Insider Threat

Every type of organisation is vulnerable to insider abuse, errors or malicious attacks. These can impact reputation, operations and profitability, and expose data, harm the organisation, or deliver valuable intellectual property into competitors' hands.


Insiders can be current or former employees, contractors, or other business partners who have been granted authorised access to networks, systems or data, and all of them can bypass security measures through legitimate means.


Product overview


Insider Threat - A Guide to Understanding, Detecting, and Defending Against the Enemy from Within looks beyond perimeter protection tools, and shows how a security culture based on international best practice can help mitigate the insider threat to your security.


It also provides some short-term quick fixes that can be applied as your organisations builds an effective insider threat programme.


Read this book to learn:


The seven organisational characteristics common to insider threat victims.

The ten stages of a malicious attack.

The ten steps of a successful insider threat programme.

How to construct a three-tier security culture, encompassing artefacts, values and shared assumptions.





Insider Threat details the measures that organisations can implement to ensure high-impact quick wins, mapping appropriate security controls from the ISO 27001, ISO 27002, and NIST SP 800-53 standards to the following points, and more:


Risk mitigation and the eight steps of a risk assessment

The importance of training and awareness, and conducting staff background screening

Monitoring and auditing the activities of general and privileged users, and quickly responding to suspicious behaviours

Metrics to measure insider threat behaviour and mitigation

The challenge of external or temporary insiders (such as consultants, support contractors, partners, service providers, temporary employees)

Layering physical and digital defences to provide defence in depth

The importance of conducting regular penetration testing to evaluate security controls

Limiting, monitoring and controlling remote access and mobile device use

Ensuring supply-chain security

Maintaining an incident management capability





It also sets out what not to do, listing a set of worst practices that should be avoided.


The insider threat comes in many forms. Insider Threat is the most in-depth guide to help you prepare for them. Order your copy today.


About the author


Dr Julie Mehan is the founder and president of JEMStone Strategies and a principal in a strategic consulting firm in Virginia. She has delivered cyber security and related privacy services to senior commercial, Department of Defense and federal government clients working in Italy, Australia, Canada, Belgium and the United States. Dr Mehan is also an associate professor at the University of Maryland University College, specialising in courses in cybersecurity, cyberterror, IT in organisations, and ethics in an Internet society.