Monday, July 12, 2021

Insider Threat

 
An Insider can be ANYONE Employee, Contractor, Business Partner, etc. with the right motive and means, and can have a Tactics at their disposal, that will put an organization’s assets at risk. An organization must Think Outside The Box to successfully detect and mitigate the risks posed by Insiders.
 

 
 
Malicious Insiders don’t care about compliance regulations. They just look for security gaps and vulnerabilities within an organization, to achieve their objectives. The impacts from Insider Threat incidents can be very severe, costly and damaging. 
 
Not all incidents by Insiders are malicious. Non-Malicious Insider incidents can be just as damaging as malicious incidents. Given this threat landscape, it is imperative that critical infrastructure entities prioritize and dedicate resources to preempt and/or mitigate insider threat.
 
To help The National Counterintelligence and Security Center (NCSC) issued “Insider Threat Mitigation for U.S. Critical Infrastructure Entities: Guidelines from an Intelligence Perspective. Read on attached document if you interested .  insider threat 
 
Related to this is another whitepaper by Simone (Cy) Genna publish by SANS Title: Information Security Starts with the Employees which you can download from here 
 
 
 
#cybersecurity #informationsecurity #databreach #datasecurity #intelligence #infrastructure #risk

0 comments:

Post a Comment

Twitter Facebook Favorites More