11 Tips for Spotting Insider Threats

Image Source: Article

Image Source: Article

Security pros are constantly being warned about insider threats. We’re told our companies need next-generation software, integrated threat intelligence, and the ability to correlate massive amounts of event logs and context to arm ourselves against these threats.

We’re told that these tools are necessary to block attacks and to recover from attacks, should they be successful. Unfortunately, when companies eventually figure out that they’ve been compromised, they also discover their systems had been compromised for an extended period of time.

As I discussed this topic with a number of people during the recent BlackHat conference in Amsterdam, I realized there must be some way for companies to see that could be a victim of an insider attack well before the authorities come knocking on their front door.

In this article, I've collected advice from 11 security experts aimed at helping companies detect an insider attack sooner rather than later.

Thank You Contributors!
A huge thanks goes to the group of experts, representing many companies and technologies, that contributed to this article:

Read the full article on Network World
(requires registration)