Insider Threat - A Guide to Understanding, Detecting, and Defending Against the Enemy from Within
BIC: COMPUTER SECURITY, COMPUTING: GENERAL
BISAC: COMPUTERS / General, COMPUTERS / Security / General
Published: 20 Sep 2016
Every type of organisation is vulnerable to insider abuse, errors, and malicious attacks: grant anyone access to a system and you automatically introduce a vulnerability. Insiders can be current or former employees, contractors, or other business partners who have been granted authorised access to networks, systems, or data, and all of them can bypass security measures through legitimate means.
Insider Threat – A Guide to Understanding, Detecting, and Defending Against the Enemy from Within shows how a security culture based on international best practice can help mitigate the insider threat, providing short-term quick fixes and long-term solutions that can be applied as part of an effective insider threat program.
Read this book to learn the seven organisational characteristics common to insider threat victims; the ten stages of a malicious attack; the ten steps of a successful insider threat program; and the construction of a three-tier security culture, encompassing artefacts, values, and shared assumptions. Perhaps most importantly, it also sets out what not to do, listing a set of worst practices that should be avoided.
Successfully build a defence programme against insider threats with the guidance this book provides.
1: The Hidden Threat
2: Insider Threat Models and Indicators
3: The Unintentional Insider Threat
4: Insider Threat, Big Data and the Cloud
5: Regional Perspectives on Insider Threat
6: Best Practices, Controls and Quick Wins
7: Final Thoughts