Insider Threat: The Risk of InactionLockheed Martin's Thomas on How to Spur the Board into Action
The insider threat is one that organizations often want to overlook. But it's hard to ignore when they are losing critical assets. Lockheed Martin's Douglas Thomas tells how to sell an insider threat program.
The first hurdle is to convince senior leaders that they even have an insider threat problem, says Thomas, Director, Counterintelligence Operations and Investigations for Lockheed Martin Corporation.
"It's becoming harder and harder to justify to leadership that they need to invest in a program, when it's overhead," Thomas says. "However, when you describe how the threat landscape has shifted from primarily nation states stealing classified information to stealing research and development, trade secrets and intellectual property ... and you share federal government trends that demonstrate the insider threat problem is trending in the wrong direction, it usually gets their attention."
But once you get their attention, then you need to convince them that the insider threat requires unique treatment.
"Today, I think most companies don't act proactively on insider threat issues," Thomas says. "I think they believe their data loss prevention tools equate to an insider threat program, and I'm not of that opinion."
In an exclusive interview, Thomas discusses:
- How to convince the board to fund an insider threat program;
- Essential elements of a program;
- The business risks of doing nothing to address the threat.
This is the second in a series of three interviews dedicated to "Selling Security to the Board." Other installments of this series, sponsored by Lockheed Martin, are focused on APT defense and security intelligence centers.
Thomas is the Director, Counterintelligence Operations and Investigations for Lockheed Martin Corporation. In this capacity, he leads a staff that is responsible for providing advice and guidance relative to investigations, counterintelligence and counterterrorism matters impacting the Corporation. He is also the primary face to the Intelligence Community. His primary roles are to identify intelligence and terrorism threats to Lockheed Martin Corporation, work with internal and external partners to mitigate those threats, and provide oversight over security-related investigations across the enterprise.
Prior to joining Lockheed Martin, Thomas was the Principal Deputy Director of Counterintelligence for the Nation following a mini-confirmation process by the White House, and the House and Senate Select Committees on Intelligence. He was the counterintelligence advisor to the Director of National Intelligence and the President of the United States.