Our firm is leading the way in insider threat and data breach management. We literally wrote “The Book!”
People are the weak link in the security chain. Unfortunately, it is these same people who have legitimate access to your facilities, systems, people and data – your crown jewels. While the threat of insider-caused organizational harm is on the rise, most companies have no established a formal program to manage this risk. While there may be existing procedures in place to monitor corporate networks for intrusions and the collection of various logs for network analysis, there are likely few controls designed to monitor and respond effectively to insider behavior; specifically, unintentional threats. Moreover, there are few corporations that have implemented holistic Insider Threat Management Programs.
An Insider Threat Management Program is often viewed as an expensive and resource-intensive endeavor, as well as a privacy nightmare. While monitoring licenses, support and operational expenses, and legal and consulting fees can be expensive, costs can be reduced by utilizing existing capabilities and resources. Most companies will have existing departments that either share the objectives of a program or are currently responsible for performing some of the functions. The key is to leverage and use these existing resources and processes to reduce cost and level of effort. The Guide will show you how.
Using our three-phased approach and step-by-step process, you can create an effective and best-in-class Insider Threat Management Program for your organization.
Most security practitioners view the insider threat problem through a pure threat lens (e.g. all employees are threats), yet others as see it as a compliance exercise (e.g. addressing NIST and ISO gaps). The key and real value, however, is to view insider threat as a risk management problem and view it in the context of asset impacts, vulnerabilities, and threats. In so doing, the organization can gain proper insight into its true risk posture. The purpose of this book is to provide necessary thought leadership on best practices for managing insider threats through the application of a defined insider risk management model.
The purpose of this guide is to provide a resource for initiating, developing, and implementing an Insider Threat management program (ITMP). This guide will assist you in effectively obtaining leadership support and assembling your team, developing a risk-based action plan, creating a policy and governance structure, implementing monitoring requirements, and building an oversight and compliance framework to ensure continued employee and leadership support.
Insider Threat management programs are quickly becoming standard practice throughout private and public industry. In today’s data breach-ridden and high-velocity business environment, security practitioners must be able to understand and implement programs in the most efficient manner possible. This is significant, as this task also requires balancing the protection of corporate assets with the privacy of employees, which raises myriad legal considerations.