| |||||||||
| |||||||||
Current Filter: Network>>>>>Feature> Secure on the inside Editorial Type: Feature Date: 05-2015 Views: 2166 Key Topics: Networking Security Insider Threats Cybercrime Security Breaches Key Companies: IS Decisions Key Products: Key Industries: Education | |||
| François Amigorena, CEO of IS Decisions, urges the deployment of an effective insider threat management programme and offers some advice on where to begin We have come to know 2014 as the year of the breach, such was the unrelenting flow of stories about security breaches. It seemed that a week couldn’t pass without a story emerging of yet another organisation having leaked sensitive information. Sony Entertainment, JP Morgan, eBay - big, recognisable organisations were falling foul of what were, to one degree or another, breaches with an internal source. The insider threat was rife. That was 2014's legacy, but what will the legacy of 2015 be? Well, according to some research we have carried out at IS Decisions (User security 2015: the future of addressing insider threat) among IT professionals, this will be the year of addressing the insider threat. In the UK, 43 per cent of organisations already have an insider threat programme, but of those that don't, the majority (69 per cent) are planning to put one in place this year. So everything will turn out fine then… However, with so many IT professionals implementing insider threat programmes and potentially in haste, we all need to stop for a moment and understand what a good insider threat programme actually looks like. How will we measure the effectiveness of these new measures, and how will we know if the new insider threat measures are good enough to prevent a breach? There are many important factors to consider, but to start with, you might want to implement the following elements.
EMPLOYEE EXIT PROCESS Ex-employees are more likely than others to have cause for malicious action while they have no good reason to access to your network. We saw in the case of the Sony Entertainment breach that overlooking this can be disastrous. A simple process can ensure that network access is revoked when a user's employment ceases, yet this doesn't seem commonplace.
NEVER TRUST, ALWAYS VERIFY
POSITIVELY REINFORCE GOOD BEHAVIOUR
REAL TIME ALERTS On the administrator side, being able to monitor and track behaviour in real time is key to understanding how users behave on the network. Similarly, an alert to suspicious behaviour allows the administrator to take action which may potentially stop a breach. | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |