While unintentional instances of insider threats can cause significant damage in terms of cost, data recovery, and downtime, intentional insider threats can be far more damaging (Richardson & Thies, 2013). The insider threat has the potential to cause the most significant damage to infrastructure, networks, and information often because they are in a trusted status, may have physical access to critical hardware, and have time to evaluate where the weaknesses are within the organization. Alhajjar and Bradley (2021) reference the 2018 U.S. State of Cybercrime Survey which estimates that 25% of cyberattacks belong to insider threats, thus requiring a constant state of vigilance. The most prolific, recent insider threat known to this author was the Edward Snowden leak which resulted in large troves of classified data leaked with a relatively unsophisticated methodology. When all was done, the act significantly compromised the United States’ intelligence community, dissuaded the public perceptions, and transformed the public awareness of technology risks.

Richardson and Thies (2013) mention the Red Team remains more effective to identify the vulnerabilities or the unrealized risks as professional cyber criminals have the benefit of time on their side to identify weaknesses. The authors recommend providing the Red Team with a map of weaknesses to enable them to focus on highlighting the exploitations and mechanisms to harden defenses all with prioritizing time efficiency (Richardson & Thies, 2013). Red Teams should be focused on exploiting vulnerabilities to encourage program modifications to strengthen security (Enoch, Moon, Lee, Ahn, & Kim, 2022). In the modern, multi-dimensional cybersecurity environment, breaking free of group-think by consulting with outside entities is necessary to validate a constant state of fortification.

In the Christian worldview, there is a responsibility to provide stewardship over God’s resources. As such, Christians must be dedicated to ensuring cyber attacks do not reduce allocations to continue God’s work. Faithful stewards ensure the appropriate planning, preparation, and validation are complete throughout processes. John 10:10 (ESV) states “The thief comes only to steal and kill and destroy. I came that they may have life and have it abundantly,” referring to the saving of all God’s people. Vigilance must be consistently applied to the framework of preventing, identifying, and dissuading potential insider threats.

References

100 Bible verses about stealing. What Does the Bible Say About Stealing? (n.d.). Retrieved May 10, 2022, from https://www.openbible.info/topics/stealing

Alhajjar, E., & Bradley, T. (2021). Survival analysis for insider threat: Detecting insider threat incidents using survival analysis techniques. Computational and Mathematical Organization Theory, https://doi.org/10.1007/s10588-021-09341-0

Enoch, S. Y., Moon, C. Y., Lee, D., Ahn, M. K., & Kim, D. S. (2022). A practical framework for cyber defense generation, enforcement and evaluation. Computer Networks (Amsterdam, Netherlands : 1999), 208https://doi.org/10.1016/j.comnet.2022.108878

Richardson, T., & Thies, C. N. (2013). Secure Software Design. Jones & Bartlett Learning.