Security News > 2022 > January > Insider threat does not have to be malicious, so how do you protect your organization?

Insider threat does not have to be malicious, so how do you protect your organization?
2022-01-04 05:30

In prevention, you are attempting to ID employees who are high threat before they are able to act on an insider vulnerability.

Not only will the training educate all of the employees as to the threat, but your most likely opportunity for someone to identify a potential insider threat is through another employee.

Post-mortem analysis of "Successful" insider threat attacks identify at least 2 warning signs that could have indicated the intent, had the organization been able to piece them together.

Education! Conduct quarterly training, at least, using real-life examples of insider threat investigations and their findings.

Instead of a "Death-by-powerpoint" engage your audience by showing what is at stake for your organization specifically and how seriously you are taking the threat.

Insider threat requires the entire organization to be on the lookout, and a climate that encourages, enables, and responds to any report therein.


News URL

https://www.helpnetsecurity.com/2022/01/04/insider-threat-attacks/