Postmodernism and the Insider Threat
By TorchStone Vice President, Scott Stewart
Insider threats are nothing new; factors such as greed, grievance, duplicity, and malice have long served to motivate workers to steal from or cause harm to their employers. Indeed, greed and grievance form a powerful dyad that combine to provide the motive for many, if not most insider threats. Ideology, however, can also be a powerful motive, as was exemplified by the Soviet spy ring that enabled the Soviet Union to become a nuclear power by stealing nuclear technology from the West. I’d like to, however, focus on the threat posed by a broad ideological movement that transcends politics, nationalism, race or religion. That ideological movement is postmodernism.
Postmodernism may seem a strange topic for a security-related discussion, but I believe it is an important concept for security professionals to understand. This is not meant to be a philosophical or ethical critique of postmodernism; I’ll leave that for the philosophers. My intent here is to briefly describe what postmodernism is and note the way that it impacts how people think about themselves, their employers, truth, and morality. Because of this impact, I believe postmodernist thinking holds significant implications for corporate security professionals.
What is Postmodernism?
The Encyclopedia Britannica defines postmodernism as “a late 20th-century movement characterized by broad skepticism, subjectivism, or relativism; a general suspicion of reason; and an acute sensitivity to the role of ideology in asserting and maintaining political and economic power.” Postmodernism posits that reality is defined by how the human mind interprets and understands the world around it. Because of this premise, postmodernism is highly skeptical of explanations which claim to be universally valid for all groups, cultures, traditions, or races, and instead focuses on the relative truths understood by each person. The postmodernist assertion that all truth is subjective and individualistic is becoming increasingly accepted in academia and throughout Western educational systems. As a result, it can now be found in nearly every aspect of Western society.
It is important to point out that postmodernist thought does not only affect workers from the Millennial generation. It traces its philosophical roots back much farther than that and had taken solid root in the countercultural movement of the 1960s and 1970s. Postmodernism thus influences all generations currently in the workforce, not just the youngest members. Boomers, and Xoomers like me, are not exempted from the influence of postmodernism by any means. However, I do believe that the grip postmodernist thought has on our society is steadily increasing.
In fact, due to the influence of postmodernism, feelings have increasingly come to trump facts, as the notions of what is “right” and “true” have become relative and open to interpretation by each individual. This relativism was clearly reflected in 2016, when the Oxford English Dictionary named “post-truth” its Word of the Year. The skepticism promoted by postmodernist thought tends to place any formal authority under the greatest scrutiny, whether a parent, a company or a government.
This skepticism, relativism, and mistrust of authority has obvious security implications for society at large. Indeed, I believe postmodernism’s skepticism, suspicion and a lack of trust of the government and academic experts are among the factors helping to drive many of the fantastical conspiracy theories now being propagated via the internet, such as the irrational belief that 5G communications are causing COVID-19. Despite widespread refutation of this theory by the scientific community, it is actually gaining traction, and we are seeing an increase in the tempo of attacks against 5G cell towers, and threats and assaults against telecom workers.
Postmodernism’s Threat to Companies
In addition to these larger societal consequences, I believe postmodernism also has very clear security implications for corporations. Employees can now feel justified in doing whatever they perceive and believe to be right, even if such actions do not confirm with the company’s policies or with local, federal and international law. In this way an employee can justify almost any illegal activity, to include espionage, theft, Foreign Corrupt Practices Act violations, insider trading, conflicts of interest, etc.
This justification to act may be amplified in cases in which the employee adopts the belief that the company they work for is somehow “evil” or has undertaken actions that violate the employee’s definition of right and wrong — even if the company has violated no laws or government regulations. One of the ways the postmodernist mistrust of authority is manifesting itself in insider threat cases is when employees decide to assume the role of public vindicator in relation to their employer and decide to take action to publicly right a perceived wrong. This vindicator role applies in cases where employees go public on their own and stands in contrast to legitimate whistleblower cases where an employee who wants to report wrong does so through the appropriate channels.
I would argue that it is in this sense that postmodern thought was at play when former National Security Agency employees Edward Snowden and Reality Winner, and former U.S. Army soldier Chelsea Manning all decided (separately) to steal highly classified government information in response to what they perceived to be wrongdoing. In each of these cases, they chose to publicly broadcast their findings instead of going through the formal whistleblower channels to make their concerns known to the proper authorities.
But the danger of this “post-truth” world is not just confined to government secrets. It also applies to corporate espionage, as companies can no longer rely on a set of formal rules and general norms to keep employees from stealing sensitive data, as many employees feel that they can create their own rules. It also does not matter if the employee doesn’t have the whole story and comes to a false conclusion. The fact that they “felt” something was wrong justifies their vindictive action in their mind and is reason enough to permit retaliation. From a postmodernist perspective, if an employee believes their employer is “bad,” that is sufficient justification for them to act in whatever manner they deem appropriate.
Combine this mindset with a little bit of old-fashioned greed, or perhaps an employee grievance, and you have the perfect recipe for theft, corporate espionage or sabotage. Meanwhile, employees also have more places to find data, more tools to steal it, and more people willing to pay them for or publish stolen data than ever before. This confluence means that it is all the more crucial that companies are aware of it and ensure their insider threat and data security programs are creatively attuned to account for this growing threat.