Insider Threat Prevention, Detection, Mitigation, and Deterrence

Insider Threat: Detection, Mitigation, Deterrence and Prevention presents a set of solutions to address the increase in cases of insider threat. This includes espionage, embezzlement, sabotage, fraud, intellectual property theft, and research and development theft from current or former employees. This book outlines a step-by-step path for developing an insider threat program within any organization, focusing on management and employee engagement, as well as ethical, legal, and privacy concerns. In addition, it includes tactics on how to collect, correlate, and visualize potential risk indicators into a seamless system for protecting an organization?s critical assets from malicious, complacent, and ignorant insiders. Insider Threat presents robust mitigation strategies that will interrupt the forward motion of a potential insider who intends to do harm to a company or its employees, as well as an understanding of supply chain risk and cyber security, as they relate to insider threat.

Chapter 1: Introduction – A Leader’s GuideChapter 2: Challenges to Mature an Insider Threat ProgramChapter 3: From Bricks and Mortar to Bits and BytesChapter 4: Identifying Functional Ownership, Establishing the ITWG, and Developing CONOPs for Programmatic SuccessChapter 5: Identifying Critical Indicators in Organizational DataChapter 6: Establishing an Organizational Risk AppetiteChapter 7: Risk Management Using Data AnalyticsChapter 8: Information Security and Technology IntegrationChapter 9: Cyber Security and Insider Threat MitigationChapter 10: Vendor Analysis and Supply Chain Risk MitigationChapter 11: Employee Engagement: Critical to Mitigating the Risk of Insider ThreatChapter 12: Workplace Violence and Insider ThreatChapter 13: Monitoring and Investigating Chapter 14: Privacy and Data Considerations When Developing an Insider Threat ProgramChapter 15: What the Future HoldsAppendicesAppendix A: What data is needed to proactively identify potential insiders?Appendix B: Potential Risk IndicatorsAppendix C: How do I position an insider threat program to my workforce?Appendix D: What are the skill sets that a leading program needs to have?Appendix E: What capabilities differentiate an industry-leading program?Appendix F: Insider Threat Program Governance StructureAppendix G: Business Assurance/Insider Threat Working Group CharterAppendix H: How Do I Assess The Maturity of My Insider Threat Program?Appendix I: Business Rule DevelopmentAppendix J: How Do I Address Insider Threat From A Policy And Training Perspective?Appendix K: Use Case: E-Mail ExfiltrationAppendix L: FAQs

• Offers an ideal resource for executives and managers who want the latest information available on protecting their organization’s assets from this growing threat
• Shows how departments across an entire organization can bring disparate, but related, information together to promote the early identification of insider threats
• Provides an in-depth explanation of mitigating supply chain risk
• Outlines progressive approaches to cyber security