This article is an opinion piece intended to provoke thought and discussion on the evolving landscape of insider risk. It reflects the personal views of the author and is meant to stimulate debate and reflection.
At seven years old, I walked out of a local store with a chocolate bar I hadn’t paid for. My mother’s reaction - best left between me and my therapist - taught me a fundamental lesson: actions have consequences. This lesson may seem unrelated to the rising insider risk within today’s geopolitical landscape, but it holds a crucial insight.
Heightened global tensions are profoundly impacting organisations, particularly through the growing issue of insider risk - when individuals, intentionally or unintentionally, compromise security, integrity, or reputation. State-sponsored efforts to acquire sensitive defence or industry data through insiders accelerate domestic production, bypassing the immense cost and time required for legal R&D.
According to our data and observations from other experts in the industry, insider risks are surging. Much of this increase is driven by states exploiting geopolitical instability, economic sanctions, shifting alliances, and ongoing conflicts. This creates fertile ground for insider recruitment.
Recent weeks have seen global tariffs imposed, U.S. employees with sensitive access reassigned or dismissed, Europe announcing unprecedented defense spending, and, of course, the ongoing war in Ukraine. These factors combine to create the perfect storm:
Grievance & Uncertainty: Economic and political instability fuel dissatisfaction among employees, increasing the pool of potential insider risks.
Expanded Access: Europe’s defense spending surge means more personnel with access to sensitive information and therefore, more opportunities for leaks or sabotage.
Russian Motives: The war in Ukraine has only intensified Russia’s drive to infiltrate and disrupt Western defense initiatives.
Cyberattacks have long been the primary concern for organisations, leading to heavy investments in cybersecurity. However, insider risks remain critically underestimated.
Why?
Visibility & Media Attention: External cyberattacks often impact the public directly, making headlines. Insider risks, by contrast, remain largely internal and unnoticed, until it’s too late...
Psychological Bias: Insider risks challenge our fundamental trust in colleagues. Many CEOs, after experiencing insider incidents, say the same thing: “But I thought of my staff as family.” Families, as my therapist would remind us, can be dysfunctional. This is optimism bias in action. And worse, we tend to assume adversaries think as we do, that they weigh consequences in the same way.
Returning to my childhood chocolate heist. I don’t steal now, not out of moral virtue (though I would like to believe that) - but because the consequences are severe. Rational choice theory tells us that when the cost outweighs the benefit, people don’t act. But what if the consequence was negligible? What if compromising security came with near-total impunity? I might be tempted to act differently.
For states engaged in insider recruitment, the benefit is enormous, and the risk is negligible. Individual insiders and targeted organisations suffer the consequences; prison, and financial loss - but states remain largely untouched. By outsourcing espionage to organised crime groups and local proxies, states gain:
Deniability: A buffer between the state and those conducting the espionage.
Scalability: A broader operational reach, both geographically and across industries.
Cost Efficiency: Outsourcing is cheaper, more flexible, and avoids the risks of using official intelligence operatives.
For states seeking to outpace Western competitors, espionage is not a backup plan; it’s the logical choice. Cyber threats remain significant, but prolonged exposure has led organisations to build strong defenses. Insider risk, by contrast, is only now being recognised as an urgent and underfunded vulnerability.
With Europe on the verge of its largest defense spending increase since WWII, Western organisations need to realise one thing: this investment presents a shopping list for rival states. They fully intend to take what they need - without paying. The question is: will we let them?
To address these challenges effectively, organisations should consider comprehensive insider risk assessments and insider risk programmes. These tools help identify vulnerabilities and equip teams with the skills needed to recognise and prevent insider risks. Contact us today for help.