ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: MT012.006
  • Created: 18th September 2024
  • Updated: 22nd September 2024
  • Contributor: Arvydas Jonusauskas

Long-Term Relationship Building

A malicious third party gradually builds a relationship with the subject over an extended period, slowly gaining their trust. This trust is then exploited to access sensitive information or systems, often without the knowledge of the subject.

Prevention

ID Name Description
PV039Employee Mental Health & Support Program

Offering mental health support and conflict resolution programs to
help employees identify and report manipulative behavior in the
workplace

PV042Employee Vulnerability Support Program

A structured program, including a helpline or other reporting mechanism, designed to assist employees who feel vulnerable, whether due to personal issues, coercion, or extortion. This process allows employees to confidentially raise concerns with trusted teams, such as Human Resources or other qualified professionals. In some cases, it may be appropriate to discreetly share this information with trusted individuals within the Insider Risk Management Program to help prevent and detect insider threats while also providing necessary support to the employee.

PV038Insider Threat Awareness Training

Training should equip employees to recognize manipulation tactics, such as social engineering and extortion, that are used to coerce actions and behaviors harmful to the individual and/or the organization. The training should also encourage and guide participants on how to safely report any instances of coercion.