SEI Insights

Insider Threat Blog

Real-World Work Combating Insider Threats

The 16th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 16: Define explicit security agreements for any cloud services, especially access restrictions and monitoring capabilities. In this post, I discuss the importance of including provisions for data access control and monitoring in agreements with cloud service providers.

The 14th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 14: Establish a baseline of normal behavior for both networks and employees. In this post, I discuss the importance of considering data volume, velocity, variety, and veracity when establishing a baseline of network or employee behavior.

The 13th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 13: Monitor and control remote access from all end points, including mobile devices. In this post, I discuss the importance of having policies and procedures in place that dictate how remote access from end points are monitored and controlled.

The twelfth practice described in the newly released Common Sense Guide to Mitigating Insider Threats is Practice 12: Deploy solutions for monitoring employee actions and correlating information from multiple data sources. In this post, I discuss this newer practice that involves collecting, managing, and analyzing data from multiple sources that offers insights into insider activity that can lead to cybersecurity incidents.

The ninth practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 9: Incorporate malicious and unintentional insider threat awareness into periodic security training for all employees. In this post, I discuss the importance of educating employees, managers, and trusted business partners about the role they play in preventing, detecting, and mitigating insider threats, and practices they should follow for protecting organizational critical assets.