| Insider threats have been around for many years. However, organizations have been slow in adopting measures to protect against this significant risk. Organizations have experience protecting the network perimeter from outside threats and implementing intrusion detection tools, malware, and firewalls. These tools are ineffective once someone is already within the security wall. In addition, the idea of "perimeter defense" is disappearing as businesses rely more and more on outsourced services from third-parties, use cloud-based servers to either store data or use applications, have an increase in the volume of network traffic, and allow employees to use mobile devices while working. Implementing preventative and detective measures may be difficult for some organizations, but the biggest challenge is not technology-based but rather strategy-based. The purpose of this capstone project is to raise awareness of insider threats among management and open a dialog between management and IT professionals regarding insider threat risks. The goal is to bridge the gap between these two groups to help organizations implement a more effective insider threat management program. This paper examines current management perspectives on insider threat risks, analyzes insider threat cases and current mitigation efforts by organizations, and reviews various risk management frameworks to address insider risks. Key findings and recommendations highlight the need for management to incorporate insider risk mitigation strategies into business processes using mitigation tools that focus on data and people having access to that data. The overall business strategy must include IT security measures. Management and IT professionals need to look for risk management techniques that focus specifically on insider risks instead of using ad-hoc measures and informal tracking mechanisms. Keywords: Economic Crime Management, Dr. Shannon L. Johnson, socio-technical, cybercrime, systematic, fraud, alignment. |
