airport security 2013 jayne maisey
TRANSCRIPT
![Page 1: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/1.jpg)
Insider Threat
Jayne Maisey
Head of Regulation, Policy & Practice Birmingham International Airport
![Page 2: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/2.jpg)
Insider Threat
Jayne Maisey Head of Regulation, Policy
and Practice
![Page 3: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/3.jpg)
What is Insider Threat ?
A person who exploits, or has the intention to
exploit, their legitimate access to an
organisation’s assets for unauthorised purposes
Employees
Former employees
Contractors
Business associates
![Page 4: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/4.jpg)
Insiders in Aviation
Scale and Complexity of the Aviation
Industry
50,000 commercial flights airborne
![Page 5: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/5.jpg)
...Insider Threat to Aviation Security?
The global threat to Aviation Security is well known .
Security is ‘preventing adverse consequences from the intentional and unwarranted actions of others’
As an industry we expend energy combating outsiders but not so much insiders
The strength and weakness of any security system is people
![Page 6: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/6.jpg)
UK based study – top 5 threats
Unauthorised disclosure of sensitive information
Process corruption
Facilitation of third party to an organisation's assets
Physical sabotage
Electronic or IT sabotage
• 80% of all incidents have a cyber element.
![Page 7: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/7.jpg)
Demographics – consistent picture
More men engaged in insider activity – 82%
49% cases occurred within the 31-45 years age group
88% carried out by permanent staff (93% full time )
7% involved contractors and 5% agency or Temporary staff
Highest concentration of perpetrators by role :
Customer service - 20%
Financial - 11%
Security 11%
![Page 8: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/8.jpg)
Insider behaviour
Deliberate insider – obtaining employment to exploit their access
Self initiated insider – taking an opportunity to exploit access permissions
Recruited insider – Recruited by a 3rd party
![Page 9: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/9.jpg)
Primary motivation
58% of cases were more likely to be graduates
![Page 10: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/10.jpg)
Individual level factors - personality
Immature
Low self esteem
Amoral and unethical
Superficial
Prone to fantasising
Restless and impulsive
Lacks conscientiousness
Manipulative
Emotionally unstable
Personality disorder
![Page 11: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/11.jpg)
Individual – circumstances / behaviours
Poor work ethic
Stressed
Exploitable
Ready access to
valuable/key assets
Recent Negative life event
Excessive copying of
materials
Unusual IT activity
Unauthorised handling of
sensitive material
Commits security
violations
![Page 12: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/12.jpg)
Organisational factors
Poor Management practices
Poor use of auditing functions
Lack of protective security controls
Poor security culture
Lack of role based risk assessments
Poor pre-employment screening
Poor communication between business areas
Lack of awareness of ‘insider’ risk at senior level
![Page 13: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/13.jpg)
Aviation a special case ?
Rajib Karim – Airline IT engineer Guilty – Jailed for 30 years
Engaging in conduct in
preparation of acts of terrorism.
Terrorist fundraising.
Possessing a document likely to
be of use to a terrorist.
![Page 14: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/14.jpg)
Rajib Karim – Double life
Worked since 2007 for British Airways in Newcastle Extremist beliefs – fund raising. Direct communication with Muslim cleric – al Awlaki.
Information about IT hardware locations Associates with key areas of access.
Jan 2010 – Rajib Karim
Government Agencies supplied the lead Would security measures alone have been successful
?
![Page 15: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/15.jpg)
Assessing the risk.
Assess nature and magnitude of the risks, role by role.
Identify credible threat scenarios: Modus operandi
Target
Roles
Threat likelihood – Intelligence
Consequences – human, psycholgical, reputational, political and economic.
THREAT x VULNERABILITY = RISK
Effectiveness of mitigating measures
Residual Risk
![Page 16: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/16.jpg)
Pre-employment screening
![Page 17: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/17.jpg)
Ongoing preventative measures - STOP
Random searches
Limit lone working
Limit the carriage of personal belongings into the critical part
Restrict personal storage
Reduce, restrict access levels
Clear pass display, check and challenge
![Page 18: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/18.jpg)
Potential mitigations - SPOT
Effective management
Effective Team Working
Confidential Reporting ‘whistle blowing’.
Welfare monitoring
Pass use analysis
Incident management
Media profile checks
Monitor Social Media Sites
Standard Operating Procedures
Deterrence Communications
![Page 19: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/19.jpg)
Security culture
![Page 20: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/20.jpg)
Security management system - SeMS
![Page 21: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/21.jpg)
SPOT, STOP....Act
Process to manage the situation.
Role vulnerability already assessed
Investigation
Possible outcomes
Return to duties
Dismissal
Restriction of duties
Permit individual to seek alternative position
Most breaches have a simple explanation
![Page 22: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/22.jpg)
Summary
Insider threat is real
People are the problem and the solution.
‘No security gap is too small’
![Page 23: Airport security 2013 jayne maisey](https://reader034.vdocument.in/reader034/viewer/2022052523/55698b8ad8b42a673a8b496c/html5/thumbnails/23.jpg)
New recruits required ???