{"id":1306,"date":"2013-09-16T12:22:38","date_gmt":"2013-09-16T09:22:38","guid":{"rendered":"http:\/\/saisa.eu\/blogs\/Guidance\/?p=1306"},"modified":"2013-09-16T12:22:38","modified_gmt":"2013-09-16T09:22:38","slug":"common-sense-guide-to-mitigating-insider-threats","status":"publish","type":"post","link":"https:\/\/saisa.eu\/blogs\/Guidance\/?p=1306","title":{"rendered":"Common Sense Guide to Mitigating Insider Threats"},"content":{"rendered":"

Software Engineering Institute<\/a> has published the latest revision of the “Common Sense Guide to Mitigating Insider Threats<\/a>“. It is good reading for any security manager, and provides 19 practises that each organization should implement.<\/p>\n

Definition<\/a><\/p>\n

\n

Malicious insider<\/strong> is defined as a current or former employee, contractor, or business partner who meets the following criteria:
\n\u2022 has or had authorized access to an organization\u2019s network, system, or data
\n\u2022 has intentionally exceeded or intentionally used that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization\u2019s information or information systems<\/p>\n<\/blockquote>\n

It focuses on IP (intellectual property) theft, IT sabotage, and fraud.<\/p>\n

\"SEI-insider-2012\"<\/p>\n

It is based on the database of more than 700 insider threat cases.<\/p>\n

Plus<\/p>\n