How to Use Value Stream Mapping to Address Insider Threats

Threatswitch Team
July 18, 2016

At national defense and security agencies, few executives think of applying process improvement methodologies to their internal security operations – and especially not to their insider threat initiatives.

This is a major missed opportunity. Why? Because methodologies such as value stream mapping are extremely effective at shoring up your agency’s insider threat detection efforts.

Insider Threats Equal Process Errors

When you conduct a value stream mapping session for your internal security measures, you frame the problem of insider threats as a quality issue and process error. This re-framing allows you to use a value stream map to bolster and reinforce your internal security processes, so process quality increases and process errors decrease.

Previous insider threat incidents reinforce this viewpoint: The Washington Navy Yard shooting and both of the Fort Hood shootings are examples of the internal security processes experiencing drastic – and deadly – errors. Because agency executives didn’t properly map and review each security procedure, the processes set them up for failure once the internal threats surfaced.

But the process errors you might encounter at your security or defense agency don’t have to be violent shootings just to be fatal to your operations. An insider threat might take the form of espionage, system sabotage , robbery or some other harm to your agency.

So, when it comes to addressing your internal threat detection efforts, you need to treat them just like any other quality problem or operational process: with proven tools such as value stream mapping.

Five Ways To Address Insider Threats Through Value Stream Mapping 

Akin to process mapping,value stream mapping helps you visualize your end-to-end security processes, including personal identification card issuance and retention, network monitoring and all other internal security measures. Here are five ways to use a value stream map to bolster your insider threat detection initiatives:

  1. Gap Detection: Value stream maps illustrate the gaps that occur between current insider threat policy and the actual processes that occur in your agency.
  3. Aggregate Data: Value stream mapping helps you aggregate all the critical pieces of information across your security processes so you’re better able to deter, detect, mitigate and defend against insider threats.
  5. Group Brainstorming: A value stream mapping session is a group activity that brings together the best minds from across your organization, empowering you to develop the best solutions and address the most critical concerns.  Voices that may not typically be heard during high-level executive strategy sessions are of huge importance during these meetings – the way processes are implemented on the ground may be effective but they are rarely perfectly aligned with the way that the policy mandates are carried out.
  7. Outcome Focus: Value stream maps focus on the outcome of a particular process (and track how effectively and efficiently your current process works to achieve the outcome), mitigating the risk of an internal security incident occurring due to a process oversight.
  9. Effective Communication: Whether your process, or system is performing optimally or poorly, a value stream map helps you communicate the nature and status of your processes quickly and easily to your team members.  Drawing a comprehensive picture of the process helps everyone involved to understand their relationships with the other pieces of the process and ultimately provides a sense that the team is all working together to achieve one common goal.

If you’re serious about detecting and deterring insider threats at your defense or security agency, you need to conduct a value stream mapping session right away. With a value stream map in hand, you’re able to continually strengthen and refine your internal security processes to mitigate the risk of insider threats.

Keep Reading

Posts by Topic

Subscribe to our