Employees usually must rationalize bad behavior.

Rationalization acts as a mental mechanism that lets employees justify unethical actions to themselves, reducing cognitive dissonance and maintaining a positive self-image as a good worker. In security and insider-threat contexts, this idea is captured by the fraud triangle—pressure, opportunity, and rationalization. When someone faces a tempting breach or policy violation, they often create excuses (“it’s just this one time,” “the policy is unfair,” “everyone does it”) to make the action feel acceptable. That tendency is why the statement is considered true: people often need some form of justification to proceed with bad behavior at work. This understanding also explains why strong ethics training, clear policies, leadership accountability, and controls that limit opportunity are essential—they reduce the chance that someone can rationalize violating rules. Of course, not every employee will rationalize or act on it, but the tendency is common enough to be a major factor in security training and policy design.