Insider Threat 1
Insider Threat 1
Insider Threat 1
TIP CARD
We often think of cyber threats as coming from an anonymous criminal, hundreds of
miles away behind a computer screen. However, current and former employees who
have intimate and valuable knowledge about a company are also capable of committing
a cybercrime.
Incorporate insider threat awareness into periodic security training for all employees.
Implement strict password and account management policies and practices.
Define explicit security agreements for any cloud services, especially access
restrictions and monitoring capabilities.
Ensure that sensitive information is available to only those who require access to it.
Use a log correlation engine or security information and event management (SIEM)
system to log, monitor, and audit employee actions.
Develop a formal insider threat mitigation program.
BEHAVIORAL INDICATORS
A good way to prevent an insider threat is to train your employees to recognize some
common behavioral indicators among their colleagues. US-CERT has identified the
following behavioral indicators of malicious threat activity:
Sector 2012.
Financial Services
Remotely accesses the network while on vacation, when sick, or at odd times during
the day.
Works odd hours without authorization.
Unnecessarily copies material, especially if it is proprietary or classified.
Expresses interest in matters outside the scope of their duties.
Shows signs of drug or alcohol abuse, financial difficulties, gambling, illegal activities,
poor mental health, or hostile behavior.
IC3.gov
If you are a victim of online crime, file a complaint with the Internet Crime
Compliant Center (IC3) at www.ic3.gov.
FTC.gov
Report fraud to the Federal Trade Commission at www.ftc.gov/complaint.