Practical strategies to mitigate insider threats

Intrusion Defense School

Practical strategies to mitigate insider threats

With more logging and monitoring tools available, detecting illicit insider activity should be easier. Why has the number of insider cases increased dramatically? Because most insiders who commit fraud, theft, IT sabotage, or espionage use authorized access and perform the same online actions that they perform every day. In this lesson, learn what patterns to watch for and what tools you should have in your arsenal to thwart insider threats.

Watch the video, listen to the podcast, read the tech tip then take the quiz to see how much you have learned. Passing the quiz earns you one CPE credit from (ISC)².

View our Security School Course Catalog to view more lessons eligible for CPE credits.

About the expert:
Dawn Cappelli is a senior member of technical staff for the CERT Program at Carnegie Mellon University.

In this part:

Video: Understanding the insider threat

Many enterprise companies often struggle with insider threat, whether it's intentional or accidental. This threat extends throughout every aspect of an organization, so it's vital to mitigate any threat that presents itself to the company.

In this video, Dawn Cappelli, a member of the Technical Staff in CERT at Carnegie Mellon University's Software Institute, outlines three different types of intentional insider threats. She describes all three and explains what patterns to watch for in each of those crimes. She'll also provide the tools needed to develop mitigation strategies for each type of crime.

Tip: Monitoring strategies for insider threat detection

Insider threat detection is a vital part of the security of any enterprise organization. In this tip, part of the Insider Threats Security School lesson, learn about the best insider threat detection strategies.

Bonus Tip: Business partner security: Managing business risk

Allowing outside business partner access to your systems and data always comes with some level of risk. Nick Lewis examines what those risks are and strategies for managing business risk.

Podcast: Top 5 insider threat detection myths

There are many misconceptions about insider threats in the enterprise. This podcast debunks those myths and sets the record straight on what enterprises really need to know about the detection of insider threats.

Quiz: Practical strategies to mitigate insider threats

How much have you learned about detecting and mitigating insider threats? Find out in this short quiz.

Take the quiz