Understanding the insider threat & how to mitigate it
It is a widely held belief that the vast majority of threats to businesses are from outside attackers, with the stereotypical view of hackers trying to make money through crime.
The problem with this viewpoint is that it does not consider the threat from a malicious insider. There is a tendency to trust staff once they have been hired and have passed any policy-based background checks or vetting processes, and to only consider external attack vectors.
This paper is intended to give a high-level view on the insider threat for those looking to implement a defensive programme. It considers the types of attack that may take place and some of the common weaknesses that aid insider attacks. It also covers some of the policies and controls that can be implemented to detect, deter or defend against the insider threat.