E-Handbook:

Crafting an insider threat program: Why and how

BACKGROUND IMAGE: shironosov/iStock

Tackle IT threats that originate inside your company

Friend or foe? When it comes to IT threats these days, it does not make sense to distinguish between the two. Insiders increasingly are the source of IT security breaches.

These insiders who threaten security might be malicious -- employees who are disgruntled, on strike or who perhaps have just been terminated or believe their jobs may be slated for downsizing. But an inside threat might come about inadvertently when, for example, an employee exposes a company's network by clicking on an email that then downloads malware. Whether intentional or inadvertent, the threat of security breaches that originate inside the company must command the attention of corporate security teams.

This three-part guide offers an in-depth assessment of insider threats and provides actionable advice on how to deal with them. Insider threats are in many ways a "people problem." Training to heighten employee awareness and promote their understanding of their role as part of the "security perimeter" is crucial and can reduce the danger of insider threats.

But the best defense is a multilayered one. That's why this guide includes a review of the various technologies available to deal with insider IT threats. Up-to-date security policies that deal explicitly with the issue of insider threats and a security toolkit that includes the latest technological aids are the best current ways to cut off hacker access to corporate systems.