Be Insider Risk Ready
Engage your people or face the security consequences, that’s the message that we will tell industry communicators today. The event, ‘Are you insider risk ready?’ hosted by groups from the Chartered Institute of Public Relations recognises the role that effective organisational communication plays in preventing, managing and recovering from insider events.
Insider events occur when those in a workforce act against the interest of the organisation. NPSA defines them as, ‘the activity, conducted by an insider (whether intentional or unintentional) that could result in, or has resulted in, harm or loss to the organisation’1.
Examples could include disclosing privileged information, sabotaging critical systems or inflicting physical harm due to privileged position, and they are on the rise. 92% of global security chiefs expect their organisation to be impacted in the next 12 months2. Costs to business go beyond the financial to include erosion of trust, workforce morale and reputational damage. Factors like the squeeze on livelihoods, global instability and declining levels of trust in authority all make insider events more likely.
In the address, NPSA will reiterate the leadership role that communications professionals can play in reducing the impact of an insider event. Calling for greater integration between security, HR and communication professionals at an executive level, its new guidance, “Insider events: A communications guide to reduce their impact” is unveiled to help organisations protect their greatest asset of all, their people.
Whilst the threat is real and rising, the guidance, recognises that people are an organisation’s greatest security asset and offers optimism and practical advice for organisations in building their resilience: “Effective communication is critical in helping leaders be insider risk-ready. It goes so much further than managing reputational risk, it can make an organisation less vulnerable to attack in the first place, and should an event occur, enhances how well it recovers reputational trust, inside and out”.
NPSA’s latest communications guidance is available to download here https://www.npsa.gov.uk/resources/insider-event-guidance.
1In May 2023, NPSA updated its definitions through its advice and communications channels to reflect the fact that insider risk comes from everybody inside an organisation (If you have people, you have insider risk).
2World Security Report 2023. Commissioned by Allied Universal and G4S. Interviews with 1,750 chief security officers from large global companies in 30 countries representing more than $20 trillion in 2022