I speak to people in the security industry daily, have attended numerous talks and read lots of articles about the rising threats in the security industry and what can be done to prevent, counter, control and eventually eliminate them (if that's possible).

One of the reoccurring points raised is undoubtedly about the human factor. The human factor starts inside your organisation, by changing attitudes, raising awareness and improving training. This is referenced in one of my previous articles.

I look around the office at my colleagues thinking " Who is an Omitter? Who's a Retaliator?..."

Omitters are defined as someone that could unintentionally breach rules and need help from colleagues to reduce the insider threat risk they present. 

Retaliators on the other hand, these are employees who deliberately undertake small acts designed to harm the organisation.

"Gary, he is definitely a Retaliator, especially after he missed out on that promotion last Christmas"

I can imagine that most businesses are made up of Omitters. The people that unintentionally breach the rules, normally through lack of understanding or awareness.  The sad thing I can imagine about a lot of these unfortunate situations will be that these guys and gals would purely be trying to just get their job done, maybe going above and beyond by doing work at home, in their spare time etc.

So take a look from behind your screen - what types of people is your organisation made up of?

P.S. "Gary" is a fictional character... no, not you Gary from Accounts.