The Psychology of Insider Threat Prevention Series

What Do You Deserve?   Careers are challenging, especially because of the complexity of the world we must now navigate. People make the difference. They can be a joy to work with or they can be a danger. In this contemporatry world makes my the dangerous side of computer, peopel can rapidly destroy an enterprise. Insider Threat Prevention (ITP) is the new imperative. Welcome to Part One of my series about the Psychology of ITP.    Your career can be a rewarding life-long experience. It can be an enduring and wonderful gift. Or, it can become a dismal punishment whenever you ignore Moral Wisdom. Career success, however, is a lot like the weather: Everyone talks about it, but no one does anything about it. Sound familiar?  So what kind of career do you want?  If you choose to accept a miserable situation, you may be the cause of your misery.  Where Do You Fit In? Developing effective skills in Cyber Sensitive Environments requires a combination of soft-skills, hard-skills and personal qualities unimagined only a decade ago. University did not prepare you for this, but Moral Wisdom does.   Few Relevant Terms Moral Wisdom; Continuous Performance Management; Cyber Security; Insider Threat Prevention; Archetypes; Workplace Relationships; Resilience; Excellence; Existential Hunger; Applied Intuitive Solutions™; Knowledge Base Systems; Mobility; Human Activity Systems; Evolutionary Guidance; Design Inquiry; Coaching; Trust; Zero Tolerance; Invincible Ignorance; Cardinal Virtues; Sociopathology; Problem-Based Learning; Case-Based Reasoning;  Evidence-Based Solutions; Traces-Based Reasoning; Unified Problem Solving Method; Unified Problem Solving Method Description Language.    

Overview Insider Threat Prevention Cyber Security is a Behavioral, Technical, Managerial, Psychological, and Governance, Risk Management, and Organization Architecture challenge. Part One of the series identifies the disciplines, components, ,perspectives, and strategies that security designers must master to design, implement, and maintain throughout the enterprise to deliver Insider Threat Prevention Cyber Security. Since about 30% of all malicious insider Cyber Attacks completely destroy their targets, proactive identification and prevention are essential. The seriousness and consequences of Insider Attacks place an extreme burden on executives and managers to govern their organizations with a consistently high level of command, communications, control, and coordination. Such strict levels of control and governance pose a problem for an organization that are dedicated to organization models that value trust, openness, and employee self-direction as core Hallmarks of management thinking and team practice. Since Insider Attacks commonly occur by a senior-level and trusted employee with extended access to valuable proprietary information on computers and networks in the form of electronic knowledge, information, and data, Cyber Security people require solutions that enable them to identify human threats behaviorally, sociologically, psychologically prior to any threat action. Prevention is the key when establishing a robust Insider Threat Prevention Cyber Security Program. An insider attach that takes months to discover can be so dangerous that an enterprise may not survive. While most Cyber Security strategies are engaged long after the attack has occurred, Insider Threat Prevention has to occur prior to any malicious Cyber Event is put into motion. Insider Threat Prevention Cyber Security is difficult because a Cyber Security Specialist has to resolve the threat before it has a chance to even get under way. This rarely happens because the plans of the malicious actors remain hidden until the attack has occurred. When this occurs, the damage has been done. . This Series of books (1) identifies the pieces of the Insider Threat Prevention Cyber Security puzzle, (2) presents these pieces in a coherent manner to form an appropriate and adequate Insider Threat Prevention Cyber Security Program methodology, and (3) defines and implements a range of appropriate enterprise-wide and technical strategies that generate the Applied Intuitive Solutions that resolve the insider threat. While part One of the Series describes the Insider Threat Prevention Cyber Security environment, Part Two examines the challenge of complex workplace relationships and the Human Relations Process Model that enables teams to master the Behavioral Side of Insider Threat Prevention Cyber Security. Part Two also examines the problem of sociopathology of the objectives and manipulative workplace relationships that generally produce malicious insider Cyber attacks that destroy organizations. The series also examines Spiritual Relationships in the workplace and their impact on teams and managers.

