Insider Threat: A Guide to Understanding, Detecting, and Defending Against the Enemy from Within

Book description

Learn how to build a defense program against insider threats Insiders are not always employees and insider threats are not always intentional. This new title from Dr Julie Mehan looks beyond perimeter protection tools and shows how a security culture based on international best practice can help mitigate the insider threat to your security. Discover: The common characteristics of insider threat victims. The typical stages of a malicious attack. The steps you can take to implement a successful insider threat program. How to construct a three-tier security culture, encompassing artifacts, values and shared assumptions. “The author has many, many sound things to say about security culture and practice.” Mark Rowe Use international best practice to implement a high-impact plan Using security controls from the ISO 27001, ISO 27002, and NIST SP 800-53 standards, this title will help you address: Risk mitigation and the eight steps of a risk assessment Staff training and awareness, and conducting background screening Monitoring and auditing the activities of general and privileged users, and quickly responding to suspicious behaviors Metrics to measure insider threat behavior and mitigation The challenge of external or temporary insiders (such as consultants, support contractors, partners, service providers, temporary employees) Layering physical and digital defenses to provide defense in depth The importance of conducting regular penetration testing to evaluate security controls Limiting, monitoring and controlling remote access and mobile device use Ensuring supply-chain security Maintaining an incident management capability The insider threat Every type of organization is vulnerable to insider abuse, errors or malicious attacks. These can impact reputation, operations and profitability, and expose data, harm the organization, or deliver valuable intellectual property into competitors’ hands. Insiders can be current or former employees, contractors, or other business partners who have been granted authorized access to networks, systems or data, and all of them can bypass security measures through legitimate means. Prepare for insider threats with the most in-depth guide on the market and build a defense program using international best practice.