People are the weak link in the security chain. Unfortunately, it is these same people who have legitimate access to your facilities, systems, people and data - your crown jewels. While the threat of insider-caused organizational harm is on the rise, most companies have no established a formal program to manage this risk. While there may be existing procedures in place to monitor corporate networks for intrusions and the collection of various logs for network analysis, there are likely few controls designed to monitor and respond effectively to insider behavior; specifically, unintentional threats. Moreover, there are few corporations that have implemented holistic Insider Threat Management Programs.
An Insider Threat Management Program is often viewed as an expensive and resource-intensive endeavor, as well as a privacy nightmare. While monitoring licenses, support and operational expenses, and legal and consulting fees can be expensive, costs can be reduced by utilizing existing capabilities and resources. Most companies will have existing departments that either share the objectives of a program or are currently responsible for performing some of the functions. The key is to leverage and use these existing resources and processes to reduce cost and level of effort. The Guide will show you how.
Using our three-phased approach and step-by-step process, you can create an effective and best-in-class Insider Threat Management Program for your organization.