How to Build Cross-Departmental Alliances to Tackle Insider Risk
Security teams can’t manage insider risk alone — cross-departmental collaboration is key to early risk identification and mitigation
The 5 steps to Fostering a Collaborative Insider Risk Approach
Align on Common Goals and Objectives
Develop Mutual Trust and Communication
Implement Joint Policies and Processes
As a security leader, you have the critical responsibility of protecting your organization from insider events — both malicious and unintentional. However, managing insider risk is often like solving a puzzle with pieces scattered across different teams. You strive to create a clear view of potential risks, but you need help from HR, IT, legal, and other departments to see the full picture.
Fostering these cross-departmental relationships can be an uphill battle. Teams often operate in silos, laser-focused on their own specific goals. It’s not that they don’t want to collaborate — in fact, most teams outside of security share your concern for insider risk — but their different objectives and priorities often make it difficult to come together and focus on the bigger picture.
Although collaboration can be challenging, it’s essential. You may not realize it, but as a security professional, you are uniquely positioned to unify the company against insider risks and proactively address incidents. Read on to learn how.
Security is the “bridge” that fosters cross-team collaboration
No department outside of security is better equipped to take charge of insider risk collaboration. Unlike other teams within the organization, you possess the training and knowledge necessary to understand the full picture of what’s required to prevent or investigate insider incidents effectively.
For instance, the HR team at your organization might notice behavioral changes in an employee, while finance may spot suspicious transactions — both critical pieces of the puzzle that your team can connect. Without security as the connector, these warning signs may go unnoticed or remain isolated within each department.
You are also naturally skilled at building relationships outside your immediate team or function. Because your work has always required a cross-departmental perspective, you have long been the one to connect people and teams within a business setting. Consider workplace violence investigations, for example. While you lead these processes, gathering critical background information or making termination decisions requires input from HR, legal, direct managers, and other stakeholders. Typically, it’s on you to take the lead and form these relationships.
These abilities are exactly what’s needed for a coordinated strategy to prevent insider incidents. With the right processes in place, your team can lead the effort in breaking down silos and fostering the collaboration necessary for effective insider risk management.
The 5 steps to fostering a collaborative insider risk approach
Follow these five steps to begin building a sustainable, proactive approach to insider risk collaboration:
1. Align on common goals and objectives
Insider risk isn’t just a security problem — it’s a business problem. Many of your insider risk goals align with the objectives of other departments. To foster collaboration, begin by uniting teams around these shared goals.
For example, you might align with legal around a shared objective to improve incident response times. Corporate legal teams are responsible for ensuring compliance with regulations to protect the company from potential lawsuits. And a strong insider risk program aligns with this by ensuring that security incidents are addressed and resolved quickly to minimize legal liabilities.
The long-term success of your team’s relationships with other departments depends on those groups recognizing the benefits of working together. By aligning goals and objectives, you can highlight the value of collaboration to other teams within the organization.
Insider risk isn’t just a security problem — it’s a business problem.
2. Develop mutual trust and communication
Security professionals are often seen as enforcers, which can create tension when building cross-functional partnerships. Your goal should be to position yourself as a supportive and reliable partner.
Here are some ways to build trust with your insider risk partners:
- Communicate regularly: Hold regular cross-departmental meetings to discuss ongoing risk assessments, trends, and incidents. Emphasize the importance of each department’s role in mitigating risks by taking through scenarios that highlight each department’s ideal response. Understanding creates empowerment, which is often a much more effective motivator for collaboration.
- Be transparent: Share the rationale behind any requests to access employee information or further investigate incidents, and be clear about the security implications of various scenarios. Transparency fosters mutual understanding and ensures that security isn’t seen as operating in a silo.
- Solicit feedback: Ask other departments for input on your insider risk program. By acknowledging their insights, you create a culture of inclusion where departments feel their voices matter in security-related decisions.
3. Implement joint policies and processes
For cross-functional collaboration to be effective, it must include joint policies and processes that transform insider risk mitigation into an organization-wide responsibility — not just a security initiative. Bring HR, legal, IT, and others into process development to ensure everyone is aligned on the approach.
Consider these areas when implementing joint processes:
- Information sharing protocols: Establish clear guidelines for sharing sensitive employee information between departments. These protocols should ensure employee privacy is protected while enabling your team to detect potential risk. Define specific scenarios where access to employee information is justified, and outline the processes for securely retrieving and handling that information.
- Procedures for reporting concerns: Work cross-functionally to create a process for reporting employee behavior that could signal insider risk (like unusual transactions on company credit cards). Centralizing access to these insights creates a more proactive approach to identifying potential incidents before they escalate.
- Onboarding and offboarding processes: Partner with relevant teams to formalize onboarding and offboarding procedures. Onboarding should include cross-departmental training to help new employees avoid unintentional risks and report unusual behavior. Offboarding processes should cover threat assessments, revoking access to company systems, and ongoing data monitoring as needed.
These joint processes and policies help your organization move in lockstep toward a unified, collaborative insider risk mitigation strategy that empowers all departments to contribute to a shared objective.
4. Leverage technology to create a common operating picture
Siloed teams often use different tools and systems. This fragmentation only widens gaps between teams and hinders timely responses to insider risk. To effectively collaborate on insider risk initiatives with others, you need a shared system that gives all parties as-needed access to real-time data and information.
When information like concerning employee behavior, transaction alerts, or facility access is centralized, your team is better able to detect patterns, share insights, and take decisive action. This common operating picture is the hallmark of effective insider risk mitigation because it enables you to take proactive action — preventing incidents from occurring altogether or mitigating their impact.
5. Track and report on shared metrics
Track and measure success in ways that resonate with all teams to ensure ongoing cross-departmental collaboration. As a security leader responsible for insider risk, you’re likely already tracking metrics like the number of insider incidents and investigations in order to show the results of your program. But it’s important that you also monitor metrics that demonstrate positive business impacts cross-functionally.
For example, you could report on metrics related to reduced financial losses, which would resonate with finance teams and encourage their continued participation in insider risk initiatives. Additionally, tracking how your program contributes to regulatory compliance and reduces legal exposure can motivate collaboration with your legal team.
Proper metrics will highlight a story that reflects both security and business outcomes. You’ll not only showcase the value of security initiatives but also foster a culture of continuous collaboration.
Collaboration is your next step in better insider risk prevention
Building a strong insider risk program hinges on effective collaboration across the entire organization. By aligning the necessary departments around shared goals, fostering trust through open communication, and breaking down silos, your organization can take proactive steps to identify, prevent, and respond to insider incidents before they escalate.
As you refine your insider risk program, remember that collaboration doesn’t happen overnight. Proceed with intention and take these steps one at a time to establish a solid foundation of great processes, shared systems, and mutual trust.
