Chapter 7. Technical Insider Threat Controls
Chapter 6, Best Practices for the Prevention and Detection of Insider Threats, covered the broader range of insider threat controls, including both administrative and technical controls. This chapter will be of interest to the more technical readers among you, as it contains suggestions for new technical controls you can implement to prevent and detect insider threats. These controls are the output of the insider threat lab. First, we describe the lab at a high level, then we explain how we developed these controls, and then we describe each control. Note that the controls become increasingly sophisticated as you progress through the chapter, since we present them in the order they were developed. ...
Get The CERT® Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.