Free shipping on all orders in the USA!

Insider Threat: A Guide to Understanding, Detecting, and Defending Against the Enemy from Within

ISBN: 9781849288392
Publisher: It Governance Publishing
Publication Date: 2016-09-20
Number of pages: 312
  • Sale
  • Regular price $70.41

Any used item that originally included an accessory such as an access code, one time use worksheet, cd or dvd, or other one time use accessories may not be guaranteed to be included or valid. By purchasing this item you acknowledge the above statement.


Insider Threat - A Guide to Understanding, Detecting, and Defending Against the Enemy from Within looks beyond perimeter protection tools, and shows how a security culture based on international best practice can help mitigate the insider threat to your security.
It also provides some short-term quick fixes that can be applied as your organizations builds an effective insider threat programme.
Read this book to learn:
The seven organizational characteristics common to insider threat victims.The ten stages of a malicious attack.The ten steps of a successful insider threat programme.How to construct a three-tier security culture, encompassing artefacts, values and shared assumptions.
Insider Threat details the measures that organizations can implement to ensure high-impact quick wins, mapping appropriate security controls from the ISO 27001, ISO 27002, and NIST SP 800-53 standards to the following points, and more:
Risk mitigation and the eight steps of a risk assessmentThe importance of training and awareness, and conducting staff background screeningMonitoring and auditing the activities of general and privileged users, and quickly responding to suspicious behaviorsMetrics to measure insider threat behavior and mitigationThe challenge of external or temporary insiders (such as consultants, support contractors, partners, service providers, temporary employees)Layering physical and digital defenses to provide defense in depthThe importance of conducting regular penetration testing to evaluate security controlsLimiting, monitoring and controlling remote access and mobile device useEnsuring supply-chain securityMaintaining an incident management capability
It also sets out what not to do, listing a set of worst practices that should be avoided.

Customer Reviews