Part Four: Mastering the Components & Systems of Insider Threat Prevention Cyber Security

Throughout this series, I discussed definitive insights and themes in The Psychology of Insider Threat Prevention Cyber Security that can prepare the ITP CS Specialist to become more aware and cautious about the genius of the ordinary malicious insider. Malicious insiders are not often stupid. They are most often very smart people who do stupid things. The dangerous challenge occurs when brilliant people launch malicious insider attacks brilliantly. As we know by now, Insider Attacks can be fatal to an organization. We can never take cyber safety for granted. ITP Cyber Security is all about a kind of interaction that is highly charged by a range of psychological elements such as feelings, models of communications, signs, messages, special purpose languages, the ITP 3Cs of Conflict, Cooperation, Competition, the behavior of social groups, Ideal-Seeking Systems Behavior, mastery of logical propositions, constraints of time, the problem of distortion and faulty observation, and the perfection of perception and identity. These are all rich topics with a long history of development and clarification even before they were applied to Cyber Security. The challenge of working with people in your enterprise who may or may not be malicious insiders is one of the great challenges faced today by employees, managers, executives and the customers we all serve. Solutions, real solutions, the kind of solutions that prevent malicious insider cyber-attacks are difficult to discover, but you can discover them if you properly prepare yourself for a new kind of psychological warfare. . Normally, special teams mitigate insider attacks after the attacks have occurred. Rarely does anyone actually prevent them. This is why I wrote this series. I know we can prevent them, I know how we can prevent them. I realize that management first designs an enterprise as a business entity. Sometime later, management then implements a Cyber Security organization to resolve insider threats. Today, this is a problem. You only need to think about Continuous Performance Management. It is wrought with risks the CPM people call Hallmarks. In the near future, however, success will require an organization to be designed as a unified Business Process-Insider Threat Prevention Cyber Security enterprise that executes business transactions in a highly secure cyber driven environment. I want to leave you with a few clarifications that will mean a lot to you when your time comes. In ITP Cyber Security, accuracy matters. Accuracy matters when we present the facts and assumptions of the cyber threat environment. Accuracy matters when we state the facts of the problem situation of insider threats. Accuracy matters when we define the terms and concepts of the cyber threat environment. Accuracy matters when we discuss the choice situations of the cyber threat environment. Accuracy also matters when we describe Interpersonal Feelings in a highly rational and disciplined manner such as when we state that: Gratitude occurs when one individual (A) is grateful to another (B) for something (X) if A believes B intentionally produced X and A is satisfied with X. Or, when we say that Blame occurs when one individual (A) blames another (B) for something (X) if A believes B intentionally produced X and A is dissatisfied with X. (Ackoff & Emery, 1981, pg. 140). Using this formal form in descriptions, we are able to more clearly measure the important elements of each formal description. Measures actually exist for blame and gratitude. These measures are the products of the measures of belief and satisfaction or dissatisfaction. Can you see how a single description establishes a series of descriptive relationships that are measurable and deliver deeper meaning of the concept? This is the language we should use if describing any Insider Attack environment that emerges from one day to the next.