At Accordant Global Partners (AGP), we serve some of the most prominent families, corporations and business leaders in the world. Our purpose is to ensure the families and organizations under our protection remain resilient to the unique and dynamic global risk landscape. We do this across Five Pillars of protection and Risk Management - Cyber, Personal, Medical, Travel and Bespoke. 

In recent years, we have observed a consistent upward trend in the prevalence of Trusted Insider risk, which has had profound repercussions on individuals and their families, both emotionally and financially. Recognizing the significance of this issue, it becomes imperative to institute an annual policy as a proactive measure to mitigate the potential harm caused by such risks.

Introduction

A trusted insider threat refers to a situation in which an individual, either intentionally or unintentionally, causes harm or exploits their position of trust within your family organization or business. This threat is not to be taken lightly, as it can result in significant damage to various aspects of your family's life, including reputation, health, wellbeing, and both business and family culture. In this article, we will delve into the intricacies of managing the trusted insider threat to ensure the security and stability of your family's assets and relationships.

Understanding the Trusted Insider

1. The Unintentional Insider:

Trusted employees or contractors who inadvertently expose or make vulnerable privileged information, techniques, technology, assets, or premises. Their actions may stem from ignorance or carelessness, rather than malicious intent.

2. The Malicious Insider:

These individuals pose a more deliberate threat as they intentionally expose or make vulnerable privileged information, techniques, technology, assets, or premises. Malicious insiders can be further categorized into two types:

   a. Self-Motivated Insider:

Individuals who act on their own volition without any external influence. Their actions are driven by personal motives, such as greed, resentment, or ideology.

   b. Recruited Insiders:

Individuals co-opted by third parties with malicious intent to exploit their potential, current, or former privileged access. This category includes those who collaborate with criminal organizations or other external entities.

Types of Insider Activities

Insider activities encompass a wide range of actions, from overt betrayal to passive, unwitting involvement in causing harm. Some common insider activities include:

- Unauthorized disclosure of information, including intellectual property.

- Physical or electronic sabotage of systems, equipment, or assets.

- Facilitating third-party access to premises or systems.

- Engaging in corrupt practices that undermine the integrity of your family's organization.

- Theft and fraudulent activities, which can result in substantial financial losses.

- Crimes against vulnerable family members, such as children in their care.

Mitigating the Trusted Insider Threat

To effectively manage the trusted insider threat within your family organization, consider implementing the following strategies:

1. Thorough Background Checks:

Conduct comprehensive background checks, including OSINT checks, criminal history checks, and reference verifications, for individuals with access to your family and sensitive information. The thoroughness and regularity of the background check is based solely off the level of access an individual has, to anything that can negatively influence the family's reputation, health and wellness, culture and business.

2. Implement Access Controls:

Limit access to privileged information, assets, and systems to only those who genuinely require it for their roles and monitor access diligently.

3. Raise Awareness:

Educate family members, employees, and contractors about the potential risks associated with trusted insiders and the importance of reporting suspicious activities.

4. Establish a Reporting Mechanism:

Create a confidential reporting mechanism that allows individuals to report concerns or suspicious behavior without fear of retaliation.

5. Create or Establish Written Policies and Conduct Regular Audits:

The escalating threat posed by Trusted Insider incidents underscores the need for a structured and comprehensive approach. By establishing an annual policy, we aim to create a safeguard that not only bolsters security but also offers peace of mind to our valued stakeholders. This proactive stance not only protects against potential financial losses but also preserves the emotional well-being of our community.

Conduct periodic security audits and risk assessments to identify vulnerabilities and implement necessary safeguards.

6. Legal Protections:

Consult legal experts to ensure that you have adequate legal protections in place, such as non-disclosure agreements and confidentiality clauses.

Case Study: Uncovering the Insider Threat

To illustrate the significance of managing the trusted insider threat, let's examine a real-life case study involving a prominent family and their potential nanny, "Jane."

The family was initially impressed with Jane's qualifications and demeanour during interviews and CV checks. However, when they conducted an Open-Source Intelligence (OSINT) Check, they uncovered a startling revelation. Jane had an alter ego in the online world, where she was deeply involved in extreme activist groups opposing the resources sector—an industry from which the family derived their wealth.

This discovery raised concerns about the potential risks associated with bringing Jane into their family's inner circle. It highlighted the importance of comprehensive background checks and due diligence when considering individuals for positions of trust within your family organization.

Conclusion

The trusted insider threat is a real and enduring risk that can have far-reaching consequences for your family, both personally and professionally. By adopting a proactive and comprehensive approach to managing this threat, you can safeguard your family's assets, reputation, and overall wellbeing. Remember that prevention and vigilance are key to maintaining the security of your family organization and its trusted network.

Accordant Global Partners (AGP) is a Risk Management advisory firm. We are a global network of risk professionals serving some of the most prominent families, corporations and business leaders in the world. Our Purpose – To ensure the families and organizations under our protection remain resilient to the unique and dynamic global risk landscape. ​We do this across Five Pillars of protection and Risk Management - Cyber, Personal, Medical, Travel and Bespoke. Learn More About Accordant Global Partners →