TY - ADVS
T1 - The insider threat
T2 - a problem wrapped in perplexity
AU - Renaud, Karen
PY - 2024/2/19
Y1 - 2024/2/19
N2 - The insider threat is a real problem for modern organisations. The human is undeniably a lot harder to secure than technical parts of the socio-technical system. The traditional approach is to formulate policies, disseminate them during awareness drives, and mandating compliance. When someone makes a mistake like clicking on a phishing message, they are sent for retraining. This approach relies on two assumptions: (1) knowing=doing, and (2) compliance will reduce the insider threat.
AB - The insider threat is a real problem for modern organisations. The human is undeniably a lot harder to secure than technical parts of the socio-technical system. The traditional approach is to formulate policies, disseminate them during awareness drives, and mandating compliance. When someone makes a mistake like clicking on a phishing message, they are sent for retraining. This approach relies on two assumptions: (1) knowing=doing, and (2) compliance will reduce the insider threat.
KW - insider threat
KW - risk mitigation
KW - taxonomy
UR - https://futurescot.com/the-insider-threat-a-problem-wrapped-in-perplexity/
M3 - Blog Post
ER -