ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: MT012.007
  • Created: 22nd September 2024
  • Updated: 22nd September 2024
  • Contributor: The ITM Team

Sexual Extortion

A subject is extorted by a third party threatening to expose sexual or indecent images connected to them, a tactic commonly referred to as sextortion. These images may be real, obtained by a third party, AI-generated, ‘deep fake’ images resembling the subject, or entirely fabricated claims. The extortion is typically financially motivated, which can drive the subject to harm the organization for personal gain. Alternatively, the third party may coerce the subject into compromising the organization by revealing sensitive information or granting unauthorized access.

Prevention

ID Name Description
PV039Employee Mental Health & Support Program

Offering mental health support and conflict resolution programs to
help employees identify and report manipulative behavior in the
workplace

PV042Employee Vulnerability Support Program

A structured program, including a helpline or other reporting mechanism, designed to assist employees who feel vulnerable, whether due to personal issues, coercion, or extortion. This process allows employees to confidentially raise concerns with trusted teams, such as Human Resources or other qualified professionals. In some cases, it may be appropriate to discreetly share this information with trusted individuals within the Insider Risk Management Program to help prevent and detect insider threats while also providing necessary support to the employee.

PV038Insider Threat Awareness Training

Training should equip employees to recognize manipulation tactics, such as social engineering and extortion, that are used to coerce actions and behaviors harmful to the individual and/or the organization. The training should also encourage and guide participants on how to safely report any instances of coercion.