Insider Threat: A Guide to Understanding, Detecting, and Defending Against the Enemy from Within

Insider Threat - A Guide to Understanding, Detecting, and Defending Against the Enemy from Within looks beyond perimeter protection tools, and shows how a security culture based on international best practice can help mitigate the insider threat to your security. It also provides some short-term quick fixes that can be applied as your organizations builds an effective insider threat programme. Read this book to learn: *The seven organizational characteristics common to insider threat victims. *The ten stages of a malicious attack. *The ten steps of a successful insider threat programme. *How to construct a three-tier security culture, encompassing artefacts, values and shared assumptions. Insider Threat details the measures that organizations can implement to ensure high-impact quick wins, mapping appropriate security controls from the ISO 27001, ISO 27002, and NIST SP 800-53 standards to the following points, and more: *Risk mitigation and the eight steps of a risk assessment *The importance of training and awareness, and conducting staff background screening *Monitoring and auditing the activities of general and privileged users, and quickly responding to suspicious behaviors *Metrics to measure insider threat behavior and mitigation *The challenge of external or temporary insiders (such as consultants, support contractors, partners, service providers, temporary employees) *Layering physical and digital defenses to provide defense in depth *The importance of conducting regular penetration testing to evaluate security controls *Limiting, monitoring and controlling remote access and mobile device use *Ensuring supply-chain security *Maintaining an incident management capability It also sets out what not to do, listing a set of worst practices that should be avoided.