Every day, our clients confront shifting risks to their families, homes, assets and reputations. Some of these threats will be the topics of upcoming blogs authored by me or one of our other private client advisors. These will range from escalating cybersecurity risks to affluent families as the Ukraine War heats up to other topics such as very slow major city police department response times to 911 calls and other emergencies and how families should prepare to protect themselves when these delays occur. Today, however, I want to highlight another critical risk factor for families that are commanding more of our time these days: the insider threat.
You’re Most Vulnerable to Your Inner Circle
Any family with means is more susceptible than others to fraud, cyberattacks, extortion, or even violent acts such as robbery, kidnapping and ransom demands.
The greatest threats come from those nearest and dearest to us. This is especially true for families who employ individuals within the household and family office or use IT and security experts to maintain family networks, devices, and other communications infrastructure.
A Brief List of Vulnerabilities
What kind of risks am I talking about? These range from accidental and inadvertent to malicious and predatory. Here are a few examples:
- A nanny or babysitter takes photos of your home’s interior or expensive artwork and shares them with her boyfriend – who then disseminates them even more widely in his network.
- The family’s 16-year-old posts on social media the family’s dates of travel for a trip to Cannes – or the fact that she’s with her mom buying jewelry on Madison Avenue or Rodeo Drive.
- An overnight guest is permissioned onto the family’s internet network, accesses an unsecured website, and downloads malware that compromises the family’s most private information.
- A family office manager or third-party vendor uses sensitive information such as passwords, codes and inside knowledge of the family’s circumstances to commit theft or fraud.
Here are 10 Actions You Can Take to Manage Your Internal Threat Risk.
1. Conduct Regular Due Diligence Background Investigations on All Employees and Vendors
In addition to checking arrest or court records and credit scores, perform regular investigations of your employees’ and vendors’ finances. Bankruptcies, lawsuits from credit card companies or other financial providers, high credit-to-debt ratios, and frequent credit inquiries may indicate poor finances. If the employee or vendor is struggling to pay bills, they may be more likely to engage in theft or bribery to make ends meet.
2. Maintain Familiarity with Your Employees’ Social Media Activity
By following your employees on social media, you can keep a protective eye on the kinds of posts they make. Develop a formal social media policy for employees that defines behavioral expectations and helps mitigate risks associated with employee social media activity.
3. Notify Employees and Vendors of Background Checks
For many families, trust is everything. It’s important not to allow a cloud of suspicion to undermine staff morale and commitment to doing good work and supporting the family’s interests. Instead, consider being transparent and up-front with all staff, advisors, and vendors and let them know that employment requires due diligence background investigations for all personnel.
4. Have All Personnel Sign Non-Disclosure Agreements (NDA)
Make sure employees and vendors understand that photos and social media postings about the family and your property are prohibited and that the family will pursue legal action if the NDA is violated.
5. Elevate Your Protective Measures for High-Value or Sensitive Assets or Events
Before conducting any high-dollar transactions, investigate the dealer. Check for fraud lawsuits or whether the dealer or seller has experienced recent financial distress.
6. Attend to Your Home’s Physical Security
Invest in locks, alarms, motion sensors, and gates not connected to the Internet or tied to a system that can be exploited by criminals. Also, consider a safe room with landlines or satellites for communications, as home invaders can take out a modem or use a frequency jammer to jam phone lines and WiFi connections.
7. Hire a Local Security Firm to Provide Residential and Physical Security Services
Security firms are typically faster to respond to a security incident than law enforcement and will have access to security logs and video footage. They will likely have resources and staff who can help establish a digital security footprint as well.
8. Assess and Upgrade Your Technical Security Systems
Use encryption for email and phones and multi-factor authentication (MFA) when logging into all accounts, especially financial institutions. Internet-protocol (IP) cameras may be used as long as they reside on a local area network (LAN) and do not include access to the Internet.
9. Track and Monitor Your Family’s Online Exposure
Engage trusted, trained, and licensed third parties who know how to scour both the open and dark web for posts concerning the family, home or property. Use this information to update your physical and digital threat assessments.
10. Maintain Proper Insurance Policies
Make sure you have a good umbrella policy to protect your finances in the case of litigation. A cyber insurance policy will pay in the event of a ransomware attack, and the ability to buy bitcoin to pay such a ransom will be crucial. Always ensure against theft and vandalism as well as fire and flooding.
Vigilance is Protection
Life for families with means comes with different challenges than those faced by most people. But that shouldn’t take away from life’s enjoyment. With proper threat assessment, mitigation and vigilance, you and your family can live comfortably knowing you are protected and have the right measures in place to counter any vulnerabilities you confront.