Book Review: Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft

Organizations tend to think that once they hire an employee or a contractor, that person is now part of a trusted group of people. Although an organization might give an employee additional access that an ordinary person would not have, why should it trust that person? If competitors or similar entities want to cause damage to an organization, steal critical secrets, or put a company out of business, they just have to find a job opening, prep someone to ace the interview, and have that person get hired. Depending on their objectives and patience, companies may never know they’ve been compromised.
Amy Pedersen, Vice President of Syngress Publishing said, “The threat is real and Dr. Cole and Ms. Ring have the case studies to prove it. Insider Threat profiles threats from state and federal government, commerce, banking and financial sectors, and contractors.”
Inside the book coverage:
-Don’t Underestimate Your Opponent
Most large insider attacks are well-orchestrated conspiracies, often
involving your major competitors and, at times, foreign governments.
-Factor in the Real Financial Risk of an Insider Attack
In the case of one pharmaceutical company, annual losses from one attack
were estimated at $350M annually.
-Understand the Key Technologies Used By Insiders
Methods of attack include steganography, encryption, and information
-Master the Art of Patience
The first sign of insider threat is usually the tip of the iceberg;
surveillance over time will reveal the entire conspiracy.
-Put the Technology to Work
Tools include mole detection, profiling, monitoring, anomaly detection,
signature analysis, and die pad for data.
-Define an Acceptable Level of Loss
Why Insider Threat analysis should include anticipation of an acceptable
level of loss.
-Implement Successful Screening Techniques for New Hires
Most organizations do not require background checks. Do you know what
tip-offs to look for when hiring?
-“Trust No One, Suspect Everyone” Becomes an Essential Mind-Set
Detecting and determining the source of insider threats mean entering a
state of constructive paranoia.
-Protect Your Most Important Intellectual Property Assets
Access to strategically important formulas, data, and business plans must
be restricted and reviewed regularly.