The Convergence of Workplace Violence Prevention and Counter-Insider Threat Programs: A Natural Progression

Deb Kirby

Share this post

Nov 3, 2022

If you’re a corporate security director, in-house counsel or a functional leader (e.g., HR, IT, Operations) engaged in helping to manage the risks associated with insider threats, you may not realize there is an increasingly powerful nexus between the focus and goals of counter-insider threat (CIT) programs and workplace violence prevention (WVP) programs.

On the surface, the drivers and response to insider threat and workplace violence prevention programs might appear very different. However, they share similar predicates to the threat actions. “Insider threats are posed by persons who use trusted access to do harm to the Department's facilities, resources or people," says Dr. Brad Millick, Director of the U.S. Department of Defense counter-insider threat program within the Office of the Undersecretary of Defense for Intelligence. Workplace violence results in harm to people, places and reputation. Both of these threats are magnified given the perpetrators access to employers’ facilities, resources and people.

Prevention is the key security focus when dealing with either insider threats or workplace violence. The security framework to address each of these risks continues to evolve based upon the dynamic nature of the threats presented. Companies across the world are increasingly reliant upon remote technology and mobile work locations and they continue to struggle with delivering open, inviting workspaces that support collaboration while providing security against harmful actors. Here are some of the reasons we believe merging aspects of these programs might benefit the security of your company and your employees.

The Driving Factors are Often Similar

Disgruntled employees often act out in the workplace, displaying behavior that can represent warning signs that benefit from intervention. Problem employees who progress to insider threats or workplace violence share similarities in that they harbor grudges associated with the work environment. They may have a predisposition to such behaviors as well as the focus, motive and means to carry out the threat.

Behaviors that are generally addressed under HR policies and give rise to reporting include yelling, aggression, withdrawal and other inappropriate work behaviors, including poor performance and project failures due to mismanagement and other actions. Individuals who are not performing according to standards may often feel they are being unjustly persecuted or singled out, and their response to stressors in the workplace can be disproportionate for the situation. They may begin to isolate, believing that they are unfairly targeted and unsupported by the work environment.

Recognizing potential harmful outcomes has resulted in policies that require reporting. We regularly advise clients to train their employees to note concerns about their coworkers or other behaviors within their workplace and report these concerns to human resources, their managers, or a designated hotline to identify potential issues and provide for intervention. However, those interventions are often focused solely on workplace violence prevention. We believe companies should look to expand their review to address the potential for insider threats when such behaviors are identified, as both types of behaviors can damage the company.

Prevention is Key

Preventing an incident, whether it’s an insider threat or workplace violence, is the ideal outcome. Grounding prevention programs in education, vigilance and sound response systems reduces overall risk and harm. Shared prevention strategies include educating employees on the warning signs, encouraging them to report their concerns, maintaining a database of those concerns and documenting response actions. Ensuring review of reported behaviors and verifying data practices might help reduce harm across the known risks.

While not often observable, concerning behaviors present for the insider threat. These can include, for example, downloading or accessing substantial volumes of data, attempting to log in inappropriately, accessing sensitive data without authorization, and seeking to expand access beyond appropriate job parameters. While these activities are not normally precursors to violence, they can certainly harm your company, people and resources.

Engaging with problematic employees through support, a structured focus and multi-disciplinary resources is also a sound prevention strategy. Offering potential solutions to issues, enlisting help for the employee and sometimes simply providing a sounding board can be among the first steps to redirecting the employee’s focus and assuaging their frustrations. Positive interactions may reduce the likelihood of harmful action and allow management teams to evaluate behaviors over the long-term, ideally as a matter of improved interaction and performance. If your employees feel valued, your risks of an insider attack or workplace violence decline.

Employees More Likely to Report Concerns About Workplace Violence Than Insider Threats

Part of the overall safety fabric is to ensure recognition of the stressors and environment that contribute to problem behaviors in the workplace. If employees feel that your goal in receiving reports is to intervene and mitigate, rather than terminate, they may be more supportive of reporting. Education on what such behaviors may look like is a start to improved intervention.

Employees are more likely to report safety concerns when they feel they are helping the individual or their coworkers. However, employees are sometimes conflicted when reporting an insider threat concern because there is no potential for violence and the stakes seem lower. Your employees need to know that your goal is to intervene and redirect harmful behaviors.

Even with a redirected focus on sharing insider threat and workplace violence concerns, any review of an employee due to a workplace violence issue should also include a review of their data access and management to assess the potential insider threat. Intervention and mitigation strategies can work to prevent either or both risks.

Think Twice

If your duties involve managing risks to your organization, think twice. Ask the hard questions of yourself, your colleagues and your teams, where appropriate. Recognize that prevention is a mix of identification, intervention and redirection. Raise awareness that insider threat actors and those who perpetrate insider violence often share similar motivations. If HR interventions and reviews recognize this potential nexus and address data usage as part of any threat assessment and workplace intervention, you’ll help ensure your workplace remains safe, secure and productive.

Learn more about how Jensen Hughes can help your organization identify and manage insider threats and establish effective workplace violence prevention programs.

Headshot of Debra K. Kirby

About the author

Debra K. Kirby
Debra brings command experience in patrol operations, investigations, organized crime, law enforcement training, policy development, data-led policing and internal affairs with an acute focus on integrity systems, covert operations and the need for strong accountability practices in support of operational priorities.