Insider threat: prevention, detection, mitigration, and deterrence

✍ Scribed by Turner, James;Gelles, Michael G

Publisher: Elsevier Science & Technology;Butterworth-Heinemann is an imprint of Elsevier
Year: 2016
Tongue: English
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

Presents a set of solutions to address the increase in cases of insider threat, including espionage, embezzlement, sabotage, fraud, intellectual property theft, and research and development theft. Focuses on management and employee engagement, as well as ethical, legal, and privacy concerns. Also includes tactics on how to collect, correlate, and visualize potential risk indicators into a seamless system for protecting an organization's critical assets.;Front Cover; Insider Threat; Copyright Page; Contents; About Deloitte; About the Author; Foreword; Acknowledgments; 1 Introduction -- Insider Threat Today; Introduction; Looking Ahead; This Book; What is Insider Threat?; What Motivates an Insider to Act?; Environmental Drivers; "Bricks and Mortar" to "Bits and Bytes"; The Virtual Space; Exfiltration Points; Technology and the Insider Threat; Changing Workplace Demographics; Social Media and Validation:; A Technical Workforce:; Expectations of Ownership:; Limited Control:; Challenges Managing Information:; Information Mobility.

✦ Table of Contents

Front Cover
Insider Threat
Copyright Page
Contents
About Deloitte
About the Author
Foreword
Acknowledgments
1 Introduction --
Insider Threat Today
Introduction
Looking Ahead
This Book
What is Insider Threat?
What Motivates an Insider to Act?
Environmental Drivers
"Bricks and Mortar" to "Bits and Bytes"
The Virtual Space
Exfiltration Points
Technology and the Insider Threat
Changing Workplace Demographics
Social Media and Validation:
A Technical Workforce:
Expectations of Ownership:
Limited Control:
Challenges Managing Information:
Information Mobility. Detecting the Insider ThreatPatterns of Behavior
Mitigating Asset Loss: An Integrated Approach
Defining Critical Assets
Detection
Developing a Secure Workforce
Establishing a Workforce Culture to Mitigate Risk
Top 10 Tips for Leaders
1 Define The Insider Threats
2 Define Your Risk Appetite
3 Optimize a Broad Set of Stakeholders
4 Don't Forget the Fundamentals
5 Trust but Verify
6 Look for Precursors
7 Connect the Dots
8 Stay a Step Ahead
9 Set Behavioral Expectations
10 One Size Does Not Fit All
In Summary
Key Takeaways. 2 Common Challenges to Maturing an Insider Threat ProgramIntroduction
Challenges Faced by Program Managers
Are There More Insider Threat Cases Now Than There Have Been in the Past?
How Does an Organization Define Insider Threat?
Why Do Insider Threat Programs Need to Look Beyond the Malicious Insider?
Why Are Insider Threat Related Policies and Training Important?
What Capabilities Differentiate an Industry-Leading Insider Threat Program?
How Do I Escalate and Triage Potential Threats Identified by the Program?
How Do I Position an Insider Threat Program to My Workforce? How Do I Scale My Insider Threat Program?What are the Skillsets a Leading Program Needs to Have?
What Data are Needed to Proactively Identify Potential Insiders?
How Do I Evaluate and Select an Advanced Analytics Tool?
What Challenges are Generally Encountered When Standing Up a Program?
How Mature Does My Program Have to Be?
How do You Measure the Return on Investment?
Key Metrics
A Global Perspective
Key Takeaways
3 From Bricks and Mortar to Bits and Bytes
The Transformation from Bricks and Mortar to Bits and Bytes
Insider Threat in a World of Bricks and Mortar. Transitional PhaseInsider Threat in a World of Bits and Bytes
Same Behavior, Different Context
Is Insider Activity More Prevalent Now?
The Workforce in a World of Bits and Bytes
Mitigating the Insider Threat in the World of Bits and Bytes
The Insider Threat of Bits and Bytes: A Case Study
Key Takeaways
4 Identifying Functional Ownership
Introduction
Program Location
Executive Support
Independence
Collaboration
Developing a Program to Prevent, Detect, and Respond Framework
Program Ownership
Functional Assessment in Choosing a Program Owner
Program Design
Strategic Framework.

✦ Subjects

BUSINESS & ECONOMICS--Industrial Management;BUSINESS & ECONOMICS--Management;BUSINESS & ECONOMICS--Management Science;BUSINESS & ECONOMICS--Organizational Behavior;Business enterprises--Security measures;Employee crimes--Prevention;Risk assessment;Electronic books;Business enterprises -- Security measures;Employee crimes -- Prevention;BUSINESS & ECONOMICS -- Industrial Management;BUSINESS & ECONOMICS -- Management;BUSINESS & ECONOMICS -- Management Science;BUSINESS & ECONOMICS -- Organizational

📜 SIMILAR VOLUMES

Insider Threat. Prevention, Detection, M

📁 Insider Threat. Prevention, Detection, Mitigation, and Deterrence

✍ Michael G. Gelles 📂 Library 📅 2016 🏛 Butterworth-Heinemann 🌐 English

Insider Threat: Detection, Mitigation, Deterrence and Prevention presents a set of solutions to address the increase in cases of insider threat. This includes espionage, embezzlement, sabotage, fraud, intellectual property theft, and research and development theft from current or former em

Surveillance and Threat Detection. Preve

📁 Surveillance and Threat Detection. Prevention versus Mitigation

✍ Richard Kirchner (Auth.) 📂 Library 📅 2014 🏛 Butterworth Heinemann 🌐 English

Surveillance and Threat Detection: Preve

📁 Surveillance and Threat Detection: Prevention versus Mitigation

✍ Richard Kirchner 📂 Library 📅 2014 🏛 Butterworth-Heinemann 🌐 English

Surveillance and Threat Detection offers readers a complete understanding of the terrorist/criminal cycle, and how to interrupt that cycle to prevent an attack. Terrorists and criminals often rely on pre-attack and pre-operational planning and surveillance a

The insider threat: assessment and mitig

📁 The insider threat: assessment and mitigation of risks

✍ Thompson, Eleanor E 📂 Library 📅 2019 🏛 CRC Press 🌐 English

Terrorist Profiling and Law Enforcement:

📁 Terrorist Profiling and Law Enforcement: Detection, Prevention, Deterrence

✍ Noel McGuirk 📂 Library 📅 2021 🏛 Routledge 🌐 English

The CERT Guide to Insider Threats: How t

📁 The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes

✍ Dawn M. Cappelli, Andrew P. Moore, Randall F. Trzeciak 📂 Library 📅 2012 🏛 Addison-Wesley Professional 🌐 English

Since 2001, the CERT® Insider Threat Center at Carnegie Mellon University’s Software Engineering Institute (SEI) has collected and analyzed information about more than seven hundred insider cyber crimes, ranging from national security espionage to theft of trade secrets. <