Insider Threat
Prevention, Detection, Mitigation, and Deterrence
- 1st Edition - May 26, 2016
- Author: Michael G. Gelles
- Language: English
- Paperback ISBN:9 7 8 - 0 - 1 2 - 8 0 2 4 1 0 - 2
- eBook ISBN:9 7 8 - 0 - 1 2 - 8 0 2 6 2 2 - 9
Insider Threat: Detection, Mitigation, Deterrence and Prevention presents a set of solutions to address the increase in cases of insider threat. This includes espionage, embezzlem… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteInsider Threat: Detection, Mitigation, Deterrence and Prevention presents a set of solutions to address the increase in cases of insider threat. This includes espionage, embezzlement, sabotage, fraud, intellectual property theft, and research and development theft from current or former employees. This book outlines a step-by-step path for developing an insider threat program within any organization, focusing on management and employee engagement, as well as ethical, legal, and privacy concerns. In addition, it includes tactics on how to collect, correlate, and visualize potential risk indicators into a seamless system for protecting an organization’s critical assets from malicious, complacent, and ignorant insiders. Insider Threat presents robust mitigation strategies that will interrupt the forward motion of a potential insider who intends to do harm to a company or its employees, as well as an understanding of supply chain risk and cyber security, as they relate to insider threat.
- Offers an ideal resource for executives and managers who want the latest information available on protecting their organization’s assets from this growing threat
- Shows how departments across an entire organization can bring disparate, but related, information together to promote the early identification of insider threats
- Provides an in-depth explanation of mitigating supply chain risk
- Outlines progressive approaches to cyber security
Corporate Security Managers and Executives; Executives and Managers in IT, HR, Legal, R&D, Marketing, and Finance; Students and faculty in Security, Criminal Justice, Management, Information Security, Forensics, and Psychology.
- About Deloitte
- About the Author
- Foreword
- Acknowledgments
- Chapter 1. Introduction – Insider Threat Today
- Abstract
- Introduction
- What is Insider Threat?
- Environmental Drivers
- Detecting the Insider Threat
- Mitigating Asset Loss: An Integrated Approach
- Top 10 Tips for Leaders
- In Summary
- Key Takeaways
- Chapter 2. Common Challenges to Maturing an Insider Threat Program
- Abstract
- Introduction
- Challenges Faced by Program Managers
- Key Takeaways
- Chapter 3. From Bricks and Mortar to Bits and Bytes
- Abstract
- The Transformation from Bricks and Mortar to Bits and Bytes
- Insider Threat in a World of Bricks and Mortar
- Transitional Phase
- Insider Threat in a World of Bits and Bytes
- Key Takeaways
- Chapter 4. Identifying Functional Ownership
- Abstract
- Introduction
- Program Location
- Developing a Program to Prevent, Detect, and Respond Framework
- Key Challenges
- Chapter 5. Identifying Critical Indicators in Organizational Data
- Abstract
- Potential Risk Indicators
- Translating Knowledge about Insiders Into Organizational Data
- Identifying Critical Indicators Throughout the Organization
- Key Challenges
- Key Takeaways
- Chapter 6. Establishing an Organizational Risk Appetite
- Abstract
- Risk Tolerance Defined
- Defining Your Organization’s Critical Assets
- Determining the Threat Insiders Pose to Your Critical Assets
- Balancing Security Investments and Tolerance for Loss
- Re-evaluating Asset Prioritization
- In Summary
- Case Study 1: Financial Services Firm
- Case Study 2: Health Care Provider
- Case Study 3: Telecommunications, Media, and Technology
- Key Takeaways
- Chapter 7. Risk Management Using Data Analytics
- Abstract
- Introduction to Advanced Analytics
- Guiding Principles
- Advanced Analytics in Motion
- Selecting the Right Tool
- Business Rule Approach and Development
- Advanced Analytics Security
- Security Analytics as a Business Enabler
- Key Takeaways
- Chapter 8. Information Security and Technology Integration
- Abstract
- Introduction
- Administrative and Procedural Controls
- Technical Controls
- Physical Controls
- Future of Security Controls
- Conclusion
- Key Takeaways
- Chapter 9. Robust Cyber Risk Management
- Abstract
- Cyber Risk Management and Business Performance
- Robust Mindsets: Secure, Vigilant, Resilient
- Insider Threat: A Dynamic, Multilevel Problem
- Building Robust Mental Models and Collective Mindsets
- Common Characteristics: Secure, Vigilant, Resilient Programs
- Key Takeaways
- Chapter 10. Threats Posed by Third-Party Insiders: Considerations for a Vendor Vetting Program
- Abstract
- Introduction
- Trends Driving Prevalence of Vendors in the U.S. Market
- Examples of Threats Posed by Vendors
- Vendor Vetting Defined
- Approach to Vendor Vetting
- Key Takeaways
- Chapter 11. Employee Engagement: Critical to Mitigating the Risk of Insider Threat
- Abstract
- Introduction
- Understanding Why Employee Engagement is a Critical Issue
- Engagement is a Critical Workforce Challenge Today
- Workplace Drivers of Engagement
- Measuring Employee Engagement
- Improving and Sustaining Engagement
- Key Takeaways
- Chapter 12. Workplace Violence and Insider Threat
- Abstract
- Introduction
- A Historical but Cumulative View of Workplace Violence and Insider Threat
- Key Concepts
- Myths Regarding Workplace Violence
- Warning Signs
- Key Takeaways
- Chapter 13. Monitoring and Investigating
- Abstract
- Monitoring
- Responding to an Insider Threat
- Key Takeaways
- Chapter 14. Privacy Considerations for Insider Threat Mitigation Programs
- Abstract
- Introduction
- Data Privacy and the Collection of Potential Risk Indicators (PRIs)
- Balancing Data Privacy with Effective Insider Threat Mitigation
- The Privacy Impact Assessment (PIA)
- Additional Privacy Considerations
- Conclusion
- Key Takeaways
- Chapter 15. What the Future Holds
- Abstract
- Insider Threat: A Look Forward
- The Changing Definition of Insider
- Understanding the Macro Environment
- Emerging Trends
- Big Data and Risk Analytics
- Scenario Planning
- What’s Next?
- Appendices
- Chapter 5
- Appendix G: Business Assurance/Insider Threat Working Group Charter
- Appendix I: Business Rule Development
- Appendix L: FAQs
- Index
- No. of pages: 252
- Language: English
- Edition: 1
- Published: May 26, 2016
- Imprint: Butterworth-Heinemann
- Paperback ISBN: 9780128024102
- eBook ISBN: 9780128026229
MG