • Foreword
    • Acknowledgments
    • Chapter 1. Introduction – Insider Threat Today
      • Abstract
      • Introduction
      • What is Insider Threat?
      • Environmental Drivers
      • Detecting the Insider Threat
      • Mitigating Asset Loss: An Integrated Approach
      • Top 10 Tips for Leaders
      • In Summary
      • Key Takeaways
    • Chapter 2. Common Challenges to Maturing an Insider Threat Program
      • Abstract
      • Introduction
      • Challenges Faced by Program Managers
      • Key Takeaways
    • Chapter 3. From Bricks and Mortar to Bits and Bytes
      • Abstract
      • The Transformation from Bricks and Mortar to Bits and Bytes
      • Insider Threat in a World of Bricks and Mortar
      • Transitional Phase
      • Insider Threat in a World of Bits and Bytes
      • Key Takeaways
    • Chapter 4. Identifying Functional Ownership
      • Abstract
      • Introduction
      • Program Location
      • Developing a Program to Prevent, Detect, and Respond Framework
      • Key Challenges
    • Chapter 5. Identifying Critical Indicators in Organizational Data
      • Abstract
      • Potential Risk Indicators
      • Translating Knowledge about Insiders Into Organizational Data
      • Identifying Critical Indicators Throughout the Organization
      • Key Challenges
      • Key Takeaways
    • Chapter 6. Establishing an Organizational Risk Appetite
      • Abstract
      • Risk Tolerance Defined
      • Defining Your Organization’s Critical Assets
      • Determining the Threat Insiders Pose to Your Critical Assets
      • Balancing Security Investments and Tolerance for Loss
      • Re-evaluating Asset Prioritization
      • In Summary
      • Case Study 1: Financial Services Firm
      • Case Study 2: Health Care Provider
      • Case Study 3: Telecommunications, Media, and Technology
      • Key Takeaways
    • Chapter 7. Risk Management Using Data Analytics
      • Abstract
      • Introduction to Advanced Analytics
      • Guiding Principles
      • Advanced Analytics in Motion
      • Selecting the Right Tool
      • Business Rule Approach and Development
      • Advanced Analytics Security
      • Security Analytics as a Business Enabler
      • Key Takeaways
    • Chapter 8. Information Security and Technology Integration
      • Abstract
      • Introduction
      • Administrative and Procedural Controls
      • Technical Controls
      • Physical Controls
      • Future of Security Controls
      • Conclusion
      • Key Takeaways
    • Chapter 9. Robust Cyber Risk Management
      • Abstract
      • Cyber Risk Management and Business Performance
      • Robust Mindsets: Secure, Vigilant, Resilient
      • Insider Threat: A Dynamic, Multilevel Problem
      • Building Robust Mental Models and Collective Mindsets
      • Common Characteristics: Secure, Vigilant, Resilient Programs
      • Key Takeaways
    • Chapter 10. Threats Posed by Third-Party Insiders: Considerations for a Vendor Vetting Program
      • Abstract
      • Introduction
      • Trends Driving Prevalence of Vendors in the U.S. Market
      • Examples of Threats Posed by Vendors
      • Vendor Vetting Defined
      • Approach to Vendor Vetting
      • Key Takeaways
    • Chapter 11. Employee Engagement: Critical to Mitigating the Risk of Insider Threat
      • Abstract
      • Introduction
      • Understanding Why Employee Engagement is a Critical Issue
      • Engagement is a Critical Workforce Challenge Today
      • Workplace Drivers of Engagement
      • Measuring Employee Engagement
      • Improving and Sustaining Engagement
      • Key Takeaways
    • Chapter 12. Workplace Violence and Insider Threat
      • Abstract
      • Introduction
      • A Historical but Cumulative View of Workplace Violence and Insider Threat
      • Key Concepts
      • Myths Regarding Workplace Violence
      • Warning Signs
      • Key Takeaways
    • Chapter 13. Monitoring and Investigating
      • Abstract
      • Monitoring
      • Responding to an Insider Threat
      • Key Takeaways
    • Chapter 14. Privacy Considerations for Insider Threat Mitigation Programs
      • Abstract
      • Introduction
      • Data Privacy and the Collection of Potential Risk Indicators (PRIs)
      • Balancing Data Privacy with Effective Insider Threat Mitigation
      • The Privacy Impact Assessment (PIA)
      • Additional Privacy Considerations
      • Conclusion
      • Key Takeaways
    • Chapter 15. What the Future Holds
      • Abstract
      • Insider Threat: A Look Forward
      • The Changing Definition of Insider
      • Understanding the Macro Environment
      • Emerging Trends
      • Big Data and Risk Analytics
      • Scenario Planning
      • What’s Next?
    • Appendices
      • Chapter 5
      • Appendix G: Business Assurance/Insider Threat Working Group Charter
      • Appendix I: Business Rule Development
      • Appendix L: FAQs
    • Index

Product details

  • No. of pages: 252
  • Language: English
  • Copyright: © Butterworth-Heinemann 2016
  • Published: May 26, 2016
  • Imprint: Butterworth-Heinemann
  • eBook ISBN: 9780128026229
  • Paperback ISBN: 9780128024102

About the Author

Michael Gelles

Dr. Michael Gelles consults in security, intelligence, and law enforcement for Deloitte in Washington, D.C. and is a thought-leader on the security risks, asset exploitation, and workplace violence associated with insider threat. Dr. Gelles is a frequent lecturer and has written numerous articles and book chapters on organizational management, forensic psychology, law enforcement, terrorism, and counterintelligence.

Affiliations and Expertise

Deloitte Consulting, LLP, Washington, DC, USA

Ratings and Reviews

Write a review

Latest reviews

(Total rating for all reviews)

  • Brooke E. Thu Dec 28 2017

    Insider Threat

    Excellent book, covers all aspects of what an insider threat poses