Financial institutions face a larger and more dangerous landscape of threats—internal and external—than ever before: state-sponsored cyber attacks, public-record social media espionage, email phishing schemes, and an array of insider threats designed to defraud monetary, IP, technological, and other assets. These threats originate from the vectors of information access and physical access. Malfeasant actors can present in many job roles in the financial industry, including but not limited to Trading, Brokerage, PCI/PII handling, Funds/wire handling, Accounting. Information technology, Restricted/badged access, Executive management, Security, and Contractors. Stunningly, each insider threat incident can cost companies up to $8 million.
Insider threats from employees, contractors, agents, adjusters, and outsourced support in the insurance sector are a major component of cyber risk, workplace crime, and insurance fraud. National Association of Insurance Commissioners (NAIC) estimates that insurance fraud is estimated at over $100 bn per year. Beyond fraud, research indicates that more than half of corporate losses from cyber threats involve insiders who initiate or facilitate these crimes, and that almost half (49.5%) of insiders were employed by the victim organization for five years or more when they started their malicious activity, according to a Carnegie Mellon report on fraud in the financial and insurance industries. Fraud schemes in the insurance business often involve more than just the insider who has access to money and/or sensitive data. The ubiquity of Stolen Identity Refund Fraud (SIRF) makes fraud and identity theft the most frequent insider threat incident for Finance and Insurance companies, followed by theft of intellectual property (IP) and IT sabotage. Insurance companies and their commercial customers often perform pre-employment background checks to screen candidates, but once hired, rarely are checks renewed and monitoring of employee behavior is usually limited to their use of technology within the workplace. The same Carnegie Mellon study recommended recurring background checks, especially as employees change roles and may have access to more sensitive information. The same behaviors which may have disqualified someone prior to hiring may occur during employment and most businesses are never aware. Most companies do not have external legal and behavioral information available to them, a method for fairly and judiciously collecting internal indicators of malfeasance, or a business application necessary to receive, process and take appropriate actions. That has changed with the introduction of Resolve by ClearForce.
Hospitals, the healthcare system at large, and its complicated medical billing process are the leading source of identity theft in the U.S. This stems from the large volume of relatively unsecure personally identifiable information (PII) and protected health information (PHI) residing on healthcare networks, the increasing number of access points including mobile and tablets, and a primary security focus on outside threats. The insider poses a greater threat because their legitimate access to systems avoids traditional defenses such as intrusion detection or physical security. They also may have knowledge of the network and vulnerabilities better than anyone on the outside. While an insider may be simply careless, others cause harm with malice. The insider threat concept includes a variety of employees, from those unknowingly clicking on a malicious link or losing a work device containing sensitive data to those maliciously selling access codes or PHI/PII for profit. Detection and mitigation require more than network defenses; it requires a wholistic approach which accounts for employee stress, motivation, opportunity, and other indicators. Needless to say, the legal and reputational ramifications of this activity can be staggering.
All too often, standard background checks are inadequate to screen individuals employed or involved in sensitive roles such as companies that provide in-home services, community organizations, and the like. The sheer volume and fluidity of data makes it impossible for a one-time snapshot to provide ongoing proactive monitoring and mitigation for criminal or malfeasant behavior. Missed cues open the door for legal and reputational liability that is very difficult and expensive to correct. For companies and organizations looking to protect their customers, constituents, members—and themselves—ClearForce provides comprehensive and continuous fully automated monitoring, alerting and mitigation outlines for potentially negative behavior. Criminal arrest information is made immediately actionable by a proprietary, fully automated and standardized mini-investigative process which complies with EEOC requirements.
Self and Peer Reporting
ClearForce creates for employees the ability to securely submit peer or self-reports of illegal or inappropriate behavior within the workplace, including anonymous whistle-blower reports. All external and internal behavioral alerts, incident reports and complaints are centrally captured, archived, and adjudicated within the ClearForce system. Resources needed to research past complaints, identify corporate prior practice, respond to legal or regulatory questions, and report on trends are significantly reduced, as organizations spend less time recreating process and more on discovering and properly responding to employee misbehavior directly and its wider impact on colleagues, customers, and partners.
