I recently attended the IQN annual user conference—IQNsiders 2016—along with 200+ customers, partners and industry experts. Prior to the conference, two colleagues and I had the opportunity to visit the International Spy Museum in Washington, D.C. It’s not all about James Bond but rather traces the roots of the ‘game’ all the way back to 16th Century Europe.

I recently attended the IQN annual user conference—IQNsiders 2016—along with 200+ customers, partners and industry experts. Prior to the conference, two colleagues and I had the opportunity to visit the International Spy Museum in Washington, D.C. It’s not all about James Bond but rather traces the roots of the ‘game’ all the way back to 16th Century Europe.

Our first thoughts of spies may well be people driven by political ideology, international espionage and the like. But although this still persists today, the spy threat most likely to have significant impact is commercial, industrial and, above all, targeted at businesses.

The Spy Museum talks of the difference between cover and legend. For businesses, the threat is somewhat different: from outside or within. Typically the word “activist” makes us think of hackers, but all is changing with the lines between commercial/industrial and political becoming more blurred. For example, was the Panama leak politically or commercially motivated? Was it about exposing legal but questionable practices or was it about exposing individuals of influence?

Despite high-profile cases like the Panama Papers, most of the threats to companies come from within. The leakage of 130,000 HSBC accounts in 2006-2007 was by a computer technician. The Ashley Madison website hack that lost CEO Noel Biderman his job was “…definitely a person here that was not an employee but certainly had touched our technical services,” says the CEO.

In 2013, Vodafone had to inform 2 million customers they had become aware of “…high criminal intent and insider knowledge that was launched deep inside the IT infrastructure of the company.” In the same year, the hack into Target lost the CEO and CIO their jobs and, though the hack was from outside and obtained the credit card numbers of 40 million people, the key to the hack was from inside—a trusted member of Target’s supply chain, a refrigeration vendor.

The threat from within is very real. It can cost executive jobs, affect people far and wide, and damage reputations for years to come. Managing this threat is typically seen as a function of the CIO, but where contingent labour is concerned, what role does security and background checking have on the individual?

If your CIO is not insisting on robust screening of an ever-increasing number of people passing through the company, it may affect much more than you think. If the HR department is not providing background checks and undertaking proper screening as part of their selection and onboarding process, it could open the door to the wrong people. If managers approving contingent labour have not asked or do not see the results of appropriate checks, then who ultimately is responsible for the risk?

Here at IQN we take the threat from within very seriously. Our VMS platform helps you mitigate the risk with an associated framework built into your business processes and, with our ecosystem partners, an integrated approach to security screening and background checking. If you want to know more, please contact us or register for our webinar on 15 June, “Understanding the threat from within—identifying and classifying your workforce.”

Data leaks, for whatever reason, are growing but have always been a threat. The frequency of attacks and companies getting hit will amaze you: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/.

Share on FacebookTweet about this on TwitterShare on VKShare on LinkedInShare on Google+Email this to someone