Year
2018
Abstract
Insider Threat is well known as the ultimate risk for operating nuclear facilities due to the insiders ability to bypass multiple elements of a security system with their inherent access rights and facility knowledge. However, it is arguable as to whether enough is being done to mitigate this risk. This paper discusses several key insider case studies, highlighting the challenges in dealing with this type of threat - including the potential for over-reliance on assurance or rules-based mitigation, such as security vetting, and the ‘two-person rule’ - before considering whether more can be done to address the insider threat. A review of techniques and methods being tested within counter-radicalisation has also been undertaken, including work associated with insider identification and motivation.