Software Engineering Institute has published the latest revision of the “Common Sense Guide to Mitigating Insider Threats“. It is good reading for any security manager, and provides 19 practises that each organization should implement.
Malicious insider is defined as a current or former employee, contractor, or business partner who meets the following criteria:
• has or had authorized access to an organization’s network, system, or data
• has intentionally exceeded or intentionally used that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization’s information or information systems
It focuses on IP (intellectual property) theft, IT sabotage, and fraud.
It is based on the database of more than 700 insider threat cases.
- The Guide contains mappings in appendix C to NIST SP 800-53 and ISO 27002.