Page 56 - Cyber Warnings
P. 56
number of privileged accounts, restrict access to sensitive information as much as possible and
create an unfavorable working environment for malicious actions.
In order to achieve this, there are two major principles that you should follow:
• Principle of least privilege – each new account by default should be created with the
lowest level of privileges possible. The level of privileges should only be raised if it is
necessary. This way you limit the number of privileged accounts inside your organization
and make sure that all of them have specific purpose and are constantly in use.
• Principle of separation of duty – duties inside the organization should be divided
between individuals as much as possible, promoting collaboration whenever a complex
task needs to be solved. Statistically, employees are much less likely to conduct
malicious actions when they are collaborating with other employees. For example,
actions, such as backup and restoration of data should be separated between different
people if possible.
The two aforementioned principles work together to minimize opportunities for insider attacks
and strengthen overall data security posture of your organization.
Step 3. Conduct thorough risk assessment
Risk assessment is the necessary process that allows to identify all the weak points in your
current security and give you a clear understanding of what needs to be improved.
There are three major steps to risk assessment:
• Identifying a potential threat
• Identifying how vulnerable your organization is to this threat
• Identifying how much damage would be done in case of this type of an attack
Received information will give you a clear understanding of what security measures should be
implemented and how their implementation should be prioritized.
Risk assessment should be conducted periodically as well as anytime when a major changes to
security or network infrastructure are introduced. Insider threats should be examined as an
integral part of your risk assessment process. As a result, you should get a clear understanding
of the effectiveness of your insider threat prevention and protection measures and how to
strengthen them accordingly.
Overall, results of a thorough risk assessment should be used to build and revise general
company security strategy, including protection from both insider and outsider threats.
Step 4. Work on employee security awareness
In many cases, security breaches are directly caused by employees neglecting simplest security
rules and practices. Such neglect more often than not comes from the fact that majority of
employees are poorly educated in the matters of cyber security. Employees are often either
completely unaware of certain security practices, or are willingly breaking them in favor of their
56 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
