Help2Protect: an eLearning program to counter Insider Threats

By Catherine Piana, Managing Director of Help2Protect SRL

In partnership with IACIPP

There are only 2 ways to know if you are being targeted by Insiders: one is to wait for an actual breach of security to happen and the other is to have a program in place that detects Insider Threats and protects against them. Help2Protect is an eLearning Platform dedicated to Security and the Insider Threat courses help you put in place a detection and prevention program against this widespread and yet largely underestimated issue.

A few facts and figures

In the US only, businesses encounter about 2,500 internal security breaches daily. More than 34% of businesses around the globe are affected by Insider Threats yearly and it is estimated that the number of Insider incidents has increased by 44% in the last two years. 66% of organizations consider malicious Insider attacks or accidental breaches more likely than external attacks. The cost per Insider Threat in 2022 is over 15 million USD. Statistics further reveal that more than 70% of attacks are not reported externally. Up to a quarter of these attacks are perpetrated by trusted business partners .

You don’t know until it’s too late

Most organisations discover Insider Threats when it’s too late, while programs exist that can help prevent and detect them, and thereby protect the organisation, its people, assets, infrastructure and reputation. Help2Protect provides 2 streams of training: a very accessible and simple awareness module (30’ on average) and a thorough set of 7 modules, and downloadable template material to create a complete Insider Threat prevention and detection program from the ground up.

It starts with trust

Any organisation may be the target of Insider Threats but Critical Infrastructure are regularly targeted and the impact may be significant not just to the people and infrastructure, but to society as a whole. During Covid19 and even more since the war in Ukraine, attacks have also included a cyber dimension, most of the time supported by human actions that allow these attacks to be carried out.

Three types of Insiders - one tool to detect them

Insiders may be involuntarily helping by not being sufficiently aware and trained about the potential impact of their actions, or they may be negligent. Only a small proportion of Insiders are malicious and have the intentional aim to damage the organisation. The Help2Protect program covers all 3 categories of Insiders: accidental, negligent and malicious. It also includes all types of crimes, including theft, espionage, sabotage, violent activism and organised crime, including terrorism.

Let’s talk about you!

Is your organisation ready to detect and prevent Insider Threats? At which stage of preparation are you and your staff? Does your staff know how to identify red flags, and when, how and to whom they should report them? Do you know how to set up an Insider Threat Program? These are some of the issues that the updated Help2Protect platform will help you address.

Help2Protect will also show you how you can set up an Insider Threat Detection and Prevention Team, including all the relevant departments of your organisation that need to be involved, including Human Resources, Finance, IT, Legal and Security. We take you through the main steps of the process, so you can start protecting your employees, your assets, your customers, your infrastructure, and your reputation.

The 2 modules

- The Awareness Module (AM): is for any member of your staff, whatever their level of education or skillset. It seeks to explain how the organisation may be targeted, what types of behaviours and red-flag actions should raise their attention. By explaining the potential consequences of Insider attacks on the staff and the organization, it encourages them to report actions and behaviours that are deviating from what one might expect in a normal situation. To make this very concrete, six actual cases are briefly introduced, and the actions that should have been taken to prevent them. This Module takes participants about 30 minutes to complete. They then take a quiz and download their personalised certificate.

- The Program Development Module (PDM): includes 7 modules and a Manual, as well as a toolbox of template documents. The complete set of 7 modules takes about 3 hours to complete. The Manual serves as a “learning companion” and can be downloaded. The modules address the following themes:
- Demonstrating the Return on Investment of an Insider Threat Program
- Going into detail of 6 Insider Threat cases and explaining the Insider’s motivations, profiles and the pathway to malicious action or behaviour – including the windows for detection
- Understanding various Insider Threat models and how they can be identified before it’s too late
- Building an Insider Threat Prevention team: criteria and success factors
- Guidelines for safe hiring from an HR perspective
- How to communicate about the Insider Threat policy within the organisation
- Best practices from experts who have gone through actual Insider Threat cases

How was the platform created?

Help2Protect is a spin-off of an EU-funded project (DG HOME Internal Security Fund), called AITRAP. During the 2-year project, the companies involved, namely Securitas, DHL, Palmyra Aviation Advisors and the Confederation of European Security Services, carried out a meta-analysis of all the literature and tools on Insider Threats and created this unique e-learning platform with the support of a specialized e-learning company in the Netherlands, called Splintt. The project Manager and Coordinator made sure that the platform would be financed for 3 years but at the end of this period (end 2021), it had to close down. They then decided to take it over, review it and update it. Help2Protect became a joint venture between them. At the moment, the platform only provides courses on Insider Threats but it will in the future include more modules, for example on how to build a security culture.

What is special about Help2Protect?

The team that took over are security practitioners who are closely and daily in touch with EU and International security organisations and decision-makers. They use their field experience to make the modules rich and real. They also have a deep understanding of and experience in the human psychology, as well as training and coaching experience.

---

The Help2Protect Management Team:

Hugo Lücke
Managing Director and Co-Owner of Help2Protect SRL, former project manager of the EU-funded AITRAP Project.

Catherine Piana
Managing Director and Co-Owner of Help2Protect SRL, former coordinator of the EU-funded AITRAP Project, on behalf of CoESS - Confederation of European Security Services.