Building an insider threat program that works – Part I

The consequences of failure range from failed security audits and interruptions of service or product deliveries to more significant degradation of ongoing operations, monetary losses and lasting reputational damage. In extreme scenarios, there is even the potential for bodily injury and loss of life. In response, many corporate and government leaders have invested heavily over the past few years in controls designed to mitigate the likelihood and consequences of a damaging insider event. Policy and procedural controls naturally have played a big part in these nascent insider threat programs, but so have a number of emerging technologies grouped under the umbrella of Security Analytics. Given the high capital and personnel costs of such technology investments, the central question is whether they are having a significant positive impact. Based on my…


Link to Full Article: Building an insider threat program that works – Part I