Insider threat

Forensic Control focuses on the prevention, detection and investigation of insider threat through psychoanalytical analysis (addressing the human side) and cyber forensics (addressing the digital realm).

Very often businesses rely solely on technology to identify and address insider threats. However, as such threats are fundamentally a people issue, technical solutions alone are insufficient. We believe that only a holistic approach is adequate in comprehensively protecting a business’s assets.

To secure your company’s reputation, intellectual property and valuable digital assets we offer clients insider threat risk assessments and strategic planning advice, training and education, alongside behavioural and cyber forensic investigation services. Our approach aims to help management understand the strengths and weaknesses revealed in an insider threat risk analysis, and introduce programs to address such issues.

020 7193 3324

Case Study

Insider threat

A director and his wife at an insurance company had been receiving anonymous letters and emails alleging that he was having an affair. The details listed in the communications indicated that the sender was within the office.

Interviewing staff, getting a detailed background of life at the company, we identified six potential suspects. We visited the office one evening after staff had left and forensically collected data from their computers. On analysing it, we realised that due to the way the computers were set up, there was very little digital evidence available to be analysed. This is where most forensic companies would draw a blank conclusion.

Forensic Control’s psychoanalytical expert, using material as diverse as noting how people decorated their desks and psycholinguistic content analysis of emails, established the personalities of the six suspects and potential motives. It lead us to believe that one person in particular was the most likely candidate. We reported our findings to the client with advice on how to present them to the suspect. On being shown the evidence the employee tendered their resignation, saving our client the time and cost of taking the case to tribunal.

Our methodology in combatting insider risk

Using the methodology used by the world-leaders in insider risk detection and mitigation at the CERT Center at Carnegie Mellon University, Forensic Control examine 19 areas of a business within the areas of HR, legal, IT, data ownership, physical security and software engineering that organisations should implement to better prevent and detect insider threats.

We offer three levels of assessment in this area:

1. An assisted questionnaire, filled in by the client and assessed by Forensic Control. Results are provided in a report.

2. On site interviews with key personnel, allowing a deeper understanding of the business. Risk level assessed and provided to the client in a report.

3. As in 2, but with the interviewees producing evidence of their answers. Risk level assessed and provided to the client in a report.


Top 10 IT forensic dos

Tip 5 . Do not inform anyone other than necessary that an investigation is underway

What our clients say