INSIDER THREAT DETECTION AND MITIGATION TECHNIQUES

Abstract

Most of the organizations these days are focusing on building their security program in order to stop malicious outsiders from affecting the confidentiality, integrity and availability of data.Inthis process, organizations are investing large sums of money and a lot of man hours.Although security controls like antivirus, proxies, firewalls, etc. are efficient to stop most of the attacks carried out by external perpetrators, they can be rendered useless when an attack is carried out by a trusted internal resource.The threat that insiders pose to businesses, institutions and governmental organizations continues to be of great concern.Recent industry surveys and academic literature provide great evidence thatshows the significance and the impact that this threat can pose.This paper will discuss the main factors that can help an organization to improve its security to protect against internal attacks.