Paper - American Academy of Arts & Sciences

A Worst Practices Guide to Insider Threats: Lessons from Past Mistakes

| April 2014

Insider threats are perhaps the most serious challenges that nuclear security systems face. All of the cases of theft of nuclear materials where the circumstances of the theft are known were perpetrated either by insiders or with the help of insiders; given that the other cases involve bulk material stolen covertly without anyone being aware the material was missing, there is every reason to believe that they were perpetrated by insiders as well. Similarly, disgruntled workers from inside nuclear facilities have perpetrated many of the known incidents of nuclear sabotage. The most recent example of which we are aware is the apparent insider sabotage of a diesel generator at the San Onofre nuclear plant in the United States in 2012; the most spectacular was an incident three decades ago in which an insider placed explosives directly on the steel pressure vessel head of a nuclear reactor and then detonated them. While many such incidents, including the two just mentioned, appear to have been intended to send a message to management, not to spread radioactivity, they highlight the immense dangers that could arise from insiders with more malevolent intent. As it turns out, insiders perpetrate a large fraction of thefts from heavily guarded non-nuclear facilities as well. Yet organizations often find it difficult to understand and protect against insider threats. Why is this the case?

Part of the answer is that there are deep organizational and cognitive biases that lead managers to downplay the threats insiders pose to their nuclear facilities and operations. But another part of the answer is that those managing nuclear security often have limited information about incidents that have happened in other countries or in other industries, and the lessons that might be learned from them.

In the world of nuclear safety, sharing of incidents and lessons learned is routine, and there are regularized processes for it, through organizations such as the International Atomic Energy Agency (IAEA) and the World Association of Nuclear Operators (WANO). Nothing comparable exists in nuclear security...

Continue reading "A Worst Practices Guide to Insider Theft: Lessons from Past Mistakes"

About This Paper

A Worst Practices Guide to Insider Threats: Lessons from Past Mistakes

A Worst Practices Guide to Insider Threats: Lessons from Past Mistakes
For more information on this publication: Please contact Managing the Atom
For Academic Citation: Bunn, Matthew and Scott D. Sagan. “A Worst Practices Guide to Insider Threats: Lessons from Past Mistakes.” Paper, American Academy of Arts & Sciences, April 2014.

The Authors

Scott Sagan