In-company trainings & workshops

Signpost Six offers the possibility of providing training and workshops in-house or off site for a smaller group of participants. We guarantee an interactive and energizing experience with our experts while focusing on insider risk learning and brainstorming objectives tailored to your organisation. Depending on your organisation’s specific needs, our training can range from ½ day workshops to three-day trainings.

Some of our key training themes include:

  • The critical pathway to insider risk
  • Personal vulnerability assessment
  • Nation state espionage
  • Counter-social engineering & virtual identity protection
  • Investigative interviewing

The Critical Pathway to Insider Risk

What happens when individuals conduct malicious acts inside organisations? What processes do they go through and what interventions can be taken from a human perspective? We will look into the mind of an ‘insider’ and provide insights into comprehensive programmes to address insider risk in organisations. We will run the workshop participants through the critical pathway methodology (Shaw and Sellers) by using a case study relevant to the audience. Depending on the size of the group of participants, we will let them read the case and run through the steps of the pathway.

Learning objectives:

  • Recognise the leading indicators of insider risk and the most frequent pathway insiders have travelled as their risk escalated over time.
  • Describe the major components of this Critical Pathway to Insider Risk including personal predispositions, stressors, concerning behaviours,  problematic organisational responses and protective factors.
  • Understand how insider risk can build over time across several identifiable characteristics and steps

The exercise is to recognise the steps of the pathway for the particular case. How did this particular person derail? What could have been done and should have been done to mitigate the growing risk? We will also touch on what measures your organisation has available to manage such risks proactively.

Personal vulnerability assessment

How can you be vulnerable and susceptible to manipulations from others (through ‘social engineering’)?

Learning objectives:

  • Understand the recruitment steps of other actors towards yourself.
  • Exercise to understand your own digital footprint (need for laptops to search the internet using some cues). What can you find about yourself?
  • Discussion about your own vulnerabilities.
  • From the digital to the physical: ways in which an actor approaches you and exploits the available information. What are the signals and measures to take?

Counter- social engineering and situational awareness training

Functional and dysfunctional desensitisation and psychological risk awareness:

  • What are the risks of desensitisation personally and professionally (e.g. not adhering to protocols with higher risks of incidents?).
  • What is functional desensitisation?
  • Where are the boundaries?
  • Examples of desensitisation (group discussion).
  • What can be done to counter dysfunctional desensitisation?

Understanding malicious actors in your surroundings:

  • What happens when individuals conduct malicious acts inside organisations?
  • What processes do they go through, and what interventions can be taken from a human perspective? We will take a look into the mind of individuals who ‘derail’.
  • Is it always foul play, or is the employee simply unaware?
  • What’s the role of the organisation in the derailment of individuals? We will focus on the critical pathway approach (Shaw & Sellers) and will use statistics and case studies to explain how you can take steps to prevent these acts from happening and reduce risks of impacting you and your organisation.

“Red flags” exercise:

Individuals who ‘derail’ within organisations show common characteristics and signals which are often completely overlooked. This workshop will run through a case study in which we will share a storyline of an individual in a diplomatic environment up to leaking sensitive information.

  • What red flags can you find?
  • What dilemmas could you encounter, and how would you deal with them?
  • How does action or inaction increase risk?

Investigative interviewing bootcamp

Interviewing is contiguous, and delegates will appreciate the skill of conducting interviews with a clear purpose, ‘open-mindedly’, and with an investigative mindset; the primary objective being to secure as detailed, reliable, and accurate an account as possible whilst avoiding confirmation bias, and utilising forensically appropriate questioning styles.

Learning objectives:

  • Understand various interviewing techniques, like the cognitive interview and the Scharff technique, relevant to the type of interviewee and interview setting.
  • Build report.
  • Plan and prepare for interviews.
  • Enhance and increase information elicitation skills.
  • Increase awareness of your personal interview style and biases and utilise this in interview settings.
  • Understand dynamics between the interviewee and interviewer and act upon signals of stress. This also includes cultural sensitivities.
  • Raise confidence and enhance professional development.

Nation-state espionage: threats and solutions

A presentation, workshop or briefing format to employees in your industry to counter China’s commercial espionage threat. The briefing sensitises staff to the magnitude of the threat based on case studies, identifying collection tactics, targeted technologies and trade secrets, and overall case statistics. This programme is successful at businesses and universities because hundreds of cases support the analysis.

Training workshop for insider threat / cybersecurity staff

This one-day workshop is tailored to your industry and circumstances. It is designed to give people the tools they need – including threat indicators, collection priorities, tradecraft, etc. – to counter the insider threat posed (specifically) by China. A component of this training is cultural awareness of the business environment (Guanxi, face, collectivism, reciprocity, etc.).

C-Suite discussions

Enough insider risk teams have trouble communicating risks to senior leadership that it became necessary to inject data and analysis into the discussions. This is an issue of subject matter expertise, data, and bespoke analysis. C-Suite discussions include industry-specific examples of insider threat, quantifying loss of research investment and market share.