Federal Government Agencies
Threats to Federal Government agencies involving theft of sensitive information, cyber attacks, and other damaging compromises are growing rapidly as information access, distribution and sharing increases along with the expansive universe of personnel—both inside and outside the Federal Government—that support agency missions. Unfortunately, efforts to prevent misconduct are often narrowly focused and only involve detection of behavior that occurs within the walls of the workplace. Cybersecurity measures are frequently focused on threats from outside an organization rather than threats posed by untrustworthy individuals inside an organization. Well-publicized insiders have caused irreparable harm to national security interests when there have been ample outside behavioral indicators that were missed, when Insider Threat programs were already in place, which could have mitigated such incidents. ClearForce Resolve provides a “single pane of glass” view of internal and external factors.
Criminal malfeasance in the form of intellectual property theft, espionage, and theft of classified information is not just a security concern for government contractors, it is a challenge which can all-too-frequently become headline news, costly to your organization on financial and reputational fronts. The complex network of employees, contractors and sub-contractors utilized by most government contracting firms creates a very large window of vulnerability. Monitoring and proactively preventing employee-related security breaches of all kinds continues to be a daunting challenge. With ClearForce Resolve, organizations can immediately deploy an optimized solution or for those with current “tools,” an enhancement to close organizational gaps. Our platform provides for proactive monitoring, alerting and remediation across a comprehensive range of stress and negative activity issues that lead to costly compromises.
Membership businesses, including dating sites, property rentals, in-home nursing care, pet care, home improvement and ride share services, by nature involve intimate interaction between people who don’t know each other, leading to potential for mistrust, or even worse, malfeasance in this anonymous environment. For-profit membership organizations are part of the “Access Economy,” i.e., organizations that connect suppliers renting assets with consumers, an economic sector valued at around $26 billion a year in 2015. The need for better vetting and protections for users and providers on both sides of these transactions is growing. Consumers have begun to insist that service providers have adequate screening and safety measures in place. Despite this, surprisingly few of these vulnerable businesses and organizations conduct comprehensive background checks on members. If they do, the checks are a one-time snapshot which provides an incomplete picture across time. As criminal behavior in this market increases, a commitment to consumer safety in the membership organization ecosystem will elevate consumer confidence, usage and overall satisfaction. ClearForce Resolve provides continuous monitoring in near real time to ensure ongoing safety now and in the future.
Like no other industry, aviation is rife with stress factors for employees—intense physiological, psychological, and environmental stressors. This is owing not only to a heavy workload and demanding regulations, but also the safety of millions of passengers and goods entrusted to commercial airline and freight transport personnel on a daily basis. All job roles play an integral part of this chain—pilots, flight attendants, air traffic controllers, ground crew, security, maintenance personnel and more. One study indicates that 70% of surgeons agree that stress doesn’t impact their performance, while only 26% of pilots said the same. Dynamic environments can also raise stress levels. Psychological factors include personal issues, on-the-job experiences, mental health, and relationships. All these stressors limit peak performance, impacting productivity and also creating vulnerability to legal liability.
Energy & Utilities
As part of the nation’s critical infrastructure, public and privately held energy and utility companies are high profile targets for cyber attacks from nation states and other bad actors. In addition to local municipalities, our National defense, critical infrastructure and manufacturing facilities all depend on reliable energy and utilities. Every day these power distribution networks are under threat from external and internal bad actors employing logic bombs, back doors, phishing scams and other attempts to infiltrate and compromise these networks. Angry customers, environmental groups, hacktivists and criminals also present threats, both from the outside and enabled by insiders, who can be lured with social engineering, financial gain and other incentives. It goes without saying that insider knowledge can be a significant expedient to any of these threat vectors. Recent reporting indicates attacks are growing in volume and sophistication—compromises can be a result of accidents or willful insider schemes, but in either case, a proactive, holistic understanding of your workforce behaviors and stressors inside and outside the workplace is critical. A 2008 report by DHS identified that many critical and key resource (CIKR) operators lack awareness of the threat insiders pose. Additionally, DHS also warned as early as 2011 of the danger of insiders obtaining influential positions in energy and utility companies for the purpose of malfeasance. The best defense against the complex threat landscape is a trusted workforce through engaged and informed leadership, supported by ongoing, complaint and bias-free risk monitoring.