Posted on by Best Practicesin
Hello, this is Randy Trzeciak, Technical Team Lead of Insider Threat Research for the CERT Program, with the second of 19 blog posts that describe the best practices fully documented in the fourth edition of the Common Sense Guide to Mitigating Insider Threats.
The CERT Program announced the public release of the fourth edition of the Common Sense Guide to Mitigating Insider Threats on December 12, 2012. The guide describes 19 practices that organizations should implement across the enterprise to mitigate (prevent, detect, and respond to) insider threats, as well as case studies of organizations that failed to do so. The second of the 19 best practices follows.
Practice 2: Clearly document and consistently enforce policies and controls.
It is important that organizations develop policies and controls that focus on the protection of their critical assets, people, information, technology, and facilities. But beyond the creation of policies and controls, organizations must clearly communicate the existence of these policies and controls and take the necessary steps to ensure they are consistently enforced for all members of the organization, including employees, contractors, sub-contractors, and other trusted business partners.
Organizations should ensure that the policies and controls are
Organizations should be particularly clear on policies regarding
Organizations should strive to meet the needs of their employees while consistently setting realistic expectations to avoid employees becoming disgruntled due to perceived injustice. Disgruntlement is a common motivation of insiders who went on to harm an organization by sabotaging one or more of its IT systems. Consistent enforcement may be an effective way to manage the disgruntlement on the part of employees who are affected by organizational events and conditions. Inconsistent enforcement may lead to employees feeling that certain people within the organization are immune to the rules.
Refer to the complete fourth edition of the Common Sense Guide to Mitigating Insider Threats for a comprehensive understanding of the issues and recommendations mentioned.
Check back in a few days to read about best practice 3, Incorporate insider threat awareness into periodic security training for all employees, or subscribe to a feed of CERT Program blogs to be alerted when a new post is available.
If you have questions or want to share experiences you've had with insider threats, send email to firstname.lastname@example.org.