Preparing for Insider Attacks
Good preparation is the key in responding to an insider attack. The most critical preparation step is the development and implementation of policies. These policies should spell out acceptable and unacceptable behavior by employees. They should explicitly address system administrators and others with elevated privileges. The policies should have senior management buy-in. They might, for example, be signed by either the CEO or a direct report.
The policies must be distributed to all employees, who should then acknowledge receipt of them. For example, the policies could be distributed during employee orientation, and employees could be required to sign a statement confirming that they have received, read, and understood ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
