5 Best Practices to Prevent Insider Threat - 0 views
insights.sei.cmu.edu/...to-prevent-insider-threat.html
best practices practices threat hospitality software technology
shared by augu010 on 15 Feb 20
- No Cached
-
Insider threat continues to be a problem with approximately 50 percent of organizations experiencing at least one malicious insider incident per year, according to the 2017 U.S. State of Cybercrime Survey.
-
While intellectual property (IP) theft, IT sabotage, fraud, and espionage have continued to appear as the primary forms of malicious insider threats, new research has led us to understand the patterns related to unintentional insider threats. These threats represent a significant risk for organizations and potential attack vectors for malicious insiders and external adversaries.
-
Know and protect your critical assets Develop a formalized insider threat program Deploy solutions for monitoring employees actions and correlating information from multiple data sources Clearly document and consistently enforce policies and controls Incorporate malicious and unintentional insider threat awareness into periodic security training for all employees
- ...18 more annotations...
-
The trust that organizations place in their workforce can leave them vulnerable to malicious insiders, who often use particular methods to hide their illicit activities.
-
Current technology allows seamless collaboration, but also allows the organization's sensitive information to be easily removed from the organization. A complete understanding of critical assets (both physical and logical) is invaluable in defending against attackers who will often target the organization's critical assets.
-
Critical assets can be both physical and logical and can include facilities, systems, technology, and people. An often-overlooked aspect of critical assets is intellectual property.
-
Organizations should ensure policies and controls provide: concise and coherent documentation, including reasoning behind the policy, where applicable consistent and regular employee training on the policies and their justification, implementation, and enforcement Organizations should be particularly clear on policies regarding acceptable use and disclosure of the organization's systems, information, and resources use of privileged or administrator accounts ownership of information created as a work product evaluation of employee performance, including requirements for promotion and financial bonuses processes and procedures for addressing employee grievances
-
wareness training for the unintentional insider threat should encourage employees to identify potential actions or ways of thinking that could lead to an unintentional event, including level of risk tolerance--someone willing to take more risks than the norm attempts at multi-tasking--individuals who multi-task may be more likely to make mistakes large amounts of personal or proprietary information shared on social media lack of attention to detail
-
Our intent was to develop a single definition for insider threat that covers malicious and non-malicious (unintentional) insider threats covers cyber and physical impacts applies to both government and industry is clear, concise, consistent with existing definitions of 'threat', and broad enough to cover all insider threats