Insider threats to a financial services firm are often classified into the three main areas of anti-money laundering, fraud, and security. Information systems for these three areas are important for combating insider threats. However, also having solid processes and sound policies and procedures are very important to the success of such programs.
In the United States, and many other countries, government regulations play a major role in helping to establish risk management and compliance programs for adapting policies, procedures, and systems that are affordable.
A focus on the information security aspects of insider threats can benefit the financial firm in many ways. One approach I have used for multiple companies involves the following:
- Define the insider threats to the firm in terms management understands
- Establish a framework for describing and communicating insider threats to various audiences
- Develop a program to identify and understand the insider threats and associate a set of risk metrics, as needed
- Update information security policies, procedures, and guidelines to form a culture that will identify and respond to insider threats
- Establish an appropriate training and awareness program to include insider threats
- Deploy and/or update technologies that will help mitigate insider threat risks
- Establish an annual review program to ensure compliance with policies and industry regulations
