Charis Rice and Rosalind Searle outline some work they are undertaking that looks at counterproductive work behaviour – behaviour that could result in revenge, data disruption, or even systems destruction.

It is now widely recognised that trust is a good thing for organisations. Being able to trust employees to do their work helps managers run their organisations efficiently. Employees who trust their organisation and their leaders are not only more likely to work hard, but to go beyond the objectives of their role, to exhibit ‘citizenship behaviour’.

But trust, to a large extent, is derived from the past, a bit like driving by looking in a rearview mirror, which is fine as long as the road remains the same. So, what happens when an organisation faces things for the first time, such as having to make redundancies? For employees, periods of change can be important crucibles for trust and distrust.

Change disconnects people from their previous employment roles and disrupts their psychological attachment to the organisation. It alters their relationships with close colleagues through whom their organisational identity is nested. More insidiously, the way change is managed can expose inequalities and inconsistencies leaving those affected feeling less committed. Suddenly previously model employees can become distrustful.

Transformations can create the emergence of internal threats to organisations, as longstanding employees become disgruntled, angry, and sufficiently disengaged to behave in counterproductive ways as a form of redress, or worse, revenge. These can include small scale indiscretions such as time-wasting, through to extremes of insider threat such as destroying systems or divulging confidential information to malicious others; they must therefore be considered within a broader context of threat to wider public and national security.

So, what exactly triggers insider threat, how is this linked to (dis)trust, and how can organisations stay secure during times of change? This is the topic of our project, Assessing and mitigating the impact of organisational change on counterproductive work behaviour: An operational (dis)trust-based framework.

The project seeks to build on our existing evidence base to produce a (dis)trust-based framework for predicting, identifying, and mitigating counterproductive working behaviours (CWBs) and insider threat within an organisational change context. In particular, we want to know:

  1. What impacts are produced by organisational changes in relation to counterproductive working behaviours and insider malicious acts?
  2. What role does (dis)trust within an organisational change context play in CWBs?
  3. What preventative measures can be taken by organisations to help mitigate the threat of counterproductive working behaviours and insider threats in organisational change initiatives?

We hope to provide organisations with a better understanding of how insider threat develops not just from the recruitment of deviant or malicious individuals, but also from otherwise benevolent employees during periods of change.

Our recent work analysing individuals’ cognitions and emotions in a number of organisations, reveals the distinct individual, social, and contextual triggers that enable some employees to remain engaged, loyal. and trusting, while others become disengaged, distrusting, and behave in deviant ways.

In this project, we propose to test, refine, and operationalise our framework through new primary data – critical incident interviews, employee surveys, and analysis of HR documentation – with a security-critical organisation undergoing considerable change. We will develop timelines of trigger incidents for three real-life insider threat cases, allowing testing and refinement to our (dis)trust framework. The framework examines the dynamics of trust and distrust to show how far it is a defining major event – or an accumulation of minor events – that has the greatest impact on insider threat.

We hope to deliver a proactive identification model in the form of a practitioner toolkit which distinguishes between individual, social, and organisational inputs, processes and outputs of insider threat, and which enables tailored mitigation strategies for organisations to innovate and change in a secure environment.

More widely, a key outcome will be a solid evidence-base for policymakers to incorporate into security policies, and for academics to build further comparative studies with the goal of better tackling and ultimately reducing insider acts.


This article was originally published on the Citizen2020 website. Read the original article here.