Security News > 2022 > May > How to set up a powerful insider threat program

A recent Imperva report found only 18 percent prioritized spend on a dedicated insider threat program compared to 25 percent focused on external threat intelligence.

In addition to getting people onboard and policies in place, the business will need to inventory its data and locate data sources, determine how it will monitor behaviors, adapt the training program, and carry out investigations as well as how the ITP itself will be assessed on a regular basis.

They'll then need to consider how to inventory and access internal and external data sources and to do this the working group will need to familiar with record handling and use procedures specific to certain data sets.

Instead, an insider threat risk assessment should be executed to identify gaps in security controls and business processes or to assess the ease with which data can be exfiltrated and how well digital forensics processes performed.

Consider how you can bring in insider threat management to other security policies, such as those covering BYOD, and ensure that trusted business partners and sub-contractors are subjected to insider threat risk assessments too.

The aim of implementing an insider threat program is to ensure that not just the business, its data or its processes are protected from harm, but also its employees.

News URL

https://www.helpnetsecurity.com/2022/05/10/insider-threat-program/