Overview This book, the third of a four book series, introduces forty behavioral, psychological, management, and technical strategies that collectively enable organizations to unify Continuous Performance Management and other enterprise models with Insider Threat Prevention Cyber Security interventions. Recognizing the core functions of Cyber Security, including Identify, Protect, Detect, Respond, and Recover, do not adequately secure organizations against malicious or accidental insider attacks, the author has designed an Insider Threat Prevention strategic architecture that unifies the Insider Threat Prevention function with the enterprise architecture. Through this unification process, every organization becomes an Insider Threat Prevention Cyber Security enterprise that facilitates the success of all business units by recognizing and neutralizing every incidence of unacceptable insider intrusion. With the constant incursion of very powerful and complicated information technologies into every corner of human life at work and home, the ascent of Insider Threat Prevention Cyber Security as an absolute necessity seems more than reasonable. Unfortunately, this ascent had not yet materialized for several reasons. In the first place, people generally view Insider Threat Prevention Cyber Security as just another kind of technical intrusion that interferes with daily life. People do not see the reasonableness of piling technology upon technology to better control technology. Secondly, Insider Threat Prevention Cyber Security is expensive in several ways, money and inconvenience. Insider Threat Prevention Cyber Security gets in the way by interfering with one's lifestyle and it depletes financial resources. Beyond these common objectives, people draw back from it because they do not what to life this way, everything, every word and every act, monitored every minute of every day at work, and perhaps at home for the home-bound employee. It is kind of spooky to work in a fish bowl. In the modern workplace people want to be trusted and be coached, but not managed and certainly not monitored throughout the day. This is just scratching the surface. When asked about Insider Threat Prevention Cyber Security, people think that it is a good idea for other organizations, but their organization never does anything dubious enough to raise the concern of managers. However, management absolutely should monitor people in the other departments because one can never be too sure what is going on in the world of today. As management begins to summarize the conflicting opinions and attitudes about Insider Threat Prevention Cyber Security throughout the enterprise, they can clearly see that Insider Threat Prevention Cyber Security is essential to the safe governance and operations of the information technology assets, including people and data. The author wrote this series to guide management and their organizations through the pitfalls and tarpits of designing and implementing a unified Continuous Performance Management and Insider Threat Prevention Cyber Security Program.

Throughout this series, I discussed definitive insights and themes in The Psychology of Insider Threat Prevention Cyber Security that can prepare the ITP CS Specialist to become more aware and cautious about the genius of the ordinary malicious insider. Malicious insiders are not often stupid. They are most often very smart people who do stupid things. The dangerous challenge occurs when brilliant people launch malicious insider attacks brilliantly. As we know by now, Insider Attacks can be fatal to an organization. We can never take cyber safety for granted. ITP Cyber Security is all about a kind of interaction that is highly charged by a range of psychological elements such as feelings, models of communications, signs, messages, special purpose languages, the ITP 3Cs of Conflict, Cooperation, Competition, the behavior of social groups, Ideal-Seeking Systems Behavior, mastery of logical propositions, constraints of time, the problem of distortion and faulty observation, and the perfection of perception and identity. These are all rich topics with a long history of development and clarification even before they were applied to Cyber Security.   The challenge of working with people in your enterprise who may or may not be malicious insiders is one of the great challenges faced today by employees, managers, executives and the customers we all serve. Solutions, real solutions, the kind of solutions that prevent malicious insider cyber-attacks are difficult to discover, but you can discover them if you properly prepare yourself for a new kind of psychological warfare. . Normally, special teams mitigate insider attacks after the attacks have occurred. Rarely does anyone actually prevent them. This is why I wrote this series. I know we can prevent them, I know how we can prevent them. I realize that management first designs an enterprise as a business entity. Sometime later, management then implements a Cyber Security organization to resolve insider threats. Today, this is a problem. You only need to think about Continuous Performance Management. It is wrought with risks the CPM people call Hallmarks. In the near future, however, success will require an organization to be designed as a unified Business Process-Insider Threat Prevention Cyber Security enterprise that executes business transactions in a highly secure cyber driven environment.   I want to leave you with a few clarifications that will mean a lot to you when your time comes. In ITP Cyber Security, accuracy matters. Accuracy matters when we present the facts and assumptions of the cyber threat environment. Accuracy matters when we state the facts of the problem situation of insider threats. Accuracy matters when we define the terms and concepts of the cyber threat environment. Accuracy matters when we discuss the choice situations of the cyber threat environment. Accuracy also matters when we describe Interpersonal Feelings in a highly rational and disciplined manner such as when we state that: Gratitude occurs when one individual (A) is grateful to another (B) for something (X) if A believes B intentionally produced X and A is satisfied with X. Or, when we say that Blame occurs when one individual (A) blames another (B) for something (X) if A believes B intentionally produced X and A is dissatisfied with X. (Ackoff & Emery, 1981, pg. 140). Using this formal form in descriptions, we are able to more clearly measure the important elements of each formal description. Measures actually exist for blame and gratitude. These measures are the products of the measures of belief and satisfaction or dissatisfaction. Can you see how a single description establishes a series of descriptive relationships that are measurable and deliver deeper meaning of the concept? This is the language we should use if describing any Insider Attack environment that emerges from one day to the next.