Useful article about the most damaging kind of attack of them all. I have a few customers that have established insider threat programs with varying degrees of success…:
[…] How to Mitigate Insider Threats
As someone who’s no doubt dedicated to stopping insider threats from affecting your organization, what can you do? The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) encourages organizations and businesses to develop and maintain comprehensive insider threat programs.
This process includes:
- Establishing and maintaining an insider threat program.
- Recognizing and reporting suspicious activities, behaviors, or circumstances indicative of insider threats.
- Identifying and protecting your organization’s critical assets through asset management and access management.
- Collecting and assessing information to respond to threats.
Other useful steps include:
- Continually updating and maintaining a user access privilege list.
- Outlining a risk management framework. Establishing incident response, business continuity, and disaster recovery plans.
- Implementing a cyber security awareness training program.