Insider threats can pose greater risks to company data than those associated with external attacks. Here are some techniques to help you spot and mitigate them as quickly as possible.
A report recently released by the Institute for Critical Infrastructure Technology pointed out that most cybersecurity incidents (both intentional and accidental) are the result of some action by insiders.
Earlier this year, I covered some ways to reduce insider security risks. As a follow up, I want to look at further strategies which can assist system administrators in quickly detecting and reducing the threat of insider risk — a critical requirement given the fact some insider security breaches can go undetected for weeks, months or years.
Here are 10 more tips to reduce insider threats:
1. Establish a security incident and response team
Even if it consists of one individual, a dedicated team is essential to security success. This team should be responsible for preventing, detecting and handling incidents and have documented plans and procedures for each. Provide them as well as general IT staff with security training to keep up on the latest tactics and threats is also a key factor in identifying insider threats as quickly as possible.
2. Use temporary accounts
Set up third-party employees such as contractors or interns with temporary accounts MORE