Cyber security defense strategies to detect, counter and respond to cyber attacks become increasingly challenging when the threats originate from within, from the organization’s authorized users.
The term “ insider threat” is often used to describe members of an organization , or associates such as a contractor,with malicious intent. However, threats can also result inadvertently from employees, or from policy violations which allow malicious outsiders to gain system access.
An increasing number of threat cases, from high profile data leaks to even the most successful external attacks, have some insider threat component. This illustrates the importance of developing an insider threat program. This paper seeks to identify best practices to mitigate or reduce insider threats , whether intentional or inadvertent, using administrative and technical controls.