Preventing And Responding To Insider Threats Essay Examples

This paper highlights the learning and knowledge gained from the research paper on “Preventing and Responding to Insider Threats”. In a summary, it looks into the meaning, impacts, measures of prevention and response, and the importance of the research on insider threats.
Insider threats refer to an individual who accesses an organization’s information system in a way that may negatively impact on the organization. It is one of the biggest risks facing corporate data in many organizations. The scope of this problem has been expanding at an alarming rate that is beyond the traditionally known threat by former and current employees. The insider threat negatively impacts on the organization’s operations, reputation, culture, financial plans and other disastrous consequences.
Most cases of the insider security threats originate from the extended enterprise that include trusted partners and both current and ex-employees of the organization. Some of these incidences arise from accidental behavior while others do authorized things with malicious intentions. Either way, it remains a costly encounter for any organization affected. Unauthorized access even in cases where credentials are stolen, lost or compromised can be managed by control of access. Many situations of data breach occur due to negligence and theft of passwords. Management of threats resulting from shared passwords is an efficient way to deal with this problem. By restriction of user individual network access by physical location and setting connection time limit, the organization reduces the risk of unauthorized access. User Lock of concurrent login prevents the ability to share credentials as the legitimate users will limit their network access abilities. It will motivate adherence to policy of password security and will help protection of critical assets owned by the organization. Access to all critical information and assets owned by the organization should be attributed to one individual employee for accountability. The organization will be in a position to know who exactly is using their network and what activity they are doing. The organization employees should be educated on issues touching the security of data. They have to understand the security policies and procedures, why they do exist and the security measures to be taken when one is using the network.
Appropriate response is required for suspicious access behavior by monitoring and automatically blocking all the disruptive access sessions. The User Lock alerts the network administrator as soon as malicious activity is detected. In the event of network security breach, accurate IT forensic should be performed. The records of all locking and logging events enable the network administrators to account and carry out legal investigations. When responding to these threats, the organization has to be very keen to avoid false accusations as these will negatively affect the organization as well. Sufficient evidence has to be gathered before any prosecution process is commenced. Alternatively, the attackers can be allowed on to minimize their effects and be directed into honey pots instead.
The insider threat continues to pose risks to many organizations in all sectors across the globe and this research provides a strategized recipe of tools to prevent leakage of data. Security solutions that can manage access to network by all organization employees have to be formulated and implemented. The IT teams should therefore, focus on the security of user access control in order to prevent the insider threat.