Article

The Invisible Insider: Rethinking Risk Across Cyber, Physical, and Human Threats

Why public sector organizations must adopt more integrated, intelligence-driven approaches to identify converged threats before they escalate

By: Tim Kirkham
Related Resources

Checklist

Building NITTF-Aligned Insider Risk Programs for Government Organizations

Article

How Federal Agencies Can Connect Digital Intelligence to Real-World Action
Line illustration of a capitol building dome on a dark blue background.

Article

Bringing the Ontic Platform to the Federal Government

This article was originally published in Homeland Security Today.

For years, insider threat programs in the public sector have followed a familiar model: monitor for suspicious activity, investigate when something goes wrong, and respond accordingly. That model was built for a different era—one where threats could be separated into “cyber” or “physical,” and managed within distinct domains. That world no longer exists. 

Today’s threats are blended, behavioral, and cross-domain. The same individual can move across systems, facilities, and teams, leaving behind a trail of small, disconnected signals. A badge swipe at an unusual time. A low-level policy deviation. A subtle change in workplace behavior. On their own, these indicators rarely trigger concern. But together, they can reveal emerging risk well before an incident occurs. 

Read the full article in Homeland Security Today.

Learn More

Connected Intelligence for the Public Sector

Tim Kirkham
Tim Kirkham
Vice President, Investigations Practice | Ontic
More From This Author →

Related resources

Article

What is Protective Intelligence? (2026)

A male executive on an airplane looking at his phone
Article

Why CEOs Are Becoming Political Targets and How Protection Must Evolve

Article

The Business Case for Connecting Dispatch with Incidents and Investigations

Article

Modernizing Protective Intelligence for National Special Security Events