This paper identifies steps that organizations can use to enhance their security posture to detect potential insider threats.
This paper was produced by bringing together experts from industry, academia, and government who drew on research and case studies as well as hands-on experience to comprehensively describe current effective detection of insider threats and events, especially in the cyber domains. Because the paper is neither exhaustive nor a final reference, it is anticipated that it will serve as a resource to continue maturing insider risk management.*
* The authors were a working group including members from the Defense Industrial Base and Information Technology Sectors.