Spending Review: Prepare for the insider threat as staff are squeezed


Spending Review: Prepare for the insider threat as staff are squeezed

The growing uncertainty across the public sector workforce attracts a number of risks and opportunities around staff behaviour. Public sector leaders need to seize the moment in managing this challenge to help create a stronger and more efficient risk culture with wide ranging benefits.

The "insider threat" will rise considerably as the public sector workforce is cut, as is widely expected, by half a million people by 2014/15. Such behaviours, whether or not intentional, threaten information security, reputation and business continuity.

Major risks include:

• Damage to or theft of key assets and critical equipment.

• Mass deletion/corruption of files and records,

• Exposure or leakage of sensitive corporate information

Exposure to information risk and security is increased by inefficient archaic processes and low staff morale and motivation. Organisations who focus on improving both process efficiency and risk culture through the active involvement and engagement of staff will drive a multitude of benefits including reducing the success of insider and cyber attacks.

All staff should be actively encouraged by leaders to spot and implement opportunities to improve processes, controls and technology, creating a stronger sense of loyalty and risk culture as well as improvements to the organisation's overall effectiveness and efficiency in delivering public service.

Public sector managers need to focus on improving staff motivation and morale and undertaking efficiency reviews of processes. In the short term controls are required to monitor and track where key data assets are stored in order to ensure the risk of loss, leakage or corruption is reduced.

James Nunn-Price is an associate partner in Deloitte's UK security practice

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

This was first published in October 2010


COMMENTS powered by Disqus  //  Commenting